Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
File: D9zw7HuvNJ6JLVERXCLA29Q1C44.mft (raw, json)
Hash identifier: FHXk8RkNoQQvFjGQEghcechrtkspTFj3UQRWgGLmmqs=
Subject key identifier: 2A:81:0D:5F:86:C9:1A:B5:DD:AB:00:C4:0B:5C:F9:32:EF:B3:7D:79
Authority key identifier: 0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
Certificate issuer: /CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Certificate serial: 0196C31479E9539914F453955415C207DDCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
Manifest number: 01EF
Signing time: Mon 12 May 2025 06:00:21 +0000
Manifest this update: Mon 12 May 2025 06:00:21 +0000
Manifest next update: Tue 13 May 2025 06:00:21 +0000
Files and hashes: 1: D9zw7HuvNJ6JLVERXCLA29Q1C44.crl (hash: UgPEwySmvzr/wDuj3AeiP1tQ6dmC9Kben8W0yFBYZxU=)
2: LkbZ9NbuqV8kVwW0R6t_W7E36SY.roa (hash: OFwtZ8nR+nHbeTcy4UO/g/3elRZlu1GMxchq0zT/W/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:14:79:e9:53:99:14:f4:53:95:54:15:c2:07:dd:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Validity
Not Before: May 12 06:00:21 2025 GMT
Not After : May 13 06:00:21 2025 GMT
Subject: CN=2a810d5f86c91ab5ddab00c40b5cf932efb37d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7c:60:1d:0e:00:a6:76:5d:43:02:06:3f:a7:
6a:a5:d2:ef:86:24:15:53:8d:3f:29:c7:37:93:f1:
07:8a:18:82:9d:7b:01:bb:87:9a:ac:ec:6e:55:d2:
85:3b:2f:06:2a:d1:0c:b7:51:82:2c:15:cf:1f:78:
2c:0f:6f:b3:82:74:61:bf:2b:b4:5f:30:82:af:94:
4a:a5:ea:95:06:7c:58:e8:f3:d1:2a:ac:a5:19:b4:
ca:7b:52:f9:62:c5:ad:f6:59:1c:43:f5:4c:6e:3b:
09:9d:85:d5:e1:10:cf:d6:51:41:c3:58:31:e0:dd:
23:06:f3:e8:52:82:c6:73:49:5a:2f:7b:93:66:d1:
ea:49:72:32:dd:9d:08:51:56:78:dc:6b:7e:4b:cf:
49:6f:9a:9e:cd:cd:a5:4c:be:79:2a:61:a1:17:26:
f4:6e:93:4b:04:21:e1:b0:20:ce:2e:a7:d4:fa:d3:
2a:f0:fa:c5:83:ba:db:45:77:6e:94:87:aa:f0:14:
58:f4:80:48:4f:85:04:c5:d1:c4:89:b4:be:52:87:
89:72:12:52:28:9d:ac:7b:1b:7f:b5:6c:39:33:55:
73:87:c4:ab:25:a6:87:dd:82:7e:a1:a5:b0:76:49:
00:e7:f1:9b:37:e6:fe:4f:dd:17:ff:36:4b:f1:c8:
01:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:81:0D:5F:86:C9:1A:B5:DD:AB:00:C4:0B:5C:F9:32:EF:B3:7D:79
X509v3 Authority Key Identifier:
keyid:0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:49:4d:f0:02:87:c3:38:49:8f:e0:71:f2:0d:0b:a2:dd:11:
e3:d7:34:a8:4c:38:76:d4:2a:fe:55:3c:25:95:c0:27:4f:20:
29:e9:e8:4b:5d:70:12:6b:eb:86:b2:2a:14:d8:8f:bd:85:ef:
25:c1:f4:06:24:83:35:54:f1:8d:f6:c6:20:a4:2f:a5:fe:8b:
a2:cb:f3:f1:56:79:a8:b1:05:ce:49:70:cd:c8:85:13:1d:94:
54:2f:54:9d:61:57:c6:bd:30:0f:ff:df:45:79:8c:c2:84:de:
97:49:cf:97:3e:92:0a:22:25:be:74:a9:8e:f0:e1:b0:36:12:
bc:fe:50:63:cd:8b:f3:3a:8c:27:5b:41:f5:02:62:41:b2:ac:
93:b7:a0:e9:fc:c6:20:41:d1:eb:9f:e1:4d:2c:6d:f1:dd:ea:
8c:07:9b:d3:cf:20:a9:3e:24:2d:48:0b:4f:42:8f:00:98:79:
38:f8:06:a0:4e:aa:27:fb:1b:76:18:08:18:41:09:08:64:0f:
82:fb:be:39:17:c6:e2:aa:d4:2c:40:17:f3:6e:0a:a2:6c:f2:
04:38:87:0f:8e:dd:8d:be:d1:22:4a:a4:81:8c:98:78:d3:25:
90:87:08:e3:9c:8e:d4:0b:61:0f:ac:3a:b2:56:93:2d:ac:3c:
f8:04:c8:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDFHnpU5kU9FOVVBXCB93LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGNmMGVjN2JhZjM0OWU4OTJkNTExMTVjMjJjMGRiZDQz
NTBiOGUwHhcNMjUwNTEyMDYwMDIxWhcNMjUwNTEzMDYwMDIxWjAzMTEwLwYDVQQD
EygyYTgxMGQ1Zjg2YzkxYWI1ZGRhYjAwYzQwYjVjZjkzMmVmYjM3ZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHxgHQ4ApnZdQwIGP6dqpdLvhiQV
U40/Kcc3k/EHihiCnXsBu4earOxuVdKFOy8GKtEMt1GCLBXPH3gsD2+zgnRhvyu0
XzCCr5RKpeqVBnxY6PPRKqylGbTKe1L5YsWt9lkcQ/VMbjsJnYXV4RDP1lFBw1gx
4N0jBvPoUoLGc0laL3uTZtHqSXIy3Z0IUVZ43Gt+S89Jb5qezc2lTL55KmGhFyb0
bpNLBCHhsCDOLqfU+tMq8PrFg7rbRXdulIeq8BRY9IBIT4UExdHEibS+UoeJchJS
KJ2sext/tWw5M1Vzh8SrJaaH3YJ+oaWwdkkA5/GbN+b+T90X/zZL8cgBZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqBDV+GyRq13asAxAtc+TLvs315MB8GA1UdIwQY
MBaAFA/c8Ox7rzSeiS1REVwiwNvUNQuOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2Ut
YjI5NTgzOGFiYmQ5LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2UtYjI5NTgzOGFiYmQ5
LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfElN8AKH
wzhJj+Bx8g0Lot0R49c0qEw4dtQq/lU8JZXAJ08gKenoS11wEmvrhrIqFNiPvYXv
JcH0BiSDNVTxjfbGIKQvpf6Losvz8VZ5qLEFzklwzciFEx2UVC9UnWFXxr0wD//f
RXmMwoTel0nPlz6SCiIlvnSpjvDhsDYSvP5QY82L8zqMJ1tB9QJiQbKsk7eg6fzG
IEHR65/hTSxt8d3qjAeb088gqT4kLUgLT0KPAJh5OPgGoE6qJ/sbdhgIGEEJCGQP
gvu+ORfG4qrULEAX824KomzyBDiHD47djb7RIkqkgYyYeNMlkIcI45yO1AthD6w6
slaTLaw8+ATI6g==
-----END CERTIFICATE-----
Generated at Mon May 12 14:52:13 2025 by rpki-client