Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: 0TAFrzAJC1vf0s3aEhL4KqDVmckbrge/ZsGf6HLjU6I=
Subject key identifier: DF:5A:58:38:80:01:28:EF:79:04:88:29:EE:70:09:79:5D:A7:EA:1D
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 0196BDEE7EA614D9D071CB143F04ED84BCF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 05FB
Signing time: Sun 11 May 2025 06:00:45 +0000
Manifest this update: Sun 11 May 2025 06:00:45 +0000
Manifest next update: Mon 12 May 2025 06:00:45 +0000
Files and hashes: 1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: RcZveID2NhFEicNJELeGJTRbvUBYBHIpPgWUoFAIw5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:ee:7e:a6:14:d9:d0:71:cb:14:3f:04:ed:84:bc:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: May 11 06:00:45 2025 GMT
Not After : May 12 06:00:45 2025 GMT
Subject: CN=df5a5838800128ef79048829ee7009795da7ea1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:27:09:1d:df:ec:ce:e5:bc:10:6a:22:38:37:
67:62:d4:6e:1a:2a:04:11:a4:32:44:0a:94:c3:cd:
be:33:a4:6b:14:44:0e:dc:1a:5f:ef:2f:ef:7f:b0:
6b:92:66:d8:aa:be:20:5c:0c:77:e3:db:91:bd:51:
60:c4:20:23:0e:3e:1e:dc:bc:0a:c9:d2:23:8c:52:
aa:b7:e1:d2:3f:4d:7b:03:3f:34:93:6f:c5:51:4b:
d6:81:5b:4a:98:da:21:34:7d:60:bf:f9:79:69:4e:
0b:35:4f:dd:3e:9e:64:f2:59:6a:94:52:0d:4e:2a:
e1:6e:1d:ae:40:a5:49:17:72:02:b5:dc:b1:c2:c7:
b9:b9:1c:45:f1:9a:ad:ae:a5:40:74:09:d7:d9:38:
3e:b0:92:b7:37:7c:0c:ac:b6:71:63:28:e7:6d:c8:
5a:b8:9a:b4:8b:e6:4a:ab:a3:9b:5d:f6:00:79:36:
0a:26:fa:69:ec:51:71:07:c4:92:a8:d6:2b:a6:e8:
30:2c:91:ac:8c:30:37:f9:0b:59:de:ad:2a:32:12:
3b:a7:8c:87:67:82:f9:ea:bc:2e:b0:b2:98:bf:41:
69:a4:20:39:62:c0:74:34:32:58:22:c3:2a:39:ca:
a3:c6:e2:67:59:08:ef:18:d9:1e:11:27:2d:38:32:
71:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5A:58:38:80:01:28:EF:79:04:88:29:EE:70:09:79:5D:A7:EA:1D
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:9c:95:2f:1a:50:7d:57:5c:88:9d:43:bb:e2:8c:25:ce:d5:
cb:b6:bb:ac:0c:2e:05:51:4a:37:39:f3:c9:93:11:ba:49:fd:
dd:22:91:0c:58:8d:b0:e0:5f:86:77:d7:81:5f:98:00:3f:29:
5e:a9:99:09:36:6b:28:f5:a6:4f:de:ae:f1:87:33:41:56:56:
b3:10:75:18:01:c0:c0:00:50:e0:f4:f3:ee:67:d1:36:5a:db:
56:58:6b:18:79:e9:c3:21:f7:ea:95:f8:23:c9:ae:63:1a:f0:
21:4a:a8:91:91:07:c1:3d:cd:b3:b1:78:0b:f0:1e:54:8e:e0:
ff:db:82:2c:06:94:a1:40:13:76:ef:e9:8c:64:20:1f:ee:06:
cf:7a:24:93:32:d3:0e:e0:c7:ef:77:94:77:fa:c9:3f:cd:19:
89:14:1f:b9:78:ad:95:2f:41:eb:3d:8e:bc:12:ce:5d:e2:17:
79:75:53:9e:0c:2e:a8:89:82:e0:89:2b:b2:15:3b:75:3d:df:
3c:60:4a:23:0f:0c:86:00:95:27:5f:14:8c:b6:ff:1a:ea:92:
1d:46:76:00:eb:1b:d6:a7:8f:18:72:e7:a7:d0:cb:99:96:36:
bc:72:39:9b:77:55:28:01:5a:8b:e5:ec:02:4f:77:2c:83:b6:
2c:7c:f4:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97n6mFNnQccsUPwTthLzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjUwNTExMDYwMDQ1WhcNMjUwNTEyMDYwMDQ1WjAzMTEwLwYDVQQD
EyhkZjVhNTgzODgwMDEyOGVmNzkwNDg4MjllZTcwMDk3OTVkYTdlYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2icJHd/szuW8EGoiODdnYtRuGioE
EaQyRAqUw82+M6RrFEQO3Bpf7y/vf7BrkmbYqr4gXAx349uRvVFgxCAjDj4e3LwK
ydIjjFKqt+HSP017Az80k2/FUUvWgVtKmNohNH1gv/l5aU4LNU/dPp5k8llqlFIN
Tirhbh2uQKVJF3ICtdyxwse5uRxF8ZqtrqVAdAnX2Tg+sJK3N3wMrLZxYyjnbcha
uJq0i+ZKq6ObXfYAeTYKJvpp7FFxB8SSqNYrpugwLJGsjDA3+QtZ3q0qMhI7p4yH
Z4L56rwusLKYv0FppCA5YsB0NDJYIsMqOcqjxuJnWQjvGNkeESctODJx+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9aWDiAASjveQSIKe5wCXldp+odMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZJyVLxpQ
fVdciJ1Du+KMJc7Vy7a7rAwuBVFKNznzyZMRukn93SKRDFiNsOBfhnfXgV+YAD8p
XqmZCTZrKPWmT96u8YczQVZWsxB1GAHAwABQ4PTz7mfRNlrbVlhrGHnpwyH36pX4
I8muYxrwIUqokZEHwT3Ns7F4C/AeVI7g/9uCLAaUoUATdu/pjGQgH+4Gz3okkzLT
DuDH73eUd/rJP80ZiRQfuXitlS9B6z2OvBLOXeIXeXVTngwuqImC4IkrshU7dT3f
PGBKIw8MhgCVJ18UjLb/GuqSHUZ2AOsb1qePGHLnp9DLmZY2vHI5m3dVKAFai+Xs
Ak93LIO2LHz0UA==
-----END CERTIFICATE-----
Generated at Sun May 11 08:38:33 2025 by rpki-client