Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
File: lfdgXoUMnb8X2vC6OONvzGPCy_o.mft (raw, json)
Hash identifier: uIsMw40cAIq0DUfBXiX2KAI3tG1XzX9wXiMedtqHr9s=
Subject key identifier: 34:36:B4:04:5D:E4:67:58:BA:F5:EE:01:56:AD:98:F3:A4:D3:B8:FE
Authority key identifier: 95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
Certificate issuer: /CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Certificate serial: 0196C42711A927ABA32EB21A0D77C7CC5351
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
Manifest number: 1537
Signing time: Mon 12 May 2025 11:00:16 +0000
Manifest this update: Mon 12 May 2025 11:00:16 +0000
Manifest next update: Tue 13 May 2025 11:00:16 +0000
Files and hashes: 1: 5-Dy59i1_U0ZRMyz_6apK6err6E.roa (hash: HTKVf7q+nYn6Qr/j/qsCTy9hUzuLpJ7dJx3pfn4b6GM=)
2: lfdgXoUMnb8X2vC6OONvzGPCy_o.crl (hash: v0+aG/ER/jiKryvb97tfjFeO/gKSpDyq+NIwHrCo21g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 11:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:27:11:a9:27:ab:a3:2e:b2:1a:0d:77:c7:cc:53:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Validity
Not Before: May 12 11:00:16 2025 GMT
Not After : May 13 11:00:16 2025 GMT
Subject: CN=3436b4045de46758baf5ee0156ad98f3a4d3b8fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b2:6f:48:54:57:2c:34:02:60:0a:0a:69:f3:
e7:46:81:cf:11:78:9c:50:66:59:c8:d2:b5:c5:67:
c9:47:a4:21:f5:51:75:3a:fd:e7:da:54:e4:a3:21:
c4:8d:ee:2c:5d:e8:e3:d2:0e:d9:8f:78:b4:b2:b2:
40:b9:ab:c6:62:98:1e:7f:5a:41:86:63:55:74:46:
04:4f:2a:2a:06:58:89:41:63:92:71:13:d6:d8:8a:
3f:a2:92:27:24:96:65:93:78:90:de:b6:8a:06:ec:
cc:f5:74:b8:b1:de:19:c8:7a:de:d2:ee:84:39:1d:
a5:de:af:13:57:95:02:7d:7b:f0:c8:41:36:78:0f:
01:79:d7:2a:85:e4:53:d6:5d:b6:df:a3:0b:84:52:
dc:fb:b9:14:94:fd:b9:39:d0:f9:46:c5:67:da:05:
96:c1:3e:38:fd:ae:87:0b:b1:8f:50:be:3b:c9:33:
5a:fa:c0:a4:36:d5:fa:e7:02:3b:8d:41:01:3a:9b:
a3:ff:09:0e:b8:b2:3e:be:d8:7a:10:74:bc:7d:8a:
2c:30:a0:3e:50:22:9f:85:4d:1a:82:ce:df:70:d5:
29:a8:4f:fa:2f:fd:bf:77:5b:c5:ae:f1:d7:9b:49:
f8:b4:36:32:41:f5:d1:70:57:ae:1f:54:74:a6:81:
48:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:36:B4:04:5D:E4:67:58:BA:F5:EE:01:56:AD:98:F3:A4:D3:B8:FE
X509v3 Authority Key Identifier:
keyid:95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:ec:9e:e3:a7:67:87:80:c4:bd:a3:5f:50:fd:0a:9c:e0:cb:
23:e8:cf:93:e3:99:bd:8f:c8:20:e9:fd:b1:18:df:e0:d7:1d:
a2:0f:dc:53:cb:3e:fd:f6:2d:2b:b5:20:ba:f1:d8:22:46:ce:
68:f5:49:cd:2d:3a:27:f3:29:d4:fc:0a:1f:84:2c:03:28:06:
44:db:53:b8:0f:cb:96:8a:a4:4b:d8:95:39:9c:9e:89:6f:bf:
a9:4d:7e:a7:d1:7b:44:f5:f8:f6:2d:7e:03:bd:dd:2f:91:0e:
ae:78:fe:4a:f6:e6:c2:2b:de:02:4f:97:d1:18:11:00:17:18:
91:7a:5d:93:f4:fb:2f:17:5d:06:b3:a7:30:00:55:94:54:85:
76:ae:44:96:a5:ee:b1:68:73:d5:51:8f:e1:b0:80:b0:a6:49:
d9:f8:2b:5c:97:ab:50:7d:db:b0:f8:2a:73:0b:be:d6:8e:6f:
70:72:04:aa:cc:7f:d6:99:b1:3f:ec:1b:23:c5:a8:14:6e:09:
43:ed:0f:aa:c9:08:9d:67:38:29:33:26:13:0d:c0:e6:8c:4a:
71:58:3a:ad:29:74:b7:68:22:28:f2:a2:01:af:97:6b:62:75:
ea:b2:3c:b5:21:60:25:e2:f1:d1:94:09:cc:07:16:32:bc:60:
5b:5b:cf:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEJxGpJ6ujLrIaDXfHzFNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Zjc2MDVlODUwYzlkYmYxN2RhZjBiYTM4ZTM2ZmNjNjNj
MmNiZmEwHhcNMjUwNTEyMTEwMDE2WhcNMjUwNTEzMTEwMDE2WjAzMTEwLwYDVQQD
EygzNDM2YjQwNDVkZTQ2NzU4YmFmNWVlMDE1NmFkOThmM2E0ZDNiOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbJvSFRXLDQCYAoKafPnRoHPEXic
UGZZyNK1xWfJR6Qh9VF1Ov3n2lTkoyHEje4sXejj0g7Zj3i0srJAuavGYpgef1pB
hmNVdEYETyoqBliJQWOScRPW2Io/opInJJZlk3iQ3raKBuzM9XS4sd4ZyHre0u6E
OR2l3q8TV5UCfXvwyEE2eA8BedcqheRT1l2236MLhFLc+7kUlP25OdD5RsVn2gWW
wT44/a6HC7GPUL47yTNa+sCkNtX65wI7jUEBOpuj/wkOuLI+vth6EHS8fYosMKA+
UCKfhU0ags7fcNUpqE/6L/2/d1vFrvHXm0n4tDYyQfXRcFeuH1R0poFINQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQ2tARd5GdYuvXuAVatmPOk07j+MB8GA1UdIwQY
MBaAFJX3YF6FDJ2/F9rwujjjb8xjwsv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEt
NjcwNWRjMmUzYWFhLzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEtNjcwNWRjMmUzYWFh
LzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAouye46dn
h4DEvaNfUP0KnODLI+jPk+OZvY/IIOn9sRjf4Ncdog/cU8s+/fYtK7UguvHYIkbO
aPVJzS06J/Mp1PwKH4QsAygGRNtTuA/LloqkS9iVOZyeiW+/qU1+p9F7RPX49i1+
A73dL5EOrnj+SvbmwiveAk+X0RgRABcYkXpdk/T7LxddBrOnMABVlFSFdq5ElqXu
sWhz1VGP4bCAsKZJ2fgrXJerUH3bsPgqcwu+1o5vcHIEqsx/1pmxP+wbI8WoFG4J
Q+0PqskInWc4KTMmEw3A5oxKcVg6rSl0t2giKPKiAa+Xa2J16rI8tSFgJeLx0ZQJ
zAcWMrxgW1vPag==
-----END CERTIFICATE-----
Generated at Mon May 12 18:49:34 2025 by rpki-client