Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: bUgjRF0VhibdeFabxs5soYS5ckHZlDfSWBd18ViUH8A=
Subject key identifier: 7B:18:EE:12:8B:FE:B5:1F:B2:7E:1D:9E:FB:D8:0F:36:EE:37:44:E9
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 0196C5A82E666928B64305660CA0E4C9AACD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 153B
Signing time: Mon 12 May 2025 18:00:55 +0000
Manifest this update: Mon 12 May 2025 18:00:55 +0000
Manifest next update: Tue 13 May 2025 18:00:55 +0000
Files and hashes: 1: 34veN2ucTJBbi388PrmLekhLRzM.roa (hash: zPkkR8nXQL9mfEVd+D/kn8bIVDt7EDLAoyKRPC1BVEk=)
2: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: 2avrcWvdG+s/qkRaubIwSo+/uPo/3emnkpf4b83Srjs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 18:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:a8:2e:66:69:28:b6:43:05:66:0c:a0:e4:c9:aa:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: May 12 18:00:55 2025 GMT
Not After : May 13 18:00:55 2025 GMT
Subject: CN=7b18ee128bfeb51fb27e1d9efbd80f36ee3744e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:f0:2a:26:b9:6b:ef:d7:7e:12:82:31:ed:
dd:dc:25:ec:89:41:c8:c8:01:46:0d:02:8c:bb:3d:
85:fe:25:fb:2e:18:61:e4:c1:d7:a4:54:8e:f7:5b:
b1:8e:36:2b:8d:6f:39:1b:18:53:64:8a:f3:f8:b3:
5d:37:a9:4f:f8:ee:f3:49:10:9c:e6:01:44:af:cc:
1a:96:90:0d:b4:e0:a3:83:c8:de:0e:ce:09:9a:35:
0b:00:6c:02:66:6a:20:94:9e:40:9d:d0:97:b5:b5:
8d:f9:ed:23:32:ca:4c:7b:85:ba:b3:77:16:c0:0b:
c5:92:ce:77:df:7f:45:73:a0:bb:63:a6:6c:17:41:
51:f7:4b:d1:74:27:60:26:ae:f5:53:85:f2:51:c5:
0e:44:77:11:06:b8:93:8a:be:07:d7:59:96:dc:7f:
1f:2c:e1:26:e1:72:13:88:6c:2b:4a:86:75:50:f7:
9e:da:25:85:0f:c9:58:21:b5:92:7d:d4:12:34:cc:
25:28:cc:22:a4:be:d0:c1:ab:ef:54:5c:b2:0c:df:
2f:16:eb:0d:a8:14:88:9a:fd:19:bc:8a:89:1d:0c:
f6:24:41:99:e1:22:6e:d4:79:4f:70:68:fd:55:36:
1d:93:97:87:1d:6c:94:d9:43:45:49:d9:60:10:22:
bc:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:18:EE:12:8B:FE:B5:1F:B2:7E:1D:9E:FB:D8:0F:36:EE:37:44:E9
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:5e:f5:04:c5:23:71:e9:dc:57:df:7b:11:49:73:8e:ee:87:
f3:33:ee:8d:ec:2f:5a:68:80:a3:60:be:0d:c6:97:50:59:15:
1e:6c:0c:fe:36:97:f9:86:ee:27:aa:e0:be:03:4b:66:b5:24:
26:7d:53:9a:fa:e8:e6:ba:7c:65:4e:7e:55:cb:5a:5c:8e:ea:
fd:76:9b:f4:fe:31:bb:dd:ef:99:50:13:58:c4:b6:9c:61:78:
23:74:69:0a:e0:70:24:0d:df:4d:e7:19:89:08:59:e3:37:f9:
02:ee:9d:27:ab:f7:2a:e2:15:89:93:8f:ee:73:60:55:57:23:
7a:33:aa:78:14:be:eb:fb:78:25:bb:7f:5f:5d:ac:15:6f:6e:
56:3c:08:73:97:88:e5:b7:87:57:66:0e:16:5d:d1:68:d3:76:
30:63:20:50:2e:cc:e6:3a:9c:ed:f8:f6:85:a8:c1:3e:b3:74:
f8:1c:79:dd:4f:3f:4e:f8:d5:30:0e:94:59:d9:16:4d:f5:7d:
55:8c:57:da:b1:43:bb:ea:17:80:e8:99:30:c5:93:14:35:59:
e7:5e:a0:c6:ab:35:8c:13:54:2a:d6:5a:5c:37:0b:bc:db:0b:
05:a7:87:5f:5e:92:b4:06:5e:fa:ae:b1:05:b8:75:64:e4:d3:
35:44:5c:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFqC5maSi2QwVmDKDkyarNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjUwNTEyMTgwMDU1WhcNMjUwNTEzMTgwMDU1WjAzMTEwLwYDVQQD
Eyg3YjE4ZWUxMjhiZmViNTFmYjI3ZTFkOWVmYmQ4MGYzNmVlMzc0NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXPwKia5a+/XfhKCMe3d3CXsiUHI
yAFGDQKMuz2F/iX7Lhhh5MHXpFSO91uxjjYrjW85GxhTZIrz+LNdN6lP+O7zSRCc
5gFEr8walpANtOCjg8jeDs4JmjULAGwCZmoglJ5AndCXtbWN+e0jMspMe4W6s3cW
wAvFks53339Fc6C7Y6ZsF0FR90vRdCdgJq71U4XyUcUORHcRBriTir4H11mW3H8f
LOEm4XITiGwrSoZ1UPee2iWFD8lYIbWSfdQSNMwlKMwipL7QwavvVFyyDN8vFusN
qBSImv0ZvIqJHQz2JEGZ4SJu1HlPcGj9VTYdk5eHHWyU2UNFSdlgECK87wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsY7hKL/rUfsn4dnvvYDzbuN0TpMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqV71BMUj
cencV997EUlzju6H8zPujewvWmiAo2C+DcaXUFkVHmwM/jaX+YbuJ6rgvgNLZrUk
Jn1Tmvro5rp8ZU5+VctaXI7q/Xab9P4xu93vmVATWMS2nGF4I3RpCuBwJA3fTecZ
iQhZ4zf5Au6dJ6v3KuIViZOP7nNgVVcjejOqeBS+6/t4Jbt/X12sFW9uVjwIc5eI
5beHV2YOFl3RaNN2MGMgUC7M5jqc7fj2hajBPrN0+Bx53U8/TvjVMA6UWdkWTfV9
VYxX2rFDu+oXgOiZMMWTFDVZ516gxqs1jBNUKtZaXDcLvNsLBaeHX16StAZe+q6x
Bbh1ZOTTNURc0Q==
-----END CERTIFICATE-----
Generated at Tue May 13 04:53:40 2025 by rpki-client