Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
File: lWmTFkJJYHEcLo7LU2vdArxyT60.mft (raw, json)
Hash identifier: FKaKEhYl40X1YonAreWRUg8dSj1qfIa+wQHn1357+hU=
Subject key identifier: B5:D4:39:F2:71:C6:11:53:52:80:DC:A2:45:8C:C1:17:F3:13:AE:8B
Authority key identifier: 95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
Certificate issuer: /CN=95699316424960711c2e8ecb536bdd02bc724fad
Certificate serial: 0196BE255AA17205963113702A798ED5E054
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
Manifest number: 03AD
Signing time: Sun 11 May 2025 07:00:40 +0000
Manifest this update: Sun 11 May 2025 07:00:40 +0000
Manifest next update: Mon 12 May 2025 07:00:40 +0000
Files and hashes: 1: QlwSz5QY3CNReEwoqy5_qdcxp7E.roa (hash: J1QwLI9Oak3umoZp+VK8k+3z4SfC016Ed6Yx+Y0FOX0=)
2: lWmTFkJJYHEcLo7LU2vdArxyT60.crl (hash: HZG7nuIIIOnrq/WI2uAeH1LcXMRzezELDEoqpCtwb1Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:25:5a:a1:72:05:96:31:13:70:2a:79:8e:d5:e0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95699316424960711c2e8ecb536bdd02bc724fad
Validity
Not Before: May 11 07:00:40 2025 GMT
Not After : May 12 07:00:40 2025 GMT
Subject: CN=b5d439f271c611535280dca2458cc117f313ae8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7b:bf:2f:38:31:43:97:e2:82:1b:63:ed:30:
5a:2c:7b:aa:9e:69:ca:dc:45:95:67:c4:36:c3:4a:
56:0b:87:71:51:d2:0f:70:f5:af:3d:c7:2e:6b:1e:
b0:2f:cc:c1:0e:47:9b:dd:ed:8f:0e:28:0b:a5:fa:
66:33:8d:d2:62:ac:03:92:40:a7:39:9e:01:b8:66:
00:81:50:05:88:f9:9e:64:79:e2:de:a3:39:86:fe:
82:4b:f1:57:49:dd:89:19:43:d7:9a:ac:02:84:12:
16:d0:67:0b:d3:7e:48:a1:bf:cb:05:fc:ee:a3:11:
2f:c7:f8:71:a4:85:d6:55:93:97:35:0a:27:ba:6e:
08:f2:03:c5:99:64:47:b8:4f:73:77:1f:49:83:8f:
32:e7:18:dd:98:5d:55:86:65:24:bc:8f:95:8f:d4:
89:86:dc:28:77:c4:6d:44:63:1d:8d:01:c7:7f:82:
c6:2d:1a:ee:8c:78:ca:9b:74:05:c9:ba:d7:23:88:
f6:5a:4c:93:c2:70:dc:16:3c:fb:e3:f0:61:19:33:
50:bf:f5:f0:96:64:21:b1:cc:12:f4:28:aa:1a:4d:
e5:cb:77:8b:ee:e3:d9:1d:a9:a0:07:66:e5:0f:eb:
9e:6d:aa:ab:2a:48:9a:07:72:b9:6c:3a:e3:b4:9b:
f5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D4:39:F2:71:C6:11:53:52:80:DC:A2:45:8C:C1:17:F3:13:AE:8B
X509v3 Authority Key Identifier:
keyid:95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:a5:ee:b2:fa:b7:be:e8:48:08:83:a4:41:c2:2b:2f:99:7a:
0f:0d:b4:83:5a:ab:18:40:92:c9:18:46:10:9c:25:5d:ca:e1:
fc:73:82:91:50:26:38:94:b7:86:a0:d9:f8:3a:9c:46:76:05:
62:27:ee:26:18:85:6a:c4:ce:0f:2d:52:d6:22:7b:0d:a2:b8:
c3:af:7f:38:13:cd:ad:3b:71:9d:32:1a:bf:c1:fb:ca:60:e8:
51:00:37:14:ad:69:31:e4:cb:bd:5f:9d:ff:26:66:65:3d:93:
bf:90:da:fc:20:49:5b:f8:a1:5a:e8:cb:66:e8:21:83:4d:37:
dc:3d:3e:18:3d:94:ed:6d:38:25:35:f1:1f:46:ea:de:82:6d:
82:97:17:1d:36:68:cd:c8:4d:9e:91:ee:fb:0c:bf:32:b4:f4:
ad:85:b5:b1:59:68:71:57:8b:d6:f1:a7:8e:ef:6b:c4:d0:ae:
84:a5:e9:1c:41:61:89:73:28:74:12:7f:52:4d:ff:ab:73:77:
c7:4c:13:b3:20:0a:b7:eb:d9:f9:04:f6:e8:0b:2e:84:27:1d:
f6:0f:38:90:b3:fa:8a:33:a6:3c:17:9d:5a:39:21:bb:f2:0a:
2e:7d:4d:6e:f0:ba:f3:62:10:fa:f6:f4:99:82:34:89:db:77:
c5:d0:74:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+JVqhcgWWMRNwKnmO1eBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njk5MzE2NDI0OTYwNzExYzJlOGVjYjUzNmJkZDAyYmM3
MjRmYWQwHhcNMjUwNTExMDcwMDQwWhcNMjUwNTEyMDcwMDQwWjAzMTEwLwYDVQQD
EyhiNWQ0MzlmMjcxYzYxMTUzNTI4MGRjYTI0NThjYzExN2YzMTNhZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33u/LzgxQ5fightj7TBaLHuqnmnK
3EWVZ8Q2w0pWC4dxUdIPcPWvPccuax6wL8zBDkeb3e2PDigLpfpmM43SYqwDkkCn
OZ4BuGYAgVAFiPmeZHni3qM5hv6CS/FXSd2JGUPXmqwChBIW0GcL035Iob/LBfzu
oxEvx/hxpIXWVZOXNQonum4I8gPFmWRHuE9zdx9Jg48y5xjdmF1VhmUkvI+Vj9SJ
htwod8RtRGMdjQHHf4LGLRrujHjKm3QFybrXI4j2WkyTwnDcFjz74/BhGTNQv/Xw
lmQhscwS9CiqGk3ly3eL7uPZHamgB2blD+uebaqrKkiaB3K5bDrjtJv1lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXUOfJxxhFTUoDcokWMwRfzE66LMB8GA1UdIwQY
MBaAFJVpkxZCSWBxHC6Oy1Nr3QK8ck+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYt
Zjg1YzYwYmUzNDBkLzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYtZjg1YzYwYmUzNDBk
LzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfqXusvq3
vuhICIOkQcIrL5l6Dw20g1qrGECSyRhGEJwlXcrh/HOCkVAmOJS3hqDZ+DqcRnYF
YifuJhiFasTODy1S1iJ7DaK4w69/OBPNrTtxnTIav8H7ymDoUQA3FK1pMeTLvV+d
/yZmZT2Tv5Da/CBJW/ihWujLZughg0033D0+GD2U7W04JTXxH0bq3oJtgpcXHTZo
zchNnpHu+wy/MrT0rYW1sVlocVeL1vGnju9rxNCuhKXpHEFhiXModBJ/Uk3/q3N3
x0wTsyAKt+vZ+QT26AsuhCcd9g84kLP6ijOmPBedWjkhu/IKLn1NbvC682IQ+vb0
mYI0idt3xdB0jw==
-----END CERTIFICATE-----
Generated at Sun May 11 10:34:11 2025 by rpki-client