Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: SakqRHv6cuEP3jgSgrcS2T6jXFZFd9okLiCLU/kM6+E=
Subject key identifier: F5:B5:82:64:AB:D9:16:EC:90:A3:68:BA:9E:47:A3:F2:D0:03:79:BC
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 0196CA609F841C1B3006F977F7A21BD1450D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 0872
Signing time: Tue 13 May 2025 16:00:52 +0000
Manifest this update: Tue 13 May 2025 16:00:52 +0000
Manifest next update: Wed 14 May 2025 16:00:52 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: Ysxio1krEyFapak70n7jlSy7SC7a8UUsFAdGNh4vZsM=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 16:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ca:60:9f:84:1c:1b:30:06:f9:77:f7:a2:1b:d1:45:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: May 13 16:00:52 2025 GMT
Not After : May 14 16:00:52 2025 GMT
Subject: CN=f5b58264abd916ec90a368ba9e47a3f2d00379bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e3:ea:5c:53:49:dc:cb:f7:52:02:c6:34:18:
2c:7c:ff:4e:a8:46:be:e2:69:f7:fb:63:84:37:ab:
97:0d:d6:81:bf:17:d2:76:9d:d9:6d:82:19:8b:9b:
89:aa:a6:5c:eb:8d:52:66:77:59:7f:a7:5b:66:9f:
6d:dc:53:86:f5:3d:f4:06:b3:b4:bf:d0:91:bb:1b:
67:7e:5e:c2:34:7b:0c:44:be:e2:49:4c:be:56:83:
0c:e7:ef:4f:78:33:96:bd:1e:b0:14:70:80:17:a7:
2a:90:ee:85:61:09:ef:5b:13:5d:ce:0b:9a:ce:b7:
28:f2:34:a8:be:1d:27:f8:ec:09:e2:75:70:03:2c:
3e:03:f5:ec:98:e9:33:96:b1:c8:cf:aa:fb:a5:25:
a7:37:bf:04:16:f5:8a:0e:15:68:12:2a:4a:89:b0:
f9:8b:8c:d9:e1:b9:99:7a:97:86:c9:29:97:a6:1e:
a5:18:95:4f:1e:f5:91:ef:71:61:4a:e9:ad:77:0e:
42:bd:17:2f:fa:27:e5:66:eb:05:17:9c:f3:02:af:
8c:e6:0f:b6:6f:9e:45:8a:6e:bd:34:3e:aa:64:c4:
76:b3:bb:61:57:c6:9d:e0:32:b4:bb:3a:fe:f2:6e:
cc:42:8d:da:73:20:c0:5f:a3:39:7a:b9:97:23:f0:
9b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B5:82:64:AB:D9:16:EC:90:A3:68:BA:9E:47:A3:F2:D0:03:79:BC
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:ec:e8:99:f5:86:c7:91:0f:56:fb:9f:7f:be:76:14:f3:32:
02:ef:1e:f6:b8:6c:c1:33:18:d6:fd:7b:44:61:1d:86:53:f3:
b0:47:fb:ff:d0:a0:da:f5:7d:78:a1:c8:68:8a:dd:61:1f:5d:
f9:54:9e:a7:f6:cc:dd:bf:0e:95:8c:89:7d:ca:54:e7:21:ff:
2c:07:52:83:e6:b3:2b:69:ae:1f:dd:1f:f0:6a:3b:42:42:62:
db:77:28:39:fc:25:f1:1b:27:9f:87:ff:dd:50:65:ff:d6:d9:
c5:af:62:8c:7a:09:4e:8c:da:17:d3:4e:53:40:48:9d:fa:ee:
f1:65:0c:f5:34:a6:c0:2c:75:cf:47:11:fe:be:ef:5b:e4:70:
65:4a:78:c0:aa:07:01:c3:cc:fb:f4:5b:6c:63:71:f6:70:72:
27:83:e3:02:94:6a:55:1c:95:57:2b:26:d2:80:65:f1:71:a9:
46:79:4b:d2:06:85:d5:64:92:aa:3e:f7:64:a4:d3:dd:15:3a:
1f:57:d0:42:37:38:ba:d9:1c:79:53:b2:cd:ff:4e:79:57:c2:
79:73:4c:e8:bd:56:28:39:1d:d4:20:76:35:82:fb:30:25:47:
55:d6:61:38:50:d7:dc:9a:eb:58:b1:61:a4:fe:c2:c1:3b:51:
bb:dc:3a:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbKYJ+EHBswBvl396Ib0UUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUwNTEzMTYwMDUyWhcNMjUwNTE0MTYwMDUyWjAzMTEwLwYDVQQD
EyhmNWI1ODI2NGFiZDkxNmVjOTBhMzY4YmE5ZTQ3YTNmMmQwMDM3OWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+PqXFNJ3Mv3UgLGNBgsfP9OqEa+
4mn3+2OEN6uXDdaBvxfSdp3ZbYIZi5uJqqZc641SZndZf6dbZp9t3FOG9T30BrO0
v9CRuxtnfl7CNHsMRL7iSUy+VoMM5+9PeDOWvR6wFHCAF6cqkO6FYQnvWxNdzgua
zrco8jSovh0n+OwJ4nVwAyw+A/XsmOkzlrHIz6r7pSWnN78EFvWKDhVoEipKibD5
i4zZ4bmZepeGySmXph6lGJVPHvWR73FhSumtdw5CvRcv+iflZusFF5zzAq+M5g+2
b55Fim69ND6qZMR2s7thV8ad4DK0uzr+8m7MQo3acyDAX6M5ermXI/CbXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPW1gmSr2RbskKNoup5Ho/LQA3m8MB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjOzomfWG
x5EPVvuff752FPMyAu8e9rhswTMY1v17RGEdhlPzsEf7/9Cg2vV9eKHIaIrdYR9d
+VSep/bM3b8OlYyJfcpU5yH/LAdSg+azK2muH90f8Go7QkJi23coOfwl8Rsnn4f/
3VBl/9bZxa9ijHoJTozaF9NOU0BInfru8WUM9TSmwCx1z0cR/r7vW+RwZUp4wKoH
AcPM+/RbbGNx9nByJ4PjApRqVRyVVysm0oBl8XGpRnlL0gaF1WSSqj73ZKTT3RU6
H1fQQjc4utkceVOyzf9OeVfCeXNM6L1WKDkd1CB2NYL7MCVHVdZhOFDX3JrrWLFh
pP7CwTtRu9w6Cw==
-----END CERTIFICATE-----
Generated at Wed May 14 01:50:38 2025 by rpki-client