Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: HQKqIUi2mTr/t3BGwfOIEgXjxcHT5rIBSEr7Lm7qdMY=
Subject key identifier: 31:FC:8D:F5:89:E4:7F:84:38:17:84:3C:F2:2E:DF:76:F2:C5:90:B2
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 0196C53A2D2A5BAA115D0EAA1A132D019E2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 025A
Signing time: Mon 12 May 2025 16:00:46 +0000
Manifest this update: Mon 12 May 2025 16:00:46 +0000
Manifest next update: Tue 13 May 2025 16:00:46 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: 0EqzQBl2ABchjs90Cs+bOX7iDeuxF13TUlfWYLDTBk0=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:3a:2d:2a:5b:aa:11:5d:0e:aa:1a:13:2d:01:9e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: May 12 16:00:46 2025 GMT
Not After : May 13 16:00:46 2025 GMT
Subject: CN=31fc8df589e47f843817843cf22edf76f2c590b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:31:07:59:9d:ef:d6:0c:4c:21:3c:55:c7:f1:
d4:62:3b:ef:f2:b1:ab:f9:ba:40:f3:46:21:6a:da:
e0:2d:b2:20:41:6e:24:71:ec:23:1a:63:46:e8:bc:
7d:ba:03:9d:1e:e3:25:6d:14:2c:43:f1:b3:52:dd:
bc:21:90:16:c8:3f:1b:7b:f3:8b:3b:df:76:b1:c4:
2f:70:91:ec:57:5d:4c:00:a8:3f:75:c4:6a:50:a7:
60:06:76:1c:88:69:84:0e:04:5f:dd:c1:f2:99:9b:
2d:9e:d0:46:f1:20:1d:c5:4a:3a:a6:37:07:55:d4:
65:31:60:56:0f:0c:3b:2e:3d:47:ca:18:11:8c:0e:
68:49:8a:b9:fb:64:7b:0a:8c:fa:da:ad:30:a3:9d:
0c:e3:64:52:98:24:14:58:31:a4:9e:bf:5f:8f:37:
d2:e5:ae:97:77:90:2a:fd:c2:12:2f:9e:66:58:1c:
3b:94:18:07:df:de:63:bf:53:bd:46:1a:11:2c:b7:
87:0e:c6:88:ae:e0:98:0d:5d:75:68:7c:a3:0c:25:
ee:75:12:f7:14:c4:4b:ed:c9:b3:79:f7:ad:25:cf:
6f:88:9d:4a:39:60:9e:99:60:65:32:14:cb:9f:b5:
38:96:43:50:70:4e:dd:8c:e4:c0:d1:7a:fe:2c:70:
e9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FC:8D:F5:89:E4:7F:84:38:17:84:3C:F2:2E:DF:76:F2:C5:90:B2
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:e7:27:73:03:a7:ab:b6:46:a4:71:bc:2e:95:09:30:32:41:
72:bc:74:f4:ec:42:8f:45:6f:79:14:8e:8c:24:20:ed:ad:92:
80:28:9a:45:c9:0c:5e:1a:af:70:88:09:9d:cd:4d:db:4d:63:
24:1d:b9:b4:82:9b:84:9a:26:db:e8:3f:df:cc:ce:58:e1:82:
7e:ec:7d:ab:30:c3:f4:10:19:22:c7:28:5b:a2:e2:5e:99:32:
2d:5c:c3:5a:0c:36:27:32:c1:87:e3:d1:b7:d3:a0:17:48:37:
a7:65:dc:e5:fa:6a:f9:93:ed:d4:5e:d7:36:a1:6d:b2:90:87:
cd:f9:bf:06:2a:0c:3c:74:dc:23:96:3a:1f:98:3a:84:5e:a5:
53:71:9f:2b:23:c6:94:80:84:62:5a:90:dd:53:3a:0e:10:17:
37:37:c2:db:bc:7e:64:1d:31:2c:80:8e:d0:95:94:3b:49:a3:
45:16:ce:33:41:f8:ee:a7:53:e3:5f:3a:9f:23:58:d1:5f:4d:
a5:f6:cd:0d:58:e6:27:c0:e2:dc:ba:c9:d4:7a:71:9d:c4:4f:
95:e0:27:fc:e1:12:0c:44:c0:9d:9f:bf:ca:86:01:a5:94:71:
a4:25:73:ac:a2:25:2c:13:88:22:97:00:b4:a8:e2:88:21:86:
48:3f:3f:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOi0qW6oRXQ6qGhMtAZ4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUwNTEyMTYwMDQ2WhcNMjUwNTEzMTYwMDQ2WjAzMTEwLwYDVQQD
EygzMWZjOGRmNTg5ZTQ3Zjg0MzgxNzg0M2NmMjJlZGY3NmYyYzU5MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjEHWZ3v1gxMITxVx/HUYjvv8rGr
+bpA80YhatrgLbIgQW4kcewjGmNG6Lx9ugOdHuMlbRQsQ/GzUt28IZAWyD8be/OL
O992scQvcJHsV11MAKg/dcRqUKdgBnYciGmEDgRf3cHymZstntBG8SAdxUo6pjcH
VdRlMWBWDww7Lj1HyhgRjA5oSYq5+2R7Coz62q0wo50M42RSmCQUWDGknr9fjzfS
5a6Xd5Aq/cISL55mWBw7lBgH395jv1O9RhoRLLeHDsaIruCYDV11aHyjDCXudRL3
FMRL7cmzefetJc9viJ1KOWCemWBlMhTLn7U4lkNQcE7djOTA0Xr+LHDpowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDH8jfWJ5H+EOBeEPPIu33byxZCyMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+cncwOn
q7ZGpHG8LpUJMDJBcrx09OxCj0VveRSOjCQg7a2SgCiaRckMXhqvcIgJnc1N201j
JB25tIKbhJom2+g/38zOWOGCfux9qzDD9BAZIscoW6LiXpkyLVzDWgw2JzLBh+PR
t9OgF0g3p2Xc5fpq+ZPt1F7XNqFtspCHzfm/BioMPHTcI5Y6H5g6hF6lU3GfKyPG
lICEYlqQ3VM6DhAXNzfC27x+ZB0xLICO0JWUO0mjRRbOM0H47qdT4186nyNY0V9N
pfbNDVjmJ8Di3LrJ1HpxncRPleAn/OESDETAnZ+/yoYBpZRxpCVzrKIlLBOIIpcA
tKjiiCGGSD8/8g==
-----END CERTIFICATE-----
Generated at Mon May 12 19:55:45 2025 by rpki-client