Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
File: aJQuPste6nkqdvray-wBqFaOl_Q.mft (raw, json)
Hash identifier: EpJIxUrRFYnNug/nVyJwVViEf0xOBe0pOHVmimLbC58=
Subject key identifier: 20:6E:6B:66:40:CA:FE:E6:29:BB:06:CB:D9:AA:2C:0A:D1:D6:3C:39
Authority key identifier: 68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4
Certificate issuer: /CN=68942e3ecb5eea792a76fadacbec01a8568e97f4
Certificate serial: 0196C2DD69AF92A86BD6676B15CC3E458098
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
Manifest number: 1537
Signing time: Mon 12 May 2025 05:00:12 +0000
Manifest this update: Mon 12 May 2025 05:00:12 +0000
Manifest next update: Tue 13 May 2025 05:00:12 +0000
Files and hashes: 1: 2I7Ug_0TKUirYBKdCRFB3X-yPVM.roa (hash: OuAKBuCtiZrdtqQo3Ia+YQ9DdlyXDqDuhn9BW+I9wGc=)
2: aJQuPste6nkqdvray-wBqFaOl_Q.crl (hash: PQEMuoXSPcwJzLgT2WT4ASb+/X39dKgBooL8wW14ASM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c2:dd:69:af:92:a8:6b:d6:67:6b:15:cc:3e:45:80:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68942e3ecb5eea792a76fadacbec01a8568e97f4
Validity
Not Before: May 12 05:00:12 2025 GMT
Not After : May 13 05:00:12 2025 GMT
Subject: CN=206e6b6640cafee629bb06cbd9aa2c0ad1d63c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:98:87:8e:51:92:a2:3a:95:8d:db:fb:83:1b:
03:e0:83:b1:d7:e4:91:1d:29:64:82:6f:8d:5b:93:
7b:6c:4f:0b:57:82:a6:87:4f:69:73:e8:cd:83:e6:
65:18:c5:a0:93:64:70:9f:0b:97:c1:b4:c6:8e:c6:
a2:d9:12:00:c7:64:07:4c:ab:66:ce:c5:ea:a2:ee:
42:8f:1e:bf:7e:2d:12:27:ea:74:c6:ff:dd:ef:ea:
14:ed:f9:fe:17:6f:a6:b7:a6:35:52:1e:fc:f0:8b:
ff:b4:b4:04:a7:ce:c5:bc:a3:79:4e:8e:9d:16:80:
ac:e1:41:9e:58:72:8f:e7:3e:e4:16:ea:6e:be:02:
f5:2c:2e:1f:9c:1a:24:00:0e:f5:ce:81:c6:3f:47:
f5:a8:6a:cc:d0:b4:56:ea:5d:74:6d:ee:d3:d3:d1:
5f:9d:e3:33:93:a3:75:0c:9a:23:89:c5:f0:f5:70:
4d:9f:95:63:17:7c:82:71:71:59:9f:b5:98:be:b3:
0f:f9:bd:3b:1c:6a:5f:a4:fa:15:27:01:cb:05:a0:
07:5a:ec:e3:6e:85:e2:43:ca:30:56:93:d9:61:51:
51:2d:7c:10:ec:3f:b8:b2:1e:1d:da:66:ca:e3:65:
fe:98:a4:77:f8:32:dd:11:a7:5d:98:26:7d:ca:75:
79:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:6E:6B:66:40:CA:FE:E6:29:BB:06:CB:D9:AA:2C:0A:D1:D6:3C:39
X509v3 Authority Key Identifier:
keyid:68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:56:ad:06:5c:2f:74:de:db:1f:62:20:34:14:f0:f4:84:aa:
ac:e5:96:63:a7:96:6b:90:5f:46:02:c2:9d:a4:3e:48:a2:59:
75:3b:68:69:93:8d:30:3e:ba:14:c1:3d:75:bf:b7:60:e5:e0:
f4:65:60:d4:0b:db:47:6a:d7:de:f7:d1:83:f3:d7:95:39:80:
09:bf:b3:4a:57:a3:8b:57:1d:c6:a1:50:4b:1a:58:7f:aa:af:
ae:0f:68:44:1f:d2:79:11:8d:a5:86:16:dd:cd:98:e5:d6:22:
06:aa:46:c8:dc:7f:2b:44:31:2c:21:c8:28:fe:11:fd:6a:50:
8b:ee:82:e3:1f:03:80:66:8d:07:85:37:0b:6b:f3:c3:34:ea:
86:e2:a2:a5:23:4c:dc:78:cb:aa:80:f9:d3:ea:1a:47:cf:fe:
75:46:9b:ca:1b:14:db:eb:b5:a1:67:d5:c2:47:98:20:69:c9:
36:fb:9f:a2:9d:95:50:81:4e:95:84:d0:2b:85:ce:67:00:0b:
00:e2:7a:9e:96:54:90:4a:f8:00:f1:b9:df:2a:76:92:27:52:
5a:14:03:02:a6:a0:51:be:ec:b0:3b:4b:7f:76:a3:88:2f:a6:
11:bd:62:82:50:ff:22:7f:b7:aa:7e:c1:2b:e4:2a:b3:6b:2c:
f8:72:74:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbC3Wmvkqhr1mdrFcw+RYCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OTQyZTNlY2I1ZWVhNzkyYTc2ZmFkYWNiZWMwMWE4NTY4
ZTk3ZjQwHhcNMjUwNTEyMDUwMDEyWhcNMjUwNTEzMDUwMDEyWjAzMTEwLwYDVQQD
EygyMDZlNmI2NjQwY2FmZWU2MjliYjA2Y2JkOWFhMmMwYWQxZDYzYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJiHjlGSojqVjdv7gxsD4IOx1+SR
HSlkgm+NW5N7bE8LV4Kmh09pc+jNg+ZlGMWgk2RwnwuXwbTGjsai2RIAx2QHTKtm
zsXqou5Cjx6/fi0SJ+p0xv/d7+oU7fn+F2+mt6Y1Uh788Iv/tLQEp87FvKN5To6d
FoCs4UGeWHKP5z7kFupuvgL1LC4fnBokAA71zoHGP0f1qGrM0LRW6l10be7T09Ff
neMzk6N1DJojicXw9XBNn5VjF3yCcXFZn7WYvrMP+b07HGpfpPoVJwHLBaAHWuzj
boXiQ8owVpPZYVFRLXwQ7D+4sh4d2mbK42X+mKR3+DLdEaddmCZ9ynV5rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBua2ZAyv7mKbsGy9mqLArR1jw5MB8GA1UdIwQY
MBaAFGiULj7LXup5Knb62svsAahWjpf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQt
MDNjY2UzOTY5ZjljLzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQtMDNjY2UzOTY5Zjlj
LzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfVatBlwv
dN7bH2IgNBTw9ISqrOWWY6eWa5BfRgLCnaQ+SKJZdTtoaZONMD66FME9db+3YOXg
9GVg1AvbR2rX3vfRg/PXlTmACb+zSleji1cdxqFQSxpYf6qvrg9oRB/SeRGNpYYW
3c2Y5dYiBqpGyNx/K0QxLCHIKP4R/WpQi+6C4x8DgGaNB4U3C2vzwzTqhuKipSNM
3HjLqoD50+oaR8/+dUabyhsU2+u1oWfVwkeYIGnJNvufop2VUIFOlYTQK4XOZwAL
AOJ6npZUkEr4APG53yp2kidSWhQDAqagUb7ssDtLf3ajiC+mEb1iglD/In+3qn7B
K+Qqs2ss+HJ0ng==
-----END CERTIFICATE-----
Generated at Mon May 12 11:08:42 2025 by rpki-client