Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
File: 2afNm3hyoceqJis_rRqQdlAlKDI.mft (raw, json)
Hash identifier: S20me8Y+MTY3+VN1Q5adGfBukahLuxhDFWSedTuFZMo=
Subject key identifier: 1E:23:9E:C1:4D:FB:92:8A:15:96:09:40:E9:ED:C2:5B:60:8E:26:3D
Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Certificate serial: 0196A12D722640CBE98D25A66C19B9D098CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
Manifest number: 034B
Signing time: Mon 05 May 2025 16:00:32 +0000
Manifest this update: Mon 05 May 2025 16:00:32 +0000
Manifest next update: Tue 06 May 2025 16:00:32 +0000
Files and hashes: 1: 2afNm3hyoceqJis_rRqQdlAlKDI.crl (hash: 1vFqIr2x2ATd37A9Peg6/fb4snon8UV2mXnAg/TNu/k=)
2: 8xRb-DPzCzHiHinhBGSiJKFCfq0.roa (hash: A9plqAZ6tW823XWa6YGs85LIMKZtOqJdz/q0S+8zYRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 16:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:2d:72:26:40:cb:e9:8d:25:a6:6c:19:b9:d0:98:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Validity
Not Before: May 5 16:00:32 2025 GMT
Not After : May 6 16:00:32 2025 GMT
Subject: CN=1e239ec14dfb928a15960940e9edc25b608e263d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:a8:8a:01:db:7e:f7:ed:0e:7f:4c:e3:b7:
6e:78:a9:bd:3c:3e:88:b2:a9:c0:6b:54:6f:fa:19:
2d:52:ac:e1:33:36:6e:25:5a:a7:de:78:53:b6:30:
6f:3e:a5:0b:40:c7:ac:b8:d2:3c:0d:16:a9:b2:5e:
7a:27:c6:62:3f:eb:19:20:b6:87:08:80:ed:b1:f1:
46:8a:36:d5:13:b8:a5:fe:01:33:a2:28:71:62:d9:
63:98:ab:ea:f5:93:e3:76:65:5d:c6:b4:5b:04:ef:
35:ce:8f:97:12:88:13:4e:49:69:5f:76:1e:0b:99:
5f:1d:92:fe:fb:34:3a:96:1a:6a:59:9c:3a:46:88:
0d:1c:7f:ba:7d:f3:4e:5b:fe:05:0c:e3:37:33:a9:
48:19:50:1f:8f:1c:0b:e3:e8:e0:7c:8f:11:9b:aa:
5d:8f:92:6a:e6:e0:46:b1:9e:0d:15:8f:a8:da:25:
72:7a:30:b8:5e:48:ff:d6:4e:8e:66:ad:48:da:f6:
2f:3a:96:fd:04:9c:e5:c8:16:55:15:59:da:11:b1:
42:0c:56:0b:7f:25:fc:9b:f8:04:6d:07:6c:82:0c:
5a:60:75:2b:5d:89:f0:e6:e1:8a:29:ec:6f:0d:89:
be:a7:c6:e2:1f:f8:3f:ea:cf:0c:a0:72:e9:d6:ba:
9f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:23:9E:C1:4D:FB:92:8A:15:96:09:40:E9:ED:C2:5B:60:8E:26:3D
X509v3 Authority Key Identifier:
keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:16:25:49:e9:e5:12:86:d5:8e:0e:69:f1:e1:28:29:8c:e6:
60:7c:93:fd:97:8b:1e:2d:a6:5b:84:1a:a4:60:c1:a5:a8:90:
98:ee:4d:e4:22:4d:c5:f0:d5:1b:86:ef:97:5a:30:2a:3c:e2:
db:74:76:09:fa:e8:66:a0:c7:31:b3:b8:65:9d:77:46:7c:2b:
c1:00:23:7f:be:36:f3:f0:b7:3b:92:56:58:f6:41:1b:9f:6e:
28:32:b6:74:c0:78:37:a6:16:33:d6:63:eb:e8:05:ce:25:e5:
0e:2b:ca:b2:ee:23:e0:6d:7c:a0:8d:83:c8:67:f9:c3:a6:af:
1e:3d:9f:f0:5d:18:a4:ad:db:85:64:10:f5:d8:8d:ae:6a:17:
64:d8:ed:d6:ac:73:47:aa:80:4d:c0:f1:f6:4b:0b:5d:8e:c1:
bc:ed:4a:3b:c2:92:30:ba:68:8a:19:b5:c6:ce:fd:65:d7:17:
83:93:5f:e3:1f:58:59:6a:e3:bf:3e:5f:31:bb:db:4b:46:aa:
31:28:2f:6e:69:b0:ef:41:8d:e6:a5:23:2c:71:9e:1e:7f:41:
e4:0a:e3:d3:94:ec:96:ac:16:b4:17:d8:09:6e:0b:47:bc:f5:
91:12:af:83:5d:df:2a:2e:f6:fc:c5:f9:59:64:19:88:13:f0:
f7:a5:4c:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZahLXImQMvpjSWmbBm50JjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy
NTI4MzIwHhcNMjUwNTA1MTYwMDMyWhcNMjUwNTA2MTYwMDMyWjAzMTEwLwYDVQQD
EygxZTIzOWVjMTRkZmI5MjhhMTU5NjA5NDBlOWVkYzI1YjYwOGUyNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXGoigHbfvftDn9M47dueKm9PD6I
sqnAa1Rv+hktUqzhMzZuJVqn3nhTtjBvPqULQMesuNI8DRapsl56J8ZiP+sZILaH
CIDtsfFGijbVE7il/gEzoihxYtljmKvq9ZPjdmVdxrRbBO81zo+XEogTTklpX3Ye
C5lfHZL++zQ6lhpqWZw6RogNHH+6ffNOW/4FDOM3M6lIGVAfjxwL4+jgfI8Rm6pd
j5Jq5uBGsZ4NFY+o2iVyejC4Xkj/1k6OZq1I2vYvOpb9BJzlyBZVFVnaEbFCDFYL
fyX8m/gEbQdsggxaYHUrXYnw5uGKKexvDYm+p8biH/g/6s8MoHLp1rqfaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4jnsFN+5KKFZYJQOntwltgjiY9MB8GA1UdIwQY
MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt
ZDA1YmU4YzVhNGIxLzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx
LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtRYlSenl
EobVjg5p8eEoKYzmYHyT/ZeLHi2mW4QapGDBpaiQmO5N5CJNxfDVG4bvl1owKjzi
23R2CfroZqDHMbO4ZZ13RnwrwQAjf7428/C3O5JWWPZBG59uKDK2dMB4N6YWM9Zj
6+gFziXlDivKsu4j4G18oI2DyGf5w6avHj2f8F0YpK3bhWQQ9diNrmoXZNjt1qxz
R6qATcDx9ksLXY7BvO1KO8KSMLpoihm1xs79ZdcXg5Nf4x9YWWrjvz5fMbvbS0aq
MSgvbmmw70GN5qUjLHGeHn9B5Arj05TslqwWtBfYCW4LR7z1kRKvg13fKi72/MX5
WWQZiBPw96VMwg==
-----END CERTIFICATE-----
Generated at Tue May 6 02:09:11 2025 by rpki-client