Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier: ACyL/w71rUrj8AywAmX0Qw8rMzGySSV8CCcErIxFSp4=
Subject key identifier: 59:04:C2:AA:83:72:B6:5D:70:AD:33:A7:0E:AC:18:39:D0:F3:72:97
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial: 0196BE25A25CDEFCB9B6EA26CCE1463F160F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number: 0DCD
Signing time: Sun 11 May 2025 07:00:59 +0000
Manifest this update: Sun 11 May 2025 07:00:59 +0000
Manifest next update: Mon 12 May 2025 07:00:59 +0000
Files and hashes: 1: 5KKpk9qEveM_ucLAOYR8lDjQsvs.roa (hash: FsEABHDgSk6DaTySsepeca9yMLpdy1J0E11YMBOaZ9k=)
2: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: UxuBoW3JdEiZ4LShd1M84m7ADlUHc86FUJW0cv8X18o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:25:a2:5c:de:fc:b9:b6:ea:26:cc:e1:46:3f:16:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Validity
Not Before: May 11 07:00:59 2025 GMT
Not After : May 12 07:00:59 2025 GMT
Subject: CN=5904c2aa8372b65d70ad33a70eac1839d0f37297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:53:d6:8c:c3:a4:0e:41:42:27:0d:72:2c:63:
1f:8e:4a:d1:ce:a2:57:4a:0e:3e:8a:9e:cd:63:90:
61:b5:cc:48:e0:1e:51:6f:42:ce:25:ad:3c:fa:5c:
40:7f:4d:23:10:9b:3e:e3:07:6f:eb:d9:46:7b:df:
0d:01:67:dc:b0:c1:91:3b:41:4d:9a:15:b8:d1:f9:
ac:0a:9a:c1:3f:3e:73:75:d7:1b:27:54:ec:33:6a:
ed:c2:87:09:7c:3e:c5:f1:78:92:8d:6a:e2:98:ca:
6e:dc:6c:59:a9:62:ca:bf:58:c8:93:25:ec:01:63:
3a:88:df:ed:f5:b6:2b:1a:d6:66:11:ec:fb:ab:42:
94:c5:e9:02:6d:11:56:13:7d:31:5b:09:8a:47:07:
f1:a7:1a:7b:88:39:0f:31:10:6c:18:64:8a:f1:52:
82:e9:e1:af:e9:e1:3b:bb:bc:3b:88:cb:fd:8f:fc:
fc:f6:5e:32:44:76:80:e7:12:f0:30:34:93:9c:13:
7e:cd:08:67:ed:50:bb:df:7d:df:94:8e:41:45:0d:
a7:69:39:5a:47:28:8f:29:55:9a:2b:c0:b6:8c:1c:
75:48:10:50:a0:bd:ed:57:16:28:5a:42:a2:c8:ef:
4c:c1:71:d3:64:03:ba:13:f3:d6:3e:e6:49:9f:ed:
53:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:04:C2:AA:83:72:B6:5D:70:AD:33:A7:0E:AC:18:39:D0:F3:72:97
X509v3 Authority Key Identifier:
keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:2a:85:17:07:53:4b:e6:f5:3b:b5:40:20:66:8b:bd:8b:b1:
d2:f0:b2:a8:e3:3f:4a:8d:99:ac:7f:d6:d0:32:51:ea:19:41:
31:36:b6:63:78:29:a2:6e:4b:5e:e3:94:f7:05:79:5f:4d:a0:
a1:06:8a:3e:65:37:57:09:62:a2:95:c5:02:c4:cb:eb:5d:19:
ce:f3:c7:12:7e:11:e2:39:c0:40:96:b4:ec:4f:a6:01:b3:1e:
27:7d:0c:e7:05:4a:dd:fb:78:84:e9:68:70:5e:86:50:ec:d0:
94:28:2a:80:77:c0:d4:02:47:b0:68:75:a9:fe:e4:75:c2:fc:
b2:28:6c:82:4d:2d:a5:2a:e1:59:ed:f4:e5:76:69:d6:38:54:
4a:ce:a4:2c:8d:67:66:78:a2:e4:e6:c5:4c:09:a1:6c:f9:ef:
1d:f5:d3:a5:86:ff:2d:cb:e9:0c:47:66:9b:10:a3:47:7e:85:
ec:90:67:60:26:f8:bf:e0:69:9c:34:b8:6f:bd:ba:d2:62:11:
4e:04:0b:12:48:d9:56:b8:ac:92:cc:a6:b1:f2:12:9b:dd:dd:
b9:31:bb:87:b7:92:5c:0d:9b:ce:37:36:5e:ef:84:f9:3f:f4:
33:5f:ec:87:de:1d:c8:26:93:3d:54:52:cc:86:3a:59:18:78:
7f:cd:ab:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+JaJc3vy5tuomzOFGPxYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjUwNTExMDcwMDU5WhcNMjUwNTEyMDcwMDU5WjAzMTEwLwYDVQQD
Eyg1OTA0YzJhYTgzNzJiNjVkNzBhZDMzYTcwZWFjMTgzOWQwZjM3Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlPWjMOkDkFCJw1yLGMfjkrRzqJX
Sg4+ip7NY5BhtcxI4B5Rb0LOJa08+lxAf00jEJs+4wdv69lGe98NAWfcsMGRO0FN
mhW40fmsCprBPz5zddcbJ1TsM2rtwocJfD7F8XiSjWrimMpu3GxZqWLKv1jIkyXs
AWM6iN/t9bYrGtZmEez7q0KUxekCbRFWE30xWwmKRwfxpxp7iDkPMRBsGGSK8VKC
6eGv6eE7u7w7iMv9j/z89l4yRHaA5xLwMDSTnBN+zQhn7VC7333flI5BRQ2naTla
RyiPKVWaK8C2jBx1SBBQoL3tVxYoWkKiyO9MwXHTZAO6E/PWPuZJn+1TOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkEwqqDcrZdcK0zpw6sGDnQ83KXMB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAISqFFwdT
S+b1O7VAIGaLvYux0vCyqOM/So2ZrH/W0DJR6hlBMTa2Y3gpom5LXuOU9wV5X02g
oQaKPmU3VwliopXFAsTL610ZzvPHEn4R4jnAQJa07E+mAbMeJ30M5wVK3ft4hOlo
cF6GUOzQlCgqgHfA1AJHsGh1qf7kdcL8sihsgk0tpSrhWe305XZp1jhUSs6kLI1n
Znii5ObFTAmhbPnvHfXTpYb/LcvpDEdmmxCjR36F7JBnYCb4v+BpnDS4b7260mIR
TgQLEkjZVrisksymsfISm93duTG7h7eSXA2bzjc2Xu+E+T/0M1/sh94dyCaTPVRS
zIY6WRh4f82rpw==
-----END CERTIFICATE-----
Generated at Sun May 11 09:07:41 2025 by rpki-client