Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File: aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier: DEovCtrH8qG+JiWTB+PByOxBFgZeH5o+xrOIRt8n0OU=
Subject key identifier: 20:94:D9:C4:C6:94:F1:EC:5E:3A:0A:30:6D:BA:A0:07:4E:4C:4D:68
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer: /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial: 0196C04B34E8CA2E22101A6CDFA4A1BDF17D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number: 06F3
Signing time: Sun 11 May 2025 17:01:16 +0000
Manifest this update: Sun 11 May 2025 17:01:16 +0000
Manifest next update: Mon 12 May 2025 17:01:16 +0000
Files and hashes: 1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: UKakJr9SUk1NMxHMWW2KW8x+i+QFiGjE2hjEbBmlnKw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:4b:34:e8:ca:2e:22:10:1a:6c:df:a4:a1:bd:f1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Validity
Not Before: May 11 17:01:16 2025 GMT
Not After : May 12 17:01:16 2025 GMT
Subject: CN=2094d9c4c694f1ec5e3a0a306dbaa0074e4c4d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d9:92:06:7a:f8:bb:85:81:3a:9e:f9:27:10:
26:95:ad:cf:a6:b6:9d:de:0a:ca:0e:6f:41:71:06:
11:fa:33:a3:95:fd:1d:95:f7:09:2e:1c:d5:ef:7e:
13:81:85:05:58:3c:6d:c7:74:94:e2:e1:30:64:5d:
b1:90:bd:10:e6:73:9f:6a:04:10:79:e1:6b:d8:7b:
75:7a:16:4e:0f:96:46:5d:7b:57:db:0b:e8:6f:23:
a6:ce:a4:4d:d3:cf:96:1a:1a:b4:9b:0a:16:b2:3e:
88:70:48:cf:e2:8a:7e:a9:f2:d9:d7:81:ef:a0:06:
0d:41:c7:ad:ce:54:75:d8:fa:10:2b:ff:e8:b2:b6:
19:de:26:b3:69:98:0a:8d:f1:2e:cc:d9:39:fb:be:
34:7b:cb:ee:f9:07:3e:82:ba:e1:c0:3c:a9:43:48:
c5:e4:7f:0a:b6:18:21:92:66:d4:43:3c:b6:15:e4:
ae:56:87:2e:ae:15:dc:a1:03:b2:24:42:c6:bf:b3:
c5:64:7d:ae:27:b7:6b:fa:09:27:0c:48:e4:16:42:
79:e7:12:9d:81:8c:af:79:16:0e:f5:29:ef:fe:a0:
c7:72:32:00:0b:15:87:98:31:ac:d2:c1:ee:a4:c5:
8d:03:ee:4b:71:53:14:e3:7f:44:f3:93:fe:50:c4:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:94:D9:C4:C6:94:F1:EC:5E:3A:0A:30:6D:BA:A0:07:4E:4C:4D:68
X509v3 Authority Key Identifier:
keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:d9:05:42:fb:f9:df:9c:d3:83:23:ff:8e:50:9e:34:53:42:
e3:6d:7b:db:52:b1:40:4e:93:e4:5c:7b:2c:39:2e:2b:16:09:
7e:a1:14:a7:32:c0:29:76:7e:c3:c3:7c:d6:af:5a:92:e2:99:
d3:0c:16:bb:e3:58:cb:1b:9d:08:f2:9c:db:82:31:9c:3a:47:
d3:ed:8f:09:19:8b:ee:c4:04:13:ba:17:79:c1:4a:3f:83:3a:
38:e0:d4:f7:64:c2:6e:8f:38:52:b9:90:66:a7:ed:cd:52:36:
3d:46:7d:58:a8:e3:13:83:d6:de:4b:27:52:39:0c:52:15:e2:
d3:9b:2c:53:ac:b5:25:5e:c6:f4:c3:af:c4:9f:23:a1:37:e0:
61:4d:cb:66:69:f2:dc:17:a8:8f:a9:bd:44:98:bb:41:7c:8b:
d0:ab:d9:ed:ee:bf:a6:39:30:d7:94:aa:00:49:af:bc:2c:ca:
8b:3b:7f:93:bd:c5:65:9b:2b:72:92:41:f7:11:da:51:12:fc:
69:95:96:3e:64:7f:2a:db:b5:dc:4f:93:d2:ef:31:d4:b7:75:
69:a7:f7:1d:04:8b:7a:f4:45:ae:b6:b2:b1:aa:0f:27:61:8d:
fb:cc:ee:eb:36:c8:db:43:e7:73:c7:12:d4:60:6d:00:c6:85:
5a:4b:8a:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbASzToyi4iEBps36ShvfF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjUwNTExMTcwMTE2WhcNMjUwNTEyMTcwMTE2WjAzMTEwLwYDVQQD
EygyMDk0ZDljNGM2OTRmMWVjNWUzYTBhMzA2ZGJhYTAwNzRlNGM0ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNmSBnr4u4WBOp75JxAmla3Pprad
3grKDm9BcQYR+jOjlf0dlfcJLhzV734TgYUFWDxtx3SU4uEwZF2xkL0Q5nOfagQQ
eeFr2Ht1ehZOD5ZGXXtX2wvobyOmzqRN08+WGhq0mwoWsj6IcEjP4op+qfLZ14Hv
oAYNQcetzlR12PoQK//osrYZ3iazaZgKjfEuzNk5+740e8vu+Qc+grrhwDypQ0jF
5H8KthghkmbUQzy2FeSuVocurhXcoQOyJELGv7PFZH2uJ7dr+gknDEjkFkJ55xKd
gYyveRYO9Snv/qDHcjIACxWHmDGs0sHupMWNA+5LcVMU439E85P+UMTnfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCU2cTGlPHsXjoKMG26oAdOTE1oMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAONkFQvv5
35zTgyP/jlCeNFNC421721KxQE6T5Fx7LDkuKxYJfqEUpzLAKXZ+w8N81q9akuKZ
0wwWu+NYyxudCPKc24IxnDpH0+2PCRmL7sQEE7oXecFKP4M6OODU92TCbo84UrmQ
ZqftzVI2PUZ9WKjjE4PW3ksnUjkMUhXi05ssU6y1JV7G9MOvxJ8joTfgYU3LZmny
3Beoj6m9RJi7QXyL0KvZ7e6/pjkw15SqAEmvvCzKizt/k73FZZsrcpJB9xHaURL8
aZWWPmR/Ktu13E+T0u8x1Ld1aaf3HQSLevRFrraysaoPJ2GN+8zu6zbI20Pnc8cS
1GBtAMaFWkuK8g==
-----END CERTIFICATE-----
Generated at Sun May 11 22:29:23 2025 by rpki-client