Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
File: zRQ2kCMKRApot6iqmCefL2Xf7ig.mft (raw, json)
Hash identifier: qMOMdIgcUq3/gAxBBLykcb6EAPcKdOZ8AGQ1p66feHs=
Subject key identifier: E8:91:0B:36:E2:56:16:25:39:4C:4D:4F:DF:A3:72:DD:3F:A6:04:03
Authority key identifier: CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
Certificate issuer: /CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Certificate serial: 01969E9B36CBFBFDD2188370491D2279601F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
Manifest number: 1226
Signing time: Mon 05 May 2025 04:01:34 +0000
Manifest this update: Mon 05 May 2025 04:01:34 +0000
Manifest next update: Tue 06 May 2025 04:01:34 +0000
Files and hashes: 1: vHQRV0jRUXExLLAYBdY2ODpzWoo.roa (hash: 7UhAMCr3OjHllJdnfdmjdJInrKVauXU3M4e5nn0fWuA=)
2: zRQ2kCMKRApot6iqmCefL2Xf7ig.crl (hash: lVhwRwC7k67752z7leIewtAZ6gmgp2PYR0usIpUbIRA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9e:9b:36:cb:fb:fd:d2:18:83:70:49:1d:22:79:60:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Validity
Not Before: May 5 04:01:34 2025 GMT
Not After : May 6 04:01:34 2025 GMT
Subject: CN=e8910b36e2561625394c4d4fdfa372dd3fa60403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6b:5c:0a:66:35:2c:c9:03:b0:f8:87:7e:65:
0f:da:b2:cd:5b:25:5b:9b:e2:1d:d3:59:e5:83:08:
2a:dd:9a:c4:d4:38:d0:68:d3:c7:84:c9:d1:67:ce:
69:81:73:87:f2:42:96:50:17:50:53:b3:5b:09:a5:
18:98:0e:5e:d7:b0:9d:ff:f3:3e:eb:0c:77:16:c8:
e7:d8:68:2c:49:75:ff:5f:73:f8:8d:56:b2:ca:20:
a5:40:52:d5:25:07:df:af:2e:5f:73:42:94:7b:1c:
e0:a8:bb:e7:e8:2c:34:f4:93:8f:9c:8c:d4:b7:d4:
a6:cb:35:4a:a5:e6:44:41:b3:b8:3e:24:a3:a3:3e:
fa:2a:d2:90:63:48:fe:92:3c:d7:cd:ff:d2:92:6b:
6b:c0:17:39:b8:66:b2:3d:99:ba:0e:50:59:51:28:
6c:17:e0:54:32:d1:b3:0b:75:6e:e2:e0:30:85:aa:
ff:0a:ca:7c:7d:52:26:69:5d:e3:72:b1:dd:16:c8:
06:c8:20:1e:ce:a2:4f:f1:b6:08:bd:76:c8:2f:1b:
66:dc:9a:23:50:39:7d:a1:93:53:e7:ba:f4:e6:cd:
49:cd:ae:3f:1e:18:2c:c6:01:65:89:d5:43:0f:0b:
c7:fa:54:ce:45:06:b9:66:be:2e:0e:93:29:96:3a:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:91:0B:36:E2:56:16:25:39:4C:4D:4F:DF:A3:72:DD:3F:A6:04:03
X509v3 Authority Key Identifier:
keyid:CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:89:52:fe:fb:f0:eb:7a:49:4b:f4:06:81:07:e0:e5:c2:7d:
01:e4:65:3f:5d:d8:5a:d7:d4:c8:c0:19:d9:fc:27:9e:90:c5:
54:8d:17:c0:b4:1f:30:fd:81:a0:c6:e4:35:40:f1:4c:cc:60:
f1:ff:e5:fc:6c:25:4c:cf:e3:f6:03:0a:be:22:ca:05:e8:93:
1f:56:bb:d6:84:ca:2f:a9:f0:0e:8c:83:2e:e1:e1:54:db:64:
82:d1:76:98:56:cb:d0:bf:1c:e7:ca:65:0b:7d:43:e2:1a:2e:
00:f8:83:32:c2:24:33:2b:fb:fa:71:78:b7:09:d8:4a:05:3b:
8e:9d:5b:e1:4d:26:69:c1:2c:15:a8:a2:c7:96:5e:c8:08:1c:
02:e3:bc:ce:6c:95:ed:de:68:c0:54:72:03:8d:02:6d:e2:8d:
7d:33:cc:1f:39:e0:e3:91:fb:fb:53:77:69:db:69:c8:c3:95:
27:c2:a2:a8:bf:6f:20:24:39:79:ff:77:55:44:a1:4a:15:3a:
94:6f:24:f0:d0:c5:66:05:58:9b:61:cd:8d:80:f3:33:1a:39:
8b:fe:c6:e7:77:70:50:14:69:10:5c:e7:cc:48:8d:07:89:f2:
42:10:78:6f:d9:28:16:fe:84:4e:31:91:b0:d0:1a:4d:5b:3f:
29:81:ab:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemzbL+/3SGINwSR0ieWAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTQzNjkwMjMwYTQ0MGE2OGI3YThhYTk4Mjc5ZjJmNjVk
ZmVlMjgwHhcNMjUwNTA1MDQwMTM0WhcNMjUwNTA2MDQwMTM0WjAzMTEwLwYDVQQD
EyhlODkxMGIzNmUyNTYxNjI1Mzk0YzRkNGZkZmEzNzJkZDNmYTYwNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02tcCmY1LMkDsPiHfmUP2rLNWyVb
m+Id01nlgwgq3ZrE1DjQaNPHhMnRZ85pgXOH8kKWUBdQU7NbCaUYmA5e17Cd//M+
6wx3Fsjn2GgsSXX/X3P4jVayyiClQFLVJQffry5fc0KUexzgqLvn6Cw09JOPnIzU
t9SmyzVKpeZEQbO4PiSjoz76KtKQY0j+kjzXzf/SkmtrwBc5uGayPZm6DlBZUShs
F+BUMtGzC3Vu4uAwhar/Csp8fVImaV3jcrHdFsgGyCAezqJP8bYIvXbILxtm3Joj
UDl9oZNT57r05s1Jza4/HhgsxgFlidVDDwvH+lTORQa5Zr4uDpMpljoI+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiRCzbiVhYlOUxNT9+jct0/pgQDMB8GA1UdIwQY
MBaAFM0UNpAjCkQKaLeoqpgnny9l3+4oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAt
OGVlM2Q5OGNhZDViLzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAtOGVlM2Q5OGNhZDVi
LzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWolS/vvw
63pJS/QGgQfg5cJ9AeRlP13YWtfUyMAZ2fwnnpDFVI0XwLQfMP2BoMbkNUDxTMxg
8f/l/GwlTM/j9gMKviLKBeiTH1a71oTKL6nwDoyDLuHhVNtkgtF2mFbL0L8c58pl
C31D4houAPiDMsIkMyv7+nF4twnYSgU7jp1b4U0macEsFaiix5ZeyAgcAuO8zmyV
7d5owFRyA40CbeKNfTPMHzng45H7+1N3adtpyMOVJ8KiqL9vICQ5ef93VUShShU6
lG8k8NDFZgVYm2HNjYDzMxo5i/7G53dwUBRpEFznzEiNB4nyQhB4b9koFv6ETjGR
sNAaTVs/KYGrOw==
-----END CERTIFICATE-----
Generated at Mon May 5 10:50:37 2025 by rpki-client