Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
File: d9LZKEIxBOXDSA4htKPtFJiyon4.mft (raw, json)
Hash identifier: U3HUZVSpwVYkZh6Xd+S/gME71S8mFVMANK2p6iS5q2M=
Subject key identifier: 8D:93:3C:CB:BF:92:7A:47:38:C4:6A:D9:95:64:05:02:76:14:79:35
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 0196C34C1BC641D39571E5DBD23616D2234E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
Manifest number: 0AAF
Signing time: Mon 12 May 2025 07:01:06 +0000
Manifest this update: Mon 12 May 2025 07:01:06 +0000
Manifest next update: Tue 13 May 2025 07:01:06 +0000
Files and hashes: 1: HX3f5FZnDXBVPEnE5bxp-46XcDI.roa (hash: Cn4L/fOgVlSahDb0v8tdmodjivbISS4FJEJArlg0b+Y=)
2: d9LZKEIxBOXDSA4htKPtFJiyon4.crl (hash: JdN5U645jpsOcrtkHVR7UNZAiH6Dq/cDTwTuxk5i03k=)
3: jKFJgU1IkNXTMlJ4fb3SLPhpIEs.roa (hash: gVNSWZlrE4CqYnhrjWkiPYyY6GBkTGDHd/hL4ezDiUs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:4c:1b:c6:41:d3:95:71:e5:db:d2:36:16:d2:23:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: May 12 07:01:06 2025 GMT
Not After : May 13 07:01:06 2025 GMT
Subject: CN=8d933ccbbf927a4738c46ad99564050276147935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b7:94:5b:f3:3f:7f:8d:49:16:ff:7f:d0:4c:
b3:0c:64:e5:00:4f:af:a6:98:1e:cd:4a:e0:23:e9:
78:a7:83:2a:79:d0:93:18:70:6f:53:5e:35:e9:90:
db:2a:63:99:14:da:46:53:af:40:5a:13:2e:a2:33:
d3:7f:07:b1:99:a2:70:0d:46:1f:ba:d7:a3:44:8c:
4a:71:ac:69:ce:c1:4d:e3:3b:23:92:23:c5:e9:f1:
75:4b:2e:e3:48:e6:ab:55:0b:18:87:5d:1f:fe:64:
db:8c:2e:33:7b:92:f1:8f:3a:12:88:88:26:cb:f8:
58:ff:68:3a:2d:63:43:42:68:0f:c2:6a:c7:1b:d4:
c5:26:15:02:29:15:67:9d:2e:27:03:e7:fd:12:d4:
84:b5:6a:f6:c9:e1:0f:6a:3b:c3:92:39:33:6a:58:
5e:1c:95:d2:f3:27:e3:7e:2f:2a:31:7a:69:80:6e:
09:37:46:17:a4:c2:dc:e4:a6:1f:9d:d0:90:58:d5:
22:45:61:f6:98:ea:e1:9c:49:73:3b:b2:e4:61:95:
b4:04:8f:8f:1f:d5:fb:d4:2b:35:e3:d5:13:04:be:
41:37:15:a0:05:94:aa:e3:90:fd:cf:8e:8b:10:f8:
8b:bc:54:9b:1c:f2:b0:33:4f:46:64:9e:f0:4a:8c:
4b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:93:3C:CB:BF:92:7A:47:38:C4:6A:D9:95:64:05:02:76:14:79:35
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:6a:d2:fd:30:22:7d:37:d9:34:8c:48:91:46:fa:d8:2e:12:
5d:6f:3c:61:95:b3:dc:8a:d5:ce:26:14:03:9a:fb:96:90:9d:
4f:32:e6:9e:80:9a:66:bc:08:8f:58:e3:25:7c:06:8d:30:d0:
ea:0f:6e:6f:e2:a1:b2:e2:ed:22:a8:ed:1d:82:25:ce:aa:9f:
48:cd:66:4a:3c:75:43:6d:e8:da:8c:8a:61:80:cc:63:81:4a:
8a:e7:91:37:8a:95:26:ca:bc:32:28:9f:c7:09:7b:57:0d:72:
59:c8:63:fe:71:79:a9:e1:3a:fd:d8:d5:0a:b5:ab:7a:13:fb:
f9:2e:d1:06:1f:9d:d3:d5:f9:04:51:93:63:d9:23:44:9b:b9:
b2:c6:65:c1:26:6e:ae:2a:cf:c4:d6:d3:63:97:d0:45:7f:98:
2f:07:37:cb:1b:8d:ce:57:f1:e8:52:c0:6f:4d:4b:2c:69:5d:
fd:aa:52:f2:57:f1:41:01:c6:d3:26:bb:50:df:66:ef:0f:51:
df:e1:00:a8:0f:d6:6d:89:26:ae:40:b3:7d:01:80:96:6f:b5:
94:0e:45:9d:ca:fa:14:78:63:11:f0:cc:36:3d:be:cd:7f:dd:
4d:86:64:9e:21:0f:51:ca:49:e9:d1:aa:c4:c1:df:cf:06:73:
64:1e:dc:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTBvGQdOVceXb0jYW0iNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjUwNTEyMDcwMTA2WhcNMjUwNTEzMDcwMTA2WjAzMTEwLwYDVQQD
Eyg4ZDkzM2NjYmJmOTI3YTQ3MzhjNDZhZDk5NTY0MDUwMjc2MTQ3OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7eUW/M/f41JFv9/0EyzDGTlAE+v
ppgezUrgI+l4p4MqedCTGHBvU1416ZDbKmOZFNpGU69AWhMuojPTfwexmaJwDUYf
utejRIxKcaxpzsFN4zsjkiPF6fF1Sy7jSOarVQsYh10f/mTbjC4ze5LxjzoSiIgm
y/hY/2g6LWNDQmgPwmrHG9TFJhUCKRVnnS4nA+f9EtSEtWr2yeEPajvDkjkzalhe
HJXS8yfjfi8qMXppgG4JN0YXpMLc5KYfndCQWNUiRWH2mOrhnElzO7LkYZW0BI+P
H9X71Cs149UTBL5BNxWgBZSq45D9z46LEPiLvFSbHPKwM09GZJ7wSoxLfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2TPMu/knpHOMRq2ZVkBQJ2FHk1MB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGrS/TAi
fTfZNIxIkUb62C4SXW88YZWz3IrVziYUA5r7lpCdTzLmnoCaZrwIj1jjJXwGjTDQ
6g9ub+KhsuLtIqjtHYIlzqqfSM1mSjx1Q23o2oyKYYDMY4FKiueRN4qVJsq8Miif
xwl7Vw1yWchj/nF5qeE6/djVCrWrehP7+S7RBh+d09X5BFGTY9kjRJu5ssZlwSZu
rirPxNbTY5fQRX+YLwc3yxuNzlfx6FLAb01LLGld/apS8lfxQQHG0ya7UN9m7w9R
3+EAqA/WbYkmrkCzfQGAlm+1lA5Fncr6FHhjEfDMNj2+zX/dTYZkniEPUcpJ6dGq
xMHfzwZzZB7cOg==
-----END CERTIFICATE-----
Generated at Mon May 12 13:28:15 2025 by rpki-client