Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: 8QaqpyZ6kFzfWB8jTw4C/jt16i4rmR/yuhiZYXrJrVw=
Subject key identifier: 3D:A4:2B:CA:AC:66:53:FC:2F:2C:F0:4D:A0:0F:F5:CA:F0:7D:C7:93
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 01969E2C64483BF1BA61F2A9B42177E052FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 1524
Signing time: Mon 05 May 2025 02:00:31 +0000
Manifest this update: Mon 05 May 2025 02:00:31 +0000
Manifest next update: Tue 06 May 2025 02:00:31 +0000
Files and hashes: 1: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: 18pV4IBRjL/W57DgPhgBpBiwjGaja9+sqe8LlItotZY=)
2: _qAUmpmDNefd9UH0oGsDdu0Dm10.roa (hash: dhnP4xuQumbVUsoW5XRDL/9RukaAPXCZivf9aCXaQyU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9e:2c:64:48:3b:f1:ba:61:f2:a9:b4:21:77:e0:52:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: May 5 02:00:31 2025 GMT
Not After : May 6 02:00:31 2025 GMT
Subject: CN=3da42bcaac6653fc2f2cf04da00ff5caf07dc793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:28:02:1f:ae:b9:eb:ec:ec:5e:76:d6:77:aa:
9e:54:df:cc:7f:90:49:f7:e9:c6:09:e6:a0:61:cb:
15:fd:e3:2f:11:70:df:0c:08:20:51:3e:dd:2f:c5:
e4:4a:eb:3a:84:88:99:a6:26:5a:f0:93:c7:86:09:
2b:8a:d9:91:d2:06:4a:ff:d3:b2:39:fd:35:c2:c5:
15:a0:9f:83:f5:28:90:d3:fa:53:bf:c0:fb:4f:db:
56:23:58:21:08:5e:8e:43:31:af:e0:e0:bb:9a:1d:
e8:f0:c2:3b:82:85:e3:11:67:2e:05:cc:69:85:b3:
6a:12:6c:ea:1f:95:73:b2:75:ae:a3:82:e0:4f:68:
05:3e:a7:0c:1c:38:fd:57:c3:ef:8a:c7:dd:ff:ef:
54:94:0a:a0:7e:e8:52:42:58:db:ba:14:75:8a:bf:
c6:ea:2c:b5:7d:6d:4c:3a:bb:f2:95:fe:99:00:56:
27:c7:63:09:7a:40:1e:e0:cb:75:f7:0b:11:ae:04:
a8:2d:0a:24:9c:7e:4a:c6:d5:24:05:62:c7:05:56:
79:8a:25:0c:44:3b:1c:30:21:14:ba:62:1c:41:cb:
31:f7:34:d6:b7:7a:2e:d2:4a:42:41:6f:50:ee:77:
d7:03:1f:76:d1:ea:ca:f5:90:40:05:0c:70:fd:ae:
4a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A4:2B:CA:AC:66:53:FC:2F:2C:F0:4D:A0:0F:F5:CA:F0:7D:C7:93
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:bf:ff:31:01:a0:65:77:22:e7:fd:58:b6:ae:2b:28:64:21:
1c:f8:eb:04:81:96:6e:c3:db:3f:ec:21:a4:f0:20:54:b9:25:
60:64:15:d1:fb:1e:4d:7a:ba:de:cb:d8:42:aa:27:6a:bb:6b:
5e:19:29:87:1b:2e:09:78:f3:25:71:e4:79:d7:33:98:e9:9b:
fb:e1:56:81:58:6b:cb:09:88:ba:31:28:df:a5:db:3e:7d:b6:
0c:0d:64:6b:88:64:d8:ff:1d:69:7d:2e:22:71:9e:32:68:8e:
44:6d:c2:9d:ad:9a:70:f9:ed:9d:75:f8:e5:a2:67:66:24:0a:
80:1e:b7:1b:f5:ce:a7:a6:94:9d:ae:f8:14:6a:7b:6c:dd:82:
8b:59:ad:3c:2c:ff:fd:3f:7b:de:85:f5:94:c4:02:68:d6:b2:
94:44:b0:a3:e9:d0:01:6b:54:fa:d3:8a:6a:da:8a:c2:67:14:
fb:95:74:eb:87:c9:6d:4f:28:f9:30:f2:da:58:01:fb:27:fc:
8a:db:cd:16:9e:99:f0:66:8c:9b:06:ec:70:16:f2:f1:45:14:
62:09:e0:66:f3:ea:70:ce:dc:06:24:b9:50:26:d8:67:ca:44:
5d:e1:0e:c5:bf:0e:d6:04:f8:3b:51:da:e9:d3:c7:e4:62:17:
be:9c:7d:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaeLGRIO/G6YfKptCF34FL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjUwNTA1MDIwMDMxWhcNMjUwNTA2MDIwMDMxWjAzMTEwLwYDVQQD
EygzZGE0MmJjYWFjNjY1M2ZjMmYyY2YwNGRhMDBmZjVjYWYwN2RjNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSgCH6656+zsXnbWd6qeVN/Mf5BJ
9+nGCeagYcsV/eMvEXDfDAggUT7dL8XkSus6hIiZpiZa8JPHhgkritmR0gZK/9Oy
Of01wsUVoJ+D9SiQ0/pTv8D7T9tWI1ghCF6OQzGv4OC7mh3o8MI7goXjEWcuBcxp
hbNqEmzqH5VzsnWuo4LgT2gFPqcMHDj9V8Pvisfd/+9UlAqgfuhSQljbuhR1ir/G
6iy1fW1MOrvylf6ZAFYnx2MJekAe4Mt19wsRrgSoLQoknH5KxtUkBWLHBVZ5iiUM
RDscMCEUumIcQcsx9zTWt3ou0kpCQW9Q7nfXAx920erK9ZBABQxw/a5KIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2kK8qsZlP8LyzwTaAP9crwfceTMB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcb//MQGg
ZXci5/1Ytq4rKGQhHPjrBIGWbsPbP+whpPAgVLklYGQV0fseTXq63svYQqonartr
XhkphxsuCXjzJXHkedczmOmb++FWgVhrywmIujEo36XbPn22DA1ka4hk2P8daX0u
InGeMmiORG3Cna2acPntnXX45aJnZiQKgB63G/XOp6aUna74FGp7bN2Ci1mtPCz/
/T973oX1lMQCaNaylESwo+nQAWtU+tOKatqKwmcU+5V064fJbU8o+TDy2lgB+yf8
itvNFp6Z8GaMmwbscBby8UUUYgngZvPqcM7cBiS5UCbYZ8pEXeEOxb8O1gT4O1Ha
6dPH5GIXvpx91A==
-----END CERTIFICATE-----
Generated at Mon May 5 10:46:55 2025 by rpki-client