Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft
File: 8KEScQQ06Frl_m-_Qedr3fk4GM8.mft (raw, json)
Hash identifier: z2pGJ5DCTQNNtt+WtIOJ3O+tBFoMdGwxP4hv1+7Hd38=
Subject key identifier: AB:2A:FF:D3:28:3C:33:57:6D:8C:AE:EB:44:5D:EF:83:30:1C:F0:3D
Authority key identifier: F0:A1:12:71:04:34:E8:5A:E5:FE:6F:BF:41:E7:6B:DD:F9:38:18:CF
Certificate issuer: /CN=f0a112710434e85ae5fe6fbf41e76bddf93818cf
Certificate serial: 0196BE5C921967C8C83DC538DE82397B313B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KEScQQ06Frl_m-_Qedr3fk4GM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft
Manifest number: 03AD
Signing time: Sun 11 May 2025 08:00:59 +0000
Manifest this update: Sun 11 May 2025 08:00:59 +0000
Manifest next update: Mon 12 May 2025 08:00:59 +0000
Files and hashes: 1: 8KEScQQ06Frl_m-_Qedr3fk4GM8.crl (hash: /fe7BAKWbqEpYJxnZzAUP7DSf2a+qX9EDy99loQt8E4=)
2: QxzsJBZ0KnjdWggXNkiPE3mxTiE.roa (hash: wp71B9vMq7Np21xWaUokwt4Wn7Ga2Zz2FhWmCQz4Lj0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8KEScQQ06Frl_m-_Qedr3fk4GM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:5c:92:19:67:c8:c8:3d:c5:38:de:82:39:7b:31:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a112710434e85ae5fe6fbf41e76bddf93818cf
Validity
Not Before: May 11 08:00:59 2025 GMT
Not After : May 12 08:00:59 2025 GMT
Subject: CN=ab2affd3283c33576d8caeeb445def83301cf03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:52:dd:b0:04:04:fa:fe:33:ce:a2:1c:da:1a:
1f:e1:70:92:99:b6:9f:58:03:a4:14:0a:79:9b:ee:
d1:93:82:f5:2b:43:01:b0:af:17:a6:d2:ee:af:fe:
98:2d:74:4c:ad:33:7b:e6:c6:00:2c:37:7a:0c:ab:
d8:3a:75:e7:73:17:da:c5:00:82:10:7f:2c:a5:7a:
88:1b:3d:90:64:65:d4:73:df:11:4f:d2:bb:fa:7e:
56:57:56:f4:41:3e:0b:73:49:a8:ea:61:c8:b0:d3:
4e:f0:a6:f2:36:07:4a:07:18:04:c0:26:e9:20:92:
7d:29:c5:b0:ec:22:11:92:f3:68:c6:83:33:05:5f:
4a:b4:e9:da:52:4b:da:51:25:cc:aa:6d:8b:cd:ac:
e7:86:f7:a9:f6:5d:f2:3f:e6:52:a6:a0:ad:71:c8:
a9:36:03:45:e7:e5:06:53:fb:e8:c1:44:63:97:ed:
20:3f:60:5b:a5:5d:df:fd:7e:9b:0c:8b:6c:cd:72:
36:7e:ae:d5:4f:40:b2:8a:dd:c0:39:e5:6f:cd:83:
29:11:57:b8:fc:e2:ce:47:ee:ee:82:e4:af:a0:db:
a3:bd:ef:d6:31:86:3c:83:a0:a0:ef:6e:b8:5b:d8:
a7:ed:3a:01:7d:20:1a:ed:74:86:32:55:d6:67:a0:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:2A:FF:D3:28:3C:33:57:6D:8C:AE:EB:44:5D:EF:83:30:1C:F0:3D
X509v3 Authority Key Identifier:
keyid:F0:A1:12:71:04:34:E8:5A:E5:FE:6F:BF:41:E7:6B:DD:F9:38:18:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KEScQQ06Frl_m-_Qedr3fk4GM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:d8:20:2b:2c:f3:57:66:2c:b3:72:7f:77:ae:30:97:64:bc:
6c:d7:7c:97:14:40:11:8e:1c:3e:3a:55:dc:1c:76:f2:7d:06:
b8:54:cc:38:a4:0c:ea:36:b1:cb:61:8c:47:2a:f2:04:81:64:
f4:19:d1:93:9e:92:6a:5c:8e:86:dd:29:d9:df:cf:22:4f:b7:
df:d8:fb:21:93:53:d4:ba:e3:44:20:88:51:e7:d2:dd:af:b9:
4a:b1:78:00:c0:e2:5d:51:f2:a5:6c:fe:ae:e5:88:eb:08:bc:
56:63:a2:15:4e:7e:58:58:ee:1d:7f:37:6a:f1:39:6a:6c:66:
2e:12:ab:51:39:a0:f8:63:34:52:5c:86:25:fb:35:86:ef:46:
eb:5b:b6:46:34:36:98:c2:d4:2b:d0:a0:2e:1d:81:48:37:29:
cd:2a:af:6c:91:24:e8:20:0a:1a:92:19:a2:15:80:8a:93:33:
03:7d:33:e4:09:c9:14:a4:e5:58:98:25:99:a8:50:7f:01:fa:
b9:67:25:f4:25:98:1d:6a:6a:75:79:62:eb:dd:11:12:43:0c:
31:e0:0e:8b:5d:a1:01:63:37:c9:14:e9:d4:ee:84:ad:de:7b:
f7:e1:a0:18:c0:8b:8c:3f:e2:f5:3f:bc:6d:f9:1f:20:aa:7a:
11:a4:33:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XJIZZ8jIPcU43oI5ezE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTExMjcxMDQzNGU4NWFlNWZlNmZiZjQxZTc2YmRkZjkz
ODE4Y2YwHhcNMjUwNTExMDgwMDU5WhcNMjUwNTEyMDgwMDU5WjAzMTEwLwYDVQQD
EyhhYjJhZmZkMzI4M2MzMzU3NmQ4Y2FlZWI0NDVkZWY4MzMwMWNmMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFLdsAQE+v4zzqIc2hof4XCSmbaf
WAOkFAp5m+7Rk4L1K0MBsK8XptLur/6YLXRMrTN75sYALDd6DKvYOnXncxfaxQCC
EH8spXqIGz2QZGXUc98RT9K7+n5WV1b0QT4Lc0mo6mHIsNNO8KbyNgdKBxgEwCbp
IJJ9KcWw7CIRkvNoxoMzBV9KtOnaUkvaUSXMqm2Lzaznhvep9l3yP+ZSpqCtccip
NgNF5+UGU/vowURjl+0gP2BbpV3f/X6bDItszXI2fq7VT0Cyit3AOeVvzYMpEVe4
/OLOR+7uguSvoNujve/WMYY8g6Cg7264W9in7ToBfSAa7XSGMlXWZ6C54QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsq/9MoPDNXbYyu60Rd74MwHPA9MB8GA1UdIwQY
MBaAFPChEnEENOha5f5vv0Hna935OBjPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtFU2NRUTA2RnJsX20tX1FlZHIzZms0R004LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yOTRhODEtNTIzNy00YmYzLWEwNWIt
YTg4YTRkMDk0YWYwLzEvOEtFU2NRUTA2RnJsX20tX1FlZHIzZms0R004Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yOTRhODEtNTIzNy00YmYzLWEwNWItYTg4YTRkMDk0YWYw
LzEvOEtFU2NRUTA2RnJsX20tX1FlZHIzZms0R004LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNggKyzz
V2Yss3J/d64wl2S8bNd8lxRAEY4cPjpV3Bx28n0GuFTMOKQM6jaxy2GMRyryBIFk
9BnRk56SalyOht0p2d/PIk+339j7IZNT1LrjRCCIUefS3a+5SrF4AMDiXVHypWz+
ruWI6wi8VmOiFU5+WFjuHX83avE5amxmLhKrUTmg+GM0UlyGJfs1hu9G61u2RjQ2
mMLUK9CgLh2BSDcpzSqvbJEk6CAKGpIZohWAipMzA30z5AnJFKTlWJglmahQfwH6
uWcl9CWYHWpqdXli690REkMMMeAOi12hAWM3yRTp1O6Erd579+GgGMCLjD/i9T+8
bfkfIKp6EaQzPg==
-----END CERTIFICATE-----
Generated at Sun May 11 11:30:04 2025 by rpki-client