Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
File: i5HgoQS1s93x9dCOessreeDVZvk.mft (raw, json)
Hash identifier: mMGMJP7wbLZECZ7w/KapQCAfMnVEHrRs+2il1vnARuw=
Subject key identifier: 4F:66:3E:7F:2A:09:1D:97:FF:BE:2D:29:99:0B:B0:63:F1:02:A9:AA
Authority key identifier: 8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
Certificate issuer: /CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Certificate serial: 0196A42E5D9F54CAF72D1B1B75E6536044BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
Manifest number: 0F32
Signing time: Tue 06 May 2025 06:00:24 +0000
Manifest this update: Tue 06 May 2025 06:00:24 +0000
Manifest next update: Wed 07 May 2025 06:00:24 +0000
Files and hashes: 1: KwomHtAHnCM0D-yGdW_0Sf3mopc.roa (hash: nJuUP0j6H239g1R7GMJyKq0zviXnK+AhK7Q4U43dyg4=)
2: ZYlcf7X6lFUqPdlZgjx7h6pY7f0.roa (hash: Z91lhusvfId6xXTKVa6gm5qmkQJNcO8M7YoIqY37LFU=)
3: i5HgoQS1s93x9dCOessreeDVZvk.crl (hash: m4GHEyYmfp8PJw2splPMFrGRa/QGIGcZZOtTj2ojOvM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 06:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:2e:5d:9f:54:ca:f7:2d:1b:1b:75:e6:53:60:44:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b91e0a104b5b3ddf1f5d08e7acb2b79e0d566f9
Validity
Not Before: May 6 06:00:24 2025 GMT
Not After : May 7 06:00:24 2025 GMT
Subject: CN=4f663e7f2a091d97ffbe2d29990bb063f102a9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:bd:23:35:de:f9:97:06:cc:38:31:e5:9f:
5f:52:83:73:d9:c7:77:64:b1:1c:62:dd:f5:88:5b:
72:69:ea:fb:e4:98:31:10:06:01:3c:33:58:3d:1b:
64:fe:40:18:c4:e9:6d:a8:eb:be:d0:06:de:0a:05:
a7:3a:d1:5b:f3:06:b1:26:aa:9c:2a:8f:b1:67:bc:
f2:be:f9:d8:d2:33:f6:45:3b:27:5c:d4:14:10:6f:
d7:c7:ea:e8:1c:32:7f:ec:91:4e:7a:c0:35:2d:95:
50:b7:35:06:a4:66:8c:e9:3a:7c:d3:dd:1f:e2:ff:
4a:ae:65:51:22:86:65:b5:d4:6b:52:d5:1c:fd:93:
09:a0:67:99:34:94:95:df:e0:ba:2f:fa:e0:d4:6d:
b5:25:e8:9f:e3:53:2d:62:af:a7:97:ab:1b:56:09:
e4:12:67:91:73:c0:f7:5a:b8:b3:ae:d7:a5:8f:49:
7d:7b:e6:40:e1:ce:dc:ab:01:b2:7f:b7:17:e1:49:
49:c0:5e:f8:48:36:6e:cd:85:b4:38:97:3f:6f:fd:
26:74:7b:e9:5d:06:5f:62:76:a2:ed:82:7f:02:a9:
68:92:d8:bc:9c:4d:05:4f:60:49:dd:2f:a9:e5:9f:
6b:5b:6a:94:7a:a1:73:4a:c3:f8:fd:27:0d:24:23:
95:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:66:3E:7F:2A:09:1D:97:FF:BE:2D:29:99:0B:B0:63:F1:02:A9:AA
X509v3 Authority Key Identifier:
keyid:8B:91:E0:A1:04:B5:B3:DD:F1:F5:D0:8E:7A:CB:2B:79:E0:D5:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5HgoQS1s93x9dCOessreeDVZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dfbfc4-cc3f-477c-8d76-a8c576224ba2/1/i5HgoQS1s93x9dCOessreeDVZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c0:9d:5f:04:0a:2d:e0:d6:c8:f0:eb:1e:8c:ad:17:18:f9:f7:
a4:92:d6:34:5b:1d:29:41:19:30:77:7d:86:14:10:25:18:db:
2f:1a:f5:c2:d9:2c:fd:02:c2:bf:d6:a5:bf:00:08:ef:82:f4:
8c:87:6c:d4:66:34:a0:c9:90:58:cf:53:ae:dc:a6:3c:30:63:
b0:92:a5:c3:2d:67:22:68:19:a5:b9:65:21:05:71:c0:ec:28:
34:07:31:06:1e:ac:d8:80:58:e5:9a:1e:0d:08:2e:eb:a3:8a:
8d:a4:5f:58:09:7f:6b:09:e8:e4:e0:92:77:35:b7:bd:ee:95:
7f:6a:0d:f2:84:1d:8c:03:fa:bc:74:45:a0:fb:68:e6:a3:1d:
eb:93:c8:ba:84:7c:41:1f:4e:38:c8:48:31:63:43:a3:a1:a6:
74:05:65:4d:98:d8:12:1f:db:c6:43:c7:85:8c:a1:b2:be:1d:
97:07:df:b1:5d:4e:36:69:2d:a0:c1:e6:36:2e:01:48:5a:d3:
82:2f:05:6a:83:b6:f5:f7:29:ee:72:a9:4e:8a:66:f4:a6:ac:
53:0b:4d:82:cb:ff:76:c2:f1:7d:73:19:5f:de:be:b1:f7:79:
70:20:bc:c6:3b:b2:47:67:bd:3f:ca:85:3a:b3:9c:b6:93:4f:
2c:a1:4d:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakLl2fVMr3LRsbdeZTYES7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTFlMGExMDRiNWIzZGRmMWY1ZDA4ZTdhY2IyYjc5ZTBk
NTY2ZjkwHhcNMjUwNTA2MDYwMDI0WhcNMjUwNTA3MDYwMDI0WjAzMTEwLwYDVQQD
Eyg0ZjY2M2U3ZjJhMDkxZDk3ZmZiZTJkMjk5OTBiYjA2M2YxMDJhOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVq9IzXe+ZcGzDgx5Z9fUoNz2cd3
ZLEcYt31iFtyaer75JgxEAYBPDNYPRtk/kAYxOltqOu+0AbeCgWnOtFb8waxJqqc
Ko+xZ7zyvvnY0jP2RTsnXNQUEG/Xx+roHDJ/7JFOesA1LZVQtzUGpGaM6Tp8090f
4v9KrmVRIoZltdRrUtUc/ZMJoGeZNJSV3+C6L/rg1G21Jeif41MtYq+nl6sbVgnk
EmeRc8D3Wrizrtelj0l9e+ZA4c7cqwGyf7cX4UlJwF74SDZuzYW0OJc/b/0mdHvp
XQZfYnai7YJ/Aqlokti8nE0FT2BJ3S+p5Z9rW2qUeqFzSsP4/ScNJCOV3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9mPn8qCR2X/74tKZkLsGPxAqmqMB8GA1UdIwQY
MBaAFIuR4KEEtbPd8fXQjnrLK3ng1Wb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYt
YThjNTc2MjI0YmEyLzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kZmJmYzQtY2MzZi00NzdjLThkNzYtYThjNTc2MjI0YmEy
LzEvaTVIZ29RUzFzOTN4OWRDT2Vzc3JlZURWWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwJ1fBAot
4NbI8OsejK0XGPn3pJLWNFsdKUEZMHd9hhQQJRjbLxr1wtks/QLCv9alvwAI74L0
jIds1GY0oMmQWM9TrtymPDBjsJKlwy1nImgZpbllIQVxwOwoNAcxBh6s2IBY5Zoe
DQgu66OKjaRfWAl/awno5OCSdzW3ve6Vf2oN8oQdjAP6vHRFoPto5qMd65PIuoR8
QR9OOMhIMWNDo6GmdAVlTZjYEh/bxkPHhYyhsr4dlwffsV1ONmktoMHmNi4BSFrT
gi8FaoO29fcp7nKpTopm9KasUwtNgsv/dsLxfXMZX96+sfd5cCC8xjuyR2e9P8qF
OrOctpNPLKFNrA==
-----END CERTIFICATE-----
Generated at Tue May 6 15:28:57 2025 by rpki-client