Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json)
Hash identifier: Gbb28dG9+HW9TYk1lv4AWS25/N+tw7mSY8aVP6kxdn0=
Subject key identifier: 78:39:3C:E9:A2:A5:E1:EF:68:79:EA:87:3C:E5:AD:03:DF:E0:24:86
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 01969CE2B65A26D3DE8106F9DCA70DD2324F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
Manifest number: 1524
Signing time: Sun 04 May 2025 20:00:25 +0000
Manifest this update: Sun 04 May 2025 20:00:25 +0000
Manifest next update: Mon 05 May 2025 20:00:25 +0000
Files and hashes: 1: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (hash: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=)
2: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: PBBF4ljp4ey5S2YT5DRAu2LeJ3e3BK+hTo46vuj9tjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9c:e2:b6:5a:26:d3:de:81:06:f9:dc:a7:0d:d2:32:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: May 4 20:00:25 2025 GMT
Not After : May 5 20:00:25 2025 GMT
Subject: CN=78393ce9a2a5e1ef6879ea873ce5ad03dfe02486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:45:24:8b:73:5b:ba:0a:6b:d8:a3:ed:67:f0:
71:58:50:d7:bb:c8:a3:27:b0:1e:9b:31:07:c0:41:
a3:ab:e2:8c:3c:55:ae:d5:15:fe:d7:5f:7e:0f:0c:
75:8a:ef:4a:3d:ee:9c:bc:a0:69:d0:5b:0b:63:9f:
9b:46:e6:96:e9:60:3f:f6:f9:c4:78:4f:76:fd:38:
ef:53:36:aa:de:13:d4:ab:91:ea:a5:29:a6:06:a8:
ef:58:f9:4d:ea:db:05:e2:e3:b9:7a:b8:5a:a7:aa:
21:f3:f1:ef:3a:00:3d:5a:d4:85:87:17:5d:a4:e6:
97:e3:7f:af:b8:f7:68:96:96:62:e2:bc:c1:41:59:
48:25:53:48:5f:e9:b9:20:3d:2d:47:ca:6e:10:b3:
24:ac:85:07:74:9b:d5:a9:1c:e3:4b:44:e0:f9:fc:
ac:27:3e:0f:c7:c6:8c:d3:50:12:1d:98:31:40:dc:
de:1b:0c:ea:d0:0c:00:83:87:57:59:ff:43:05:45:
e9:43:88:e6:34:22:09:e7:f4:b1:85:35:13:4b:62:
98:46:47:43:96:7e:d9:c6:a9:3c:56:10:b9:b1:b4:
d2:e0:8e:58:9e:77:ad:80:6a:1e:30:8d:44:20:3d:
29:71:f3:58:88:e0:e3:18:70:5c:44:7a:08:6c:54:
83:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:39:3C:E9:A2:A5:E1:EF:68:79:EA:87:3C:E5:AD:03:DF:E0:24:86
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:89:12:ae:4d:b8:30:7d:54:c6:80:ac:cb:04:24:8f:67:95:
3f:be:1e:78:37:2a:c6:3a:49:d0:67:45:61:62:79:c4:9a:e6:
3d:86:d4:32:07:32:f4:8c:90:eb:c7:64:eb:fd:92:8a:da:0e:
54:d2:17:9d:88:ab:da:0b:ee:03:04:92:90:e7:fc:0d:a5:d2:
e8:ee:53:3b:02:87:f6:55:c5:11:1e:e4:a9:c0:97:ad:75:9f:
77:87:87:ca:68:f5:ff:72:ce:fc:7f:6c:39:ac:a1:65:19:bf:
5c:b0:70:f5:89:d3:c2:5e:97:9d:26:b9:58:b7:d8:5f:b8:be:
44:62:af:8e:e5:1c:99:f7:f1:fd:67:9c:f8:7c:05:58:83:ad:
52:6f:bc:8e:c1:f8:bc:e4:24:df:92:11:86:66:15:fe:70:64:
60:7f:5f:51:9d:c7:85:25:26:8c:50:59:17:7d:4a:0e:30:f5:
6d:5a:49:36:25:89:f9:0d:ae:a9:88:db:69:4f:15:55:d8:79:
ce:1b:50:ed:aa:ce:18:3a:89:9c:ab:53:66:ac:f3:2a:26:e8:
38:e7:6a:b0:4c:64:5e:73:a1:50:6e:1e:a1:25:7e:6e:2d:41:
ac:11:41:2e:52:a2:47:80:8a:0d:5f:35:97:1c:13:00:07:f6:
21:08:0f:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZac4rZaJtPegQb53KcN0jJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjUwNTA0MjAwMDI1WhcNMjUwNTA1MjAwMDI1WjAzMTEwLwYDVQQD
Eyg3ODM5M2NlOWEyYTVlMWVmNjg3OWVhODczY2U1YWQwM2RmZTAyNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0Uki3Nbugpr2KPtZ/BxWFDXu8ij
J7AemzEHwEGjq+KMPFWu1RX+119+Dwx1iu9KPe6cvKBp0FsLY5+bRuaW6WA/9vnE
eE92/TjvUzaq3hPUq5HqpSmmBqjvWPlN6tsF4uO5erhap6oh8/HvOgA9WtSFhxdd
pOaX43+vuPdolpZi4rzBQVlIJVNIX+m5ID0tR8puELMkrIUHdJvVqRzjS0Tg+fys
Jz4Px8aM01ASHZgxQNzeGwzq0AwAg4dXWf9DBUXpQ4jmNCIJ5/SxhTUTS2KYRkdD
ln7Zxqk8VhC5sbTS4I5YnnetgGoeMI1EID0pcfNYiODjGHBcRHoIbFSDvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHg5POmipeHvaHnqhzzlrQPf4CSGMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjokSrk24
MH1UxoCsywQkj2eVP74eeDcqxjpJ0GdFYWJ5xJrmPYbUMgcy9IyQ68dk6/2SitoO
VNIXnYir2gvuAwSSkOf8DaXS6O5TOwKH9lXFER7kqcCXrXWfd4eHymj1/3LO/H9s
OayhZRm/XLBw9YnTwl6XnSa5WLfYX7i+RGKvjuUcmffx/Wec+HwFWIOtUm+8jsH4
vOQk35IRhmYV/nBkYH9fUZ3HhSUmjFBZF31KDjD1bVpJNiWJ+Q2uqYjbaU8VVdh5
zhtQ7arOGDqJnKtTZqzzKiboOOdqsExkXnOhUG4eoSV+bi1BrBFBLlKiR4CKDV81
lxwTAAf2IQgPlw==
-----END CERTIFICATE-----
Generated at Mon May 5 06:10:02 2025 by rpki-client