Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: xJTRHyvLoUFKjelLObhSQMZYv5u6KBtqNK0ap7k08Pc=
Subject key identifier: A0:C2:3A:8C:DF:2D:33:FE:F2:2D:C4:9C:59:CE:39:F4:01:32:6C:56
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 0196C3B9906817F268BC92D91D5A9F0DCD55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 1536
Signing time: Mon 12 May 2025 09:00:40 +0000
Manifest this update: Mon 12 May 2025 09:00:40 +0000
Manifest next update: Tue 13 May 2025 09:00:40 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: d0pQhoM6llWOq2Cl28nRz4eHtCNFIC13S6D35FG2eXM=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 09:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:b9:90:68:17:f2:68:bc:92:d9:1d:5a:9f:0d:cd:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: May 12 09:00:40 2025 GMT
Not After : May 13 09:00:40 2025 GMT
Subject: CN=a0c23a8cdf2d33fef22dc49c59ce39f401326c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:a0:f0:09:6c:35:50:1b:ac:b5:fb:1c:7d:
c8:76:33:be:75:d0:49:74:4f:fe:88:14:ad:28:88:
12:41:ea:47:a4:82:fa:b9:36:79:45:0b:ca:b5:b6:
69:38:a5:90:13:8b:0f:50:9b:11:d8:6d:7b:cd:28:
f5:a3:2f:e3:73:d7:b5:26:ab:62:bd:e7:13:69:54:
f1:b4:62:a7:69:5a:b9:58:49:eb:3d:3f:64:ae:6f:
87:c0:99:82:04:8c:61:72:a7:2f:4b:5d:60:7a:78:
06:ca:f7:bd:96:76:cb:1b:94:50:33:16:c3:29:c1:
14:52:1a:6e:88:2a:3f:83:00:58:a8:af:d6:6a:8a:
08:d4:0a:a9:95:21:72:42:f1:49:bf:03:ba:fb:ea:
9f:0f:c2:ca:ab:cf:71:92:25:46:21:4a:96:a7:f9:
a3:9c:ae:6e:2e:31:42:2d:31:8c:96:9e:cf:bd:7b:
98:f6:ec:4a:ae:68:78:4a:bc:85:31:24:80:bd:1b:
24:c1:31:ad:af:f8:5a:e4:a1:11:99:80:51:d9:12:
87:d8:d7:3d:9d:97:5e:4f:03:fe:c7:f3:75:56:04:
b8:df:c7:9e:1b:cf:0f:3b:4c:2c:e1:8f:aa:7d:1c:
a4:89:24:b0:af:53:1b:38:c2:48:9c:31:0a:e7:a5:
be:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C2:3A:8C:DF:2D:33:FE:F2:2D:C4:9C:59:CE:39:F4:01:32:6C:56
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:c6:fa:6c:1b:cd:12:e5:2b:3f:fe:35:14:60:66:94:43:e0:
30:36:47:d3:6e:ed:7e:b8:cd:20:61:4e:85:cb:1d:a1:4c:51:
37:9f:c6:7c:8a:9a:77:b9:1e:07:d1:d7:60:63:78:b1:d3:08:
76:ce:86:8b:86:00:b1:69:2f:7f:eb:66:32:63:57:b4:f0:47:
b0:82:bb:d4:a7:b0:2c:29:71:62:20:73:d9:db:10:f4:1f:42:
2a:38:17:d3:49:76:6d:e1:29:41:53:db:78:73:8d:11:9f:e8:
77:c0:23:7d:95:a1:af:84:fd:19:30:a6:11:18:bf:1e:e7:46:
ef:6d:d5:cd:23:2a:58:c9:bf:1e:57:d2:43:08:41:c2:93:8d:
a2:01:03:06:b2:13:7d:a9:b2:dd:f4:b3:44:a0:22:88:f7:70:
f8:b8:84:cd:11:f4:23:c1:8d:f3:30:ba:3b:8a:bc:44:90:d6:
c8:3e:9a:57:42:f9:88:6f:f9:eb:78:ad:4d:b5:1a:57:3e:cf:
b7:f8:2d:eb:90:66:b9:c3:ca:46:63:e5:dd:f4:68:75:81:41:
53:c4:45:c8:97:74:49:ff:12:41:32:65:54:96:5c:0c:b0:e3:
f1:86:d7:ee:3e:1e:40:e7:52:54:2a:84:eb:9b:8f:55:49:e8:
ce:3b:2a:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDuZBoF/JovJLZHVqfDc1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUwNTEyMDkwMDQwWhcNMjUwNTEzMDkwMDQwWjAzMTEwLwYDVQQD
EyhhMGMyM2E4Y2RmMmQzM2ZlZjIyZGM0OWM1OWNlMzlmNDAxMzI2YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofqg8AlsNVAbrLX7HH3IdjO+ddBJ
dE/+iBStKIgSQepHpIL6uTZ5RQvKtbZpOKWQE4sPUJsR2G17zSj1oy/jc9e1Jqti
vecTaVTxtGKnaVq5WEnrPT9krm+HwJmCBIxhcqcvS11gengGyve9lnbLG5RQMxbD
KcEUUhpuiCo/gwBYqK/WaooI1AqplSFyQvFJvwO6++qfD8LKq89xkiVGIUqWp/mj
nK5uLjFCLTGMlp7PvXuY9uxKrmh4SryFMSSAvRskwTGtr/ha5KERmYBR2RKH2Nc9
nZdeTwP+x/N1VgS438eeG88PO0ws4Y+qfRykiSSwr1MbOMJInDEK56W+wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDCOozfLTP+8i3EnFnOOfQBMmxWMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKcb6bBvN
EuUrP/41FGBmlEPgMDZH027tfrjNIGFOhcsdoUxRN5/GfIqad7keB9HXYGN4sdMI
ds6Gi4YAsWkvf+tmMmNXtPBHsIK71KewLClxYiBz2dsQ9B9CKjgX00l2beEpQVPb
eHONEZ/od8AjfZWhr4T9GTCmERi/HudG723VzSMqWMm/HlfSQwhBwpONogEDBrIT
famy3fSzRKAiiPdw+LiEzRH0I8GN8zC6O4q8RJDWyD6aV0L5iG/563itTbUaVz7P
t/gt65BmucPKRmPl3fRodYFBU8RFyJd0Sf8SQTJlVJZcDLDj8YbX7j4eQOdSVCqE
65uPVUnozjsq0Q==
-----END CERTIFICATE-----
Generated at Mon May 12 14:54:44 2025 by rpki-client