Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
File: 3ikhmJ19kMZOuzVliDH-ao9JyTg.mft (raw, json)
Hash identifier: v+Z6kUmpysfwUAZsoco1AYt9KJ6GWLboP7G/ZblgV+g=
Subject key identifier: 28:5A:8E:3F:2C:BB:01:AF:CD:6C:7D:0B:64:B2:A9:31:FA:7D:68:7B
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 0196C5A7E42F047512894E08844A4F8FF41B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
Manifest number: 09A9
Signing time: Mon 12 May 2025 18:00:36 +0000
Manifest this update: Mon 12 May 2025 18:00:36 +0000
Manifest next update: Tue 13 May 2025 18:00:36 +0000
Files and hashes: 1: 3ikhmJ19kMZOuzVliDH-ao9JyTg.crl (hash: ImU5CVFKqIM6DJQ1WdZnI7/ozXORVegRIMQ5WjACCKQ=)
2: TOKJ7leUflS6UttAZzwZcKF4cuU.roa (hash: FbxsOsIky6908M3EghoAhEv3FVACCPzpDuJvnzX9foU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:a7:e4:2f:04:75:12:89:4e:08:84:4a:4f:8f:f4:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: May 12 18:00:36 2025 GMT
Not After : May 13 18:00:36 2025 GMT
Subject: CN=285a8e3f2cbb01afcd6c7d0b64b2a931fa7d687b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e1:62:bc:3e:f9:36:a8:9f:6e:d1:96:17:48:
6a:09:fb:a6:71:bc:64:01:7d:b4:10:79:f7:a5:6f:
18:70:30:26:bb:44:ef:0f:9c:1b:25:81:31:a5:1b:
b9:3c:cc:fd:d3:1f:ff:60:37:a6:bc:5a:2b:d3:b3:
24:91:b7:a3:f7:66:cf:b2:1b:39:ea:02:da:ea:74:
62:82:17:bb:c2:4e:c8:12:58:03:5b:f2:3a:d5:07:
8e:f1:02:f6:8b:3b:53:d3:da:73:ce:48:e0:6f:ea:
e4:02:70:9c:57:66:55:da:6e:47:95:f8:46:43:4e:
50:be:4b:a3:00:63:56:7a:2c:ce:b0:f6:4b:0e:a4:
74:cc:0b:bd:d4:a0:3f:8b:bc:39:e0:6a:df:35:d4:
64:c6:f5:da:a0:22:48:9d:9d:65:df:9e:ba:30:b9:
4d:e6:53:37:cc:6e:9c:b2:62:b8:62:77:8d:cc:e2:
b9:42:4a:2f:d4:cc:73:b8:7d:e8:39:8c:d2:0a:e9:
d8:a1:57:f1:8d:f7:b9:e7:de:01:5c:c1:6e:b5:50:
d0:7a:40:a3:c0:9d:d7:fc:29:58:9d:9d:18:d6:7c:
dc:0c:ef:42:b6:85:17:02:78:56:0d:ee:9b:0f:83:
60:c9:4c:6a:ef:6f:6d:85:d4:50:c1:35:d2:5c:f1:
b8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5A:8E:3F:2C:BB:01:AF:CD:6C:7D:0B:64:B2:A9:31:FA:7D:68:7B
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cb:8c:f4:08:95:80:c6:a8:61:9b:2d:f5:2d:b4:4f:66:65:6f:
c3:ac:02:56:4a:42:0b:c9:33:68:16:c2:c4:5a:3c:4f:02:ee:
9c:52:2e:d8:70:7d:23:2e:fc:74:2d:f1:d5:6e:a4:f7:3e:33:
70:1f:04:97:08:d5:9f:99:17:a7:85:8b:4d:c9:bd:7f:3c:a2:
f0:25:30:11:53:b3:b1:73:0f:9d:7b:22:03:e5:85:83:e9:41:
4b:19:7f:6b:cf:5f:bd:0f:0a:18:4a:d1:87:43:38:a7:4b:a2:
9d:df:ac:17:3a:69:77:3a:58:4f:2c:4d:05:af:3c:15:ad:92:
31:b5:69:f2:d8:45:6a:e2:00:73:d9:e0:81:98:de:ac:3e:ed:
4e:04:eb:f2:64:ef:86:ef:82:62:d6:f1:c0:fa:a9:55:6f:46:
a2:c0:25:fc:f1:c8:9f:07:d9:d9:78:06:10:68:ad:2b:09:a7:
1e:f3:bc:6a:2e:b3:50:44:c4:b5:f4:fa:00:73:29:ea:6b:53:
f3:67:aa:3d:c4:29:44:55:a5:5c:22:48:40:83:14:44:fa:c5:
5a:1b:4e:18:15:c1:c0:88:b2:3e:18:b4:04:49:09:7f:bf:65:
9d:b8:30:33:bb:6b:cf:6f:e7:af:b4:24:a2:d2:cc:51:eb:81:
4d:6a:a9:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFp+QvBHUSiU4IhEpPj/QbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjUwNTEyMTgwMDM2WhcNMjUwNTEzMTgwMDM2WjAzMTEwLwYDVQQD
EygyODVhOGUzZjJjYmIwMWFmY2Q2YzdkMGI2NGIyYTkzMWZhN2Q2ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweFivD75NqifbtGWF0hqCfumcbxk
AX20EHn3pW8YcDAmu0TvD5wbJYExpRu5PMz90x//YDemvFor07Mkkbej92bPshs5
6gLa6nRighe7wk7IElgDW/I61QeO8QL2iztT09pzzkjgb+rkAnCcV2ZV2m5HlfhG
Q05QvkujAGNWeizOsPZLDqR0zAu91KA/i7w54GrfNdRkxvXaoCJInZ1l3566MLlN
5lM3zG6csmK4YneNzOK5Qkov1MxzuH3oOYzSCunYoVfxjfe5594BXMFutVDQekCj
wJ3X/ClYnZ0Y1nzcDO9CtoUXAnhWDe6bD4NgyUxq729thdRQwTXSXPG44wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChajj8suwGvzWx9C2SyqTH6fWh7MB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy4z0CJWA
xqhhmy31LbRPZmVvw6wCVkpCC8kzaBbCxFo8TwLunFIu2HB9Iy78dC3x1W6k9z4z
cB8ElwjVn5kXp4WLTcm9fzyi8CUwEVOzsXMPnXsiA+WFg+lBSxl/a89fvQ8KGErR
h0M4p0uind+sFzppdzpYTyxNBa88Fa2SMbVp8thFauIAc9nggZjerD7tTgTr8mTv
hu+CYtbxwPqpVW9GosAl/PHInwfZ2XgGEGitKwmnHvO8ai6zUETEtfT6AHMp6mtT
82eqPcQpRFWlXCJIQIMURPrFWhtOGBXBwIiyPhi0BEkJf79lnbgwM7trz2/nr7Qk
otLMUeuBTWqpMA==
-----END CERTIFICATE-----
Generated at Mon May 12 23:56:07 2025 by rpki-client