Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
File: czQP17PChWN63ADx5h4rjkAmWPM.mft (raw, json)
Hash identifier: yM1UBTiyVhSWuatUb+guPphGkJzBR0J/u3RzYcK4hRo=
Subject key identifier: 71:23:FD:72:CD:DC:ED:1A:C7:F7:FB:D1:56:BC:EE:5C:3A:69:7E:BD
Authority key identifier: 73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3
Certificate issuer: /CN=73340fd7b3c285637adc00f1e61e2b8e402658f3
Certificate serial: 0196A0897BBB0DE4DB97C554565EBADE0C51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
Manifest number: 10A3
Signing time: Mon 05 May 2025 13:01:26 +0000
Manifest this update: Mon 05 May 2025 13:01:26 +0000
Manifest next update: Tue 06 May 2025 13:01:26 +0000
Files and hashes: 1: HjTMoAYNnig_SLdG7cjgafMO6sM.roa (hash: vtEs32Udg21ECRrqFxXkvtH2fOMUI8ZhlpPEmcfn7YU=)
2: czQP17PChWN63ADx5h4rjkAmWPM.crl (hash: 7bJ3tTUmfkgS/BCY9JUhQ3t9/Fet9pCGtXLbAOFtSOE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:89:7b:bb:0d:e4:db:97:c5:54:56:5e:ba:de:0c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73340fd7b3c285637adc00f1e61e2b8e402658f3
Validity
Not Before: May 5 13:01:26 2025 GMT
Not After : May 6 13:01:26 2025 GMT
Subject: CN=7123fd72cddced1ac7f7fbd156bcee5c3a697ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d4:82:28:69:cc:4a:18:ee:45:77:1b:21:37:
44:ab:8f:db:1f:b4:b3:72:3e:0f:66:41:76:9a:9c:
6b:59:1a:d9:11:4c:f6:ef:b3:f2:72:ba:9a:c6:b0:
63:b2:c1:56:00:b4:7a:03:35:5e:54:39:6d:52:a3:
07:cc:dc:c0:16:57:99:cd:75:56:98:f5:4a:35:94:
fb:9c:42:54:8a:0f:2b:09:25:80:aa:9e:a3:88:c8:
1f:59:89:b2:38:57:e7:6e:ad:b8:4a:f5:bf:dc:46:
ce:d7:85:0f:dc:e6:42:46:ae:0d:fb:3c:40:38:da:
b3:1e:5d:e7:18:53:cf:0f:0d:a6:ba:40:d0:1b:b3:
e0:ed:ed:d3:24:5f:a6:5d:af:da:21:44:c0:a2:ba:
6f:5e:c1:97:84:be:80:79:53:7e:bb:32:37:43:4f:
e0:f8:e1:fe:4b:7d:ff:0f:24:fa:52:e3:4a:80:e2:
ca:c6:02:ee:fe:52:4a:6e:52:01:13:c9:8f:b8:ca:
52:b8:d1:dd:f5:b6:a4:1a:29:03:5b:ac:50:53:60:
18:8d:66:48:95:c5:58:0a:6d:d3:53:34:60:72:1b:
ba:27:68:6e:40:a9:68:c3:de:c2:4b:db:ba:1d:0e:
9d:b6:e6:2c:13:70:24:95:25:22:87:bf:a2:6b:91:
8e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:23:FD:72:CD:DC:ED:1A:C7:F7:FB:D1:56:BC:EE:5C:3A:69:7E:BD
X509v3 Authority Key Identifier:
keyid:73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:60:34:9a:f0:05:0e:78:fa:83:88:6e:6a:ee:99:e6:25:f6:
0f:87:85:b9:d4:0c:25:93:51:40:fb:a2:42:5d:29:1b:52:8d:
18:08:76:8c:a7:de:09:a8:4c:e7:c6:6b:72:1e:4c:3b:b1:5a:
34:3b:e3:ac:fa:97:d2:13:79:b9:be:44:89:2a:89:59:0e:c2:
f8:bf:e6:f6:0f:7e:14:c5:41:dc:b4:67:c6:94:77:e4:f1:9b:
3b:9d:e8:a0:fe:0f:30:61:5e:bf:2a:11:b7:2f:fc:55:74:6b:
9c:15:c8:54:68:34:62:3f:42:c2:ab:b8:f8:42:54:8e:b2:c8:
8c:d8:f4:ae:9c:fb:64:e7:dd:3d:b2:ba:4f:0d:a9:59:e8:89:
0e:ef:1f:1d:63:5a:cd:fe:4a:e3:9a:ce:2b:99:4f:08:a2:54:
2b:2f:e5:b9:a2:36:01:36:91:7a:ee:7e:20:9d:61:c4:78:e6:
fa:a0:87:58:8a:49:54:39:e7:27:f7:b1:f1:b2:5c:70:6b:18:
b6:97:1c:b0:71:d4:ff:2d:02:b2:a0:53:87:c2:9b:3a:59:8e:
fe:62:c8:46:b8:0e:43:c8:f5:af:72:0d:99:96:d8:0e:55:f0:
4e:45:18:75:20:1f:ed:1f:a2:7d:25:bb:f7:61:e9:e2:a2:1a:
76:67:79:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZagiXu7DeTbl8VUVl663gxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMzQwZmQ3YjNjMjg1NjM3YWRjMDBmMWU2MWUyYjhlNDAy
NjU4ZjMwHhcNMjUwNTA1MTMwMTI2WhcNMjUwNTA2MTMwMTI2WjAzMTEwLwYDVQQD
Eyg3MTIzZmQ3MmNkZGNlZDFhYzdmN2ZiZDE1NmJjZWU1YzNhNjk3ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdSCKGnMShjuRXcbITdEq4/bH7Sz
cj4PZkF2mpxrWRrZEUz277PycrqaxrBjssFWALR6AzVeVDltUqMHzNzAFleZzXVW
mPVKNZT7nEJUig8rCSWAqp6jiMgfWYmyOFfnbq24SvW/3EbO14UP3OZCRq4N+zxA
ONqzHl3nGFPPDw2mukDQG7Pg7e3TJF+mXa/aIUTAorpvXsGXhL6AeVN+uzI3Q0/g
+OH+S33/DyT6UuNKgOLKxgLu/lJKblIBE8mPuMpSuNHd9bakGikDW6xQU2AYjWZI
lcVYCm3TUzRgchu6J2huQKlow97CS9u6HQ6dtuYsE3AklSUih7+ia5GO4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEj/XLN3O0ax/f70Va87lw6aX69MB8GA1UdIwQY
MBaAFHM0D9ezwoVjetwA8eYeK45AJljzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYt
ZjIyMjM2MDZjNTM4LzEvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYtZjIyMjM2MDZjNTM4
LzEvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdWA0mvAF
Dnj6g4huau6Z5iX2D4eFudQMJZNRQPuiQl0pG1KNGAh2jKfeCahM58Zrch5MO7Fa
NDvjrPqX0hN5ub5EiSqJWQ7C+L/m9g9+FMVB3LRnxpR35PGbO53ooP4PMGFevyoR
ty/8VXRrnBXIVGg0Yj9Cwqu4+EJUjrLIjNj0rpz7ZOfdPbK6Tw2pWeiJDu8fHWNa
zf5K45rOK5lPCKJUKy/luaI2ATaReu5+IJ1hxHjm+qCHWIpJVDnnJ/ex8bJccGsY
tpccsHHU/y0CsqBTh8KbOlmO/mLIRrgOQ8j1r3INmZbYDlXwTkUYdSAf7R+ifSW7
92Hp4qIadmd5PQ==
-----END CERTIFICATE-----
Generated at Mon May 5 17:23:24 2025 by rpki-client