Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/UpNDI1WBz0EEGQ2noMoXS5wNC9U.mft
File: UpNDI1WBz0EEGQ2noMoXS5wNC9U.mft (raw, json)
Hash identifier: sYC2rcvlskUoDagucqjcwmT7wUa4ncwfhUm1KKme468=
Subject key identifier: CA:20:E2:FE:7C:8D:E0:73:BD:91:F1:AD:94:45:FA:A8:96:AF:BD:58
Authority key identifier: 52:93:43:23:55:81:CF:41:04:19:0D:A7:A0:CA:17:4B:9C:0D:0B:D5
Certificate issuer: /CN=529343235581cf4104190da7a0ca174b9c0d0bd5
Certificate serial: 0196BFDC7018DB79DB3608681B0EDFD409D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpNDI1WBz0EEGQ2noMoXS5wNC9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/UpNDI1WBz0EEGQ2noMoXS5wNC9U.mft
Manifest number: 0D95
Signing time: Sun 11 May 2025 15:00:16 +0000
Manifest this update: Sun 11 May 2025 15:00:16 +0000
Manifest next update: Mon 12 May 2025 15:00:16 +0000
Files and hashes: 1: 6O-rdAPfJL5ja0fsAq0cDrxpBv4.roa (hash: 6xTcUx7aYzPFSdoIn+1iA2U6ilYMmAiW4t3gwfarhms=)
2: UpNDI1WBz0EEGQ2noMoXS5wNC9U.crl (hash: 30FNrPARoadjpR3aNHVeYYl5rhGTcL4Z52lCE/fWjNk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/UpNDI1WBz0EEGQ2noMoXS5wNC9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/UpNDI1WBz0EEGQ2noMoXS5wNC9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/UpNDI1WBz0EEGQ2noMoXS5wNC9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 15:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bf:dc:70:18:db:79:db:36:08:68:1b:0e:df:d4:09:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529343235581cf4104190da7a0ca174b9c0d0bd5
Validity
Not Before: May 11 15:00:16 2025 GMT
Not After : May 12 15:00:16 2025 GMT
Subject: CN=ca20e2fe7c8de073bd91f1ad9445faa896afbd58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:59:a9:3c:77:82:5e:61:4e:98:53:dd:42:d6:
e2:87:61:20:d2:87:e0:33:1e:b6:35:38:b8:92:ad:
11:46:e6:d9:17:b4:ae:a0:fe:38:58:74:45:e7:4f:
73:32:18:eb:a3:79:94:8e:53:b1:42:38:ed:05:ed:
25:03:9a:98:e4:3b:3b:e5:ab:17:12:75:8b:cc:1c:
31:69:3b:35:30:26:d1:16:62:b5:1c:94:1b:fa:83:
b2:26:fa:c1:79:26:8a:49:a7:da:f2:2c:f4:e6:df:
f8:7c:55:67:e9:81:2c:e1:6d:32:48:e4:2a:6a:3a:
2e:2f:84:f3:1b:2f:1c:c4:80:73:b7:92:2e:ce:45:
16:98:cd:6c:48:1a:e0:a7:b4:6d:26:b7:62:c7:c0:
1e:40:ae:4f:89:25:b2:d6:51:fd:50:4a:ca:da:98:
9a:dd:11:c1:00:be:8d:b6:4a:6e:f4:57:55:e4:6c:
c9:7e:75:ce:05:db:ef:20:58:83:81:3d:06:90:07:
45:bc:ec:09:0d:04:65:73:be:e8:46:85:71:fd:2f:
13:73:ba:f5:52:17:61:44:60:ce:06:d2:38:6c:ef:
e7:b6:7a:25:34:ea:4d:0a:78:09:bf:5d:9c:24:b5:
7c:2b:f6:bc:31:36:7a:a2:45:a4:ad:ee:7d:27:be:
38:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:20:E2:FE:7C:8D:E0:73:BD:91:F1:AD:94:45:FA:A8:96:AF:BD:58
X509v3 Authority Key Identifier:
keyid:52:93:43:23:55:81:CF:41:04:19:0D:A7:A0:CA:17:4B:9C:0D:0B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpNDI1WBz0EEGQ2noMoXS5wNC9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/UpNDI1WBz0EEGQ2noMoXS5wNC9U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/fbbf8d-2c43-429d-b5cd-fcc220644558/1/UpNDI1WBz0EEGQ2noMoXS5wNC9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:38:66:9d:e0:5c:ae:64:7e:00:08:20:2f:31:5e:66:69:94:
aa:4b:29:3a:41:b8:5e:e2:1e:51:ae:86:97:3f:b9:3e:fc:4c:
a2:29:da:4a:18:0d:49:e8:c6:56:3e:2f:12:21:6f:82:d6:78:
08:e8:0e:8c:2e:42:a2:44:23:d6:7d:e6:05:a2:fc:84:eb:7e:
7f:0b:7e:c4:80:52:ed:b2:0a:3b:6d:c4:56:b7:30:ab:3e:9d:
bc:34:68:d8:c5:be:46:c0:aa:21:6c:f7:d8:44:a5:ef:99:1f:
98:82:0c:93:2e:f9:40:2e:b7:f6:85:1b:b2:f6:2b:a9:a7:88:
17:56:40:32:11:78:31:a6:2d:61:4f:60:13:93:e0:e0:9b:1b:
67:cf:7f:5b:e1:bc:e2:b5:15:90:6b:ce:34:8b:5d:d6:d3:c0:
fc:57:ca:f8:41:46:c8:25:77:d6:9d:4a:18:17:e9:ae:22:89:
4b:89:15:be:65:57:5b:01:47:7c:c4:91:e9:1c:53:20:69:0f:
00:f1:0d:7e:38:56:c0:95:6a:ee:31:e3:e0:e7:c7:bb:6d:fc:
2e:03:39:82:e6:c7:d6:00:15:15:00:03:5a:4e:91:3f:d1:da:
de:2c:22:f2:59:ee:75:b0:92:7a:95:03:29:0d:df:de:1a:4d:
4e:dd:3d:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3HAY23nbNghoGw7f1AnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOTM0MzIzNTU4MWNmNDEwNDE5MGRhN2EwY2ExNzRiOWMw
ZDBiZDUwHhcNMjUwNTExMTUwMDE2WhcNMjUwNTEyMTUwMDE2WjAzMTEwLwYDVQQD
EyhjYTIwZTJmZTdjOGRlMDczYmQ5MWYxYWQ5NDQ1ZmFhODk2YWZiZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFmpPHeCXmFOmFPdQtbih2Eg0ofg
Mx62NTi4kq0RRubZF7SuoP44WHRF509zMhjro3mUjlOxQjjtBe0lA5qY5Ds75asX
EnWLzBwxaTs1MCbRFmK1HJQb+oOyJvrBeSaKSafa8iz05t/4fFVn6YEs4W0ySOQq
ajouL4TzGy8cxIBzt5IuzkUWmM1sSBrgp7RtJrdix8AeQK5PiSWy1lH9UErK2pia
3RHBAL6Ntkpu9FdV5GzJfnXOBdvvIFiDgT0GkAdFvOwJDQRlc77oRoVx/S8Tc7r1
UhdhRGDOBtI4bO/ntnolNOpNCngJv12cJLV8K/a8MTZ6okWkre59J744JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMog4v58jeBzvZHxrZRF+qiWr71YMB8GA1UdIwQY
MBaAFFKTQyNVgc9BBBkNp6DKF0ucDQvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXBOREkxV0J6MEVFR1Eybm9Nb1hTNXdOQzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9mYmJmOGQtMmM0My00MjlkLWI1Y2Qt
ZmNjMjIwNjQ0NTU4LzEvVXBOREkxV0J6MEVFR1Eybm9Nb1hTNXdOQzlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9mYmJmOGQtMmM0My00MjlkLWI1Y2QtZmNjMjIwNjQ0NTU4
LzEvVXBOREkxV0J6MEVFR1Eybm9Nb1hTNXdOQzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDhmneBc
rmR+AAggLzFeZmmUqkspOkG4XuIeUa6Glz+5PvxMoinaShgNSejGVj4vEiFvgtZ4
COgOjC5CokQj1n3mBaL8hOt+fwt+xIBS7bIKO23EVrcwqz6dvDRo2MW+RsCqIWz3
2ESl75kfmIIMky75QC639oUbsvYrqaeIF1ZAMhF4MaYtYU9gE5Pg4JsbZ89/W+G8
4rUVkGvONItd1tPA/FfK+EFGyCV31p1KGBfpriKJS4kVvmVXWwFHfMSR6RxTIGkP
APENfjhWwJVq7jHj4OfHu238LgM5gubH1gAVFQADWk6RP9Ha3iwi8lnudbCSepUD
KQ3f3hpNTt09Cw==
-----END CERTIFICATE-----
Generated at Mon May 12 01:31:15 2025 by rpki-client