Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
File: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft (raw, json)
Hash identifier: qphD8bVml4t29Q2OdlOja/TWRBQ9wndHaQAWrHzQZDw=
Subject key identifier: D6:66:59:70:EB:6E:E3:15:ED:FB:8F:1A:A6:95:31:03:B3:2D:FF:96
Authority key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Certificate issuer: /CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Certificate serial: 0196C5A7D080C3BA432723C5746A27ECE623
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
Manifest number: 0D19
Signing time: Mon 12 May 2025 18:00:31 +0000
Manifest this update: Mon 12 May 2025 18:00:31 +0000
Manifest next update: Tue 13 May 2025 18:00:31 +0000
Files and hashes: 1: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl (hash: 6vLYtvJu5GhUJmAC0FHXIuZrQqzu1IUek5/li+ciLbo=)
2: C9mugrtzW_-CpWlbrAzn7HLndJs.roa (hash: us/IF6tfe4s5IdJAAyc5z0B0e23waKBVaik+zvz/TyQ=)
3: yll503ISaq2wNzfEAk_Qb_MtGbg.roa (hash: LYtS+Gvc0u0aK5E+MP2oP4ZNnIbSc6rSwiTMseFfpYs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:a7:d0:80:c3:ba:43:27:23:c5:74:6a:27:ec:e6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Validity
Not Before: May 12 18:00:31 2025 GMT
Not After : May 13 18:00:31 2025 GMT
Subject: CN=d6665970eb6ee315edfb8f1aa6953103b32dff96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c7:1b:0b:b9:70:fd:18:e5:46:7e:ac:9d:0f:
e1:c6:76:a5:0e:0c:21:51:4e:0b:9f:ac:69:41:32:
a8:60:4a:f5:40:14:af:18:3f:08:68:ea:fb:7e:9f:
17:82:53:99:2e:0e:e6:34:94:2f:93:28:7b:e6:d8:
93:e9:4c:83:f0:5c:8d:1a:c5:9e:06:a5:73:14:1e:
3e:67:78:83:3d:e9:6a:48:f7:43:4d:d8:f3:10:69:
61:ea:80:04:89:67:30:93:e5:9e:b3:d2:b1:c9:21:
a2:33:fe:66:86:58:3a:af:c4:66:29:36:81:9f:15:
57:ee:2c:d1:e6:bd:53:23:fd:6e:aa:fe:0d:00:18:
3f:b3:01:74:12:a9:01:e8:c1:bb:47:ba:62:93:c5:
d6:cf:1d:b9:94:e2:31:1b:3c:15:a2:e3:f9:4b:0c:
90:81:fd:d7:62:f6:37:ed:40:81:ad:d8:7f:50:9c:
10:40:9b:13:4f:23:cd:92:17:3e:04:cc:e2:17:58:
3d:d6:f9:2c:1e:c6:10:ae:50:8e:12:b9:8d:7e:dd:
e3:f4:75:bc:ef:46:c9:a7:62:18:45:5f:14:e6:0c:
2b:e5:a9:34:b4:de:34:fb:af:93:23:e6:d8:7a:4e:
de:72:6d:ac:b3:3b:65:ed:ad:a7:25:b2:47:7d:42:
40:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:66:59:70:EB:6E:E3:15:ED:FB:8F:1A:A6:95:31:03:B3:2D:FF:96
X509v3 Authority Key Identifier:
keyid:DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:77:29:ca:7f:1c:68:61:a0:37:d8:fd:23:a6:09:23:c5:c5:
1d:e0:98:ed:8c:14:95:74:67:b5:16:77:c4:dc:d1:e1:d7:c9:
92:10:44:0d:26:c6:8b:77:30:05:7e:71:0a:08:e6:fd:c5:21:
3b:5e:f4:dd:c0:24:83:bf:a8:58:3a:69:e9:a5:a9:f8:88:35:
db:ec:aa:26:07:b9:28:08:67:e7:c1:f5:10:9e:ba:de:59:79:
f4:6b:bb:42:18:d5:ca:68:f4:9b:ea:0e:24:a6:32:85:50:c1:
d6:24:fc:31:37:f4:cc:32:db:3c:02:f1:69:6b:2c:b2:be:ad:
e5:86:2b:c6:96:26:3b:37:c5:f0:7a:58:83:28:06:7f:96:8a:
b7:4f:37:5b:09:b7:a8:d8:20:26:7f:7b:cc:bb:32:8c:c5:4c:
af:ce:06:5e:21:4e:22:20:92:5b:35:ac:c0:2c:ad:ed:34:2e:
1b:bd:9e:2f:e7:e7:9f:0a:a0:74:16:d3:10:8a:9e:1a:f8:91:
1a:22:a6:f0:aa:72:1d:78:f4:f4:26:36:42:f1:94:92:ba:92:
9c:a0:b2:f3:60:cd:ef:98:e7:21:e0:47:61:e7:ea:8e:fc:29:
e1:8e:46:27:5a:9e:0d:3d:20:93:74:ff:69:f5:1b:74:d0:f7:
57:28:4d:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFp9CAw7pDJyPFdGon7OYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjkxNzY0NWQ5ZDIyMDQzNWY5MWM3ZTQ2YzgxMTBjZjg5
YWNiZTQwHhcNMjUwNTEyMTgwMDMxWhcNMjUwNTEzMTgwMDMxWjAzMTEwLwYDVQQD
EyhkNjY2NTk3MGViNmVlMzE1ZWRmYjhmMWFhNjk1MzEwM2IzMmRmZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8cbC7lw/RjlRn6snQ/hxnalDgwh
UU4Ln6xpQTKoYEr1QBSvGD8IaOr7fp8XglOZLg7mNJQvkyh75tiT6UyD8FyNGsWe
BqVzFB4+Z3iDPelqSPdDTdjzEGlh6oAEiWcwk+Wes9KxySGiM/5mhlg6r8RmKTaB
nxVX7izR5r1TI/1uqv4NABg/swF0EqkB6MG7R7pik8XWzx25lOIxGzwVouP5SwyQ
gf3XYvY37UCBrdh/UJwQQJsTTyPNkhc+BMziF1g91vksHsYQrlCOErmNft3j9HW8
70bJp2IYRV8U5gwr5ak0tN40+6+TI+bYek7ecm2ssztl7a2nJbJHfUJAYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZmWXDrbuMV7fuPGqaVMQOzLf+WMB8GA1UdIwQY
MBaAFNxpF2RdnSIENfkcfkbIEQz4msvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2Et
NDI4YmU5MDA4ZmJhLzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2EtNDI4YmU5MDA4ZmJh
LzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3cpyn8c
aGGgN9j9I6YJI8XFHeCY7YwUlXRntRZ3xNzR4dfJkhBEDSbGi3cwBX5xCgjm/cUh
O1703cAkg7+oWDpp6aWp+Ig12+yqJge5KAhn58H1EJ663ll59Gu7QhjVymj0m+oO
JKYyhVDB1iT8MTf0zDLbPALxaWsssr6t5YYrxpYmOzfF8HpYgygGf5aKt083Wwm3
qNggJn97zLsyjMVMr84GXiFOIiCSWzWswCyt7TQuG72eL+fnnwqgdBbTEIqeGviR
GiKm8KpyHXj09CY2QvGUkrqSnKCy82DN75jnIeBHYefqjvwp4Y5GJ1qeDT0gk3T/
afUbdND3VyhNLg==
-----END CERTIFICATE-----
Generated at Mon May 12 23:58:07 2025 by rpki-client