Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json)
Hash identifier: hdD8to+bmWMAf6GZ6lEsa1qjRPFgCMYjcoMxoSBntgM=
Subject key identifier: 42:BE:05:14:77:B5:D1:7D:75:E3:F1:4C:69:EC:BD:45:28:A7:E4:7E
Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f
Certificate serial: 0196C5DEEEDBD63413445AFD25C0B702CA2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
Manifest number: 14CB
Signing time: Mon 12 May 2025 19:00:43 +0000
Manifest this update: Mon 12 May 2025 19:00:43 +0000
Manifest next update: Tue 13 May 2025 19:00:43 +0000
Files and hashes: 1: HoMgEifDpVQ65AHqBFCCx_7uMoE.roa (hash: MZgT/uxhPiKd1q/F+OrFW0KnU1po9n7PWWPZxZXmYvg=)
2: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: loNiTYAGCFTbs3yKn7AeOIQ5KZODurSJlS+X8wrF6GU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:de:ee:db:d6:34:13:44:5a:fd:25:c0:b7:02:ca:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f
Validity
Not Before: May 12 19:00:43 2025 GMT
Not After : May 13 19:00:43 2025 GMT
Subject: CN=42be051477b5d17d75e3f14c69ecbd4528a7e47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:05:2c:e4:97:1c:79:c0:2a:ba:a8:e6:55:10:
85:47:cb:85:06:96:c3:d5:30:c7:62:b8:93:e8:52:
3d:e8:8b:49:72:98:15:de:ed:64:2f:e0:9f:35:83:
71:03:47:cb:bb:cc:cc:b5:17:24:21:fa:e8:4e:ca:
4e:49:4a:c6:43:21:77:19:0e:10:25:5a:99:c8:e5:
94:10:97:a2:2d:5a:0e:19:5e:6c:95:26:33:bf:03:
2f:f3:0c:5d:75:0b:cc:27:6b:af:2c:8f:23:4c:4f:
78:80:bf:82:b8:6d:9d:06:24:a9:94:42:52:6d:6b:
ef:a9:c7:3e:d6:0b:a7:23:12:f1:5f:9d:75:fb:90:
b2:d0:91:1b:f3:2e:c8:e6:2e:53:02:36:48:83:59:
34:7e:a7:c5:2a:6c:bc:a9:cb:ef:aa:ae:c9:53:26:
61:ba:be:96:24:f8:33:59:8f:c7:10:9b:13:d3:58:
a3:51:4a:89:2b:9a:0d:aa:d3:8c:0d:06:65:ff:dc:
8d:68:36:13:0a:9c:e8:d0:6d:5b:a3:1e:58:6f:bf:
d2:90:69:a7:e1:e8:d2:93:3a:60:bd:73:8b:c6:a4:
eb:43:ad:f9:e6:f8:23:3e:1a:63:51:37:7e:92:0b:
5c:b0:99:79:34:66:b8:1a:32:b0:fb:e5:c6:94:82:
af:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BE:05:14:77:B5:D1:7D:75:E3:F1:4C:69:EC:BD:45:28:A7:E4:7E
X509v3 Authority Key Identifier:
keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:49:7f:c3:65:11:94:9e:42:46:47:d2:95:af:16:33:56:fc:
09:8d:46:80:f3:79:ad:7e:dd:c4:d5:6e:c8:53:78:ad:ca:45:
a6:e0:33:6c:2b:f1:46:22:a9:a2:16:77:2a:51:c6:40:6f:c3:
6c:5e:44:a7:98:e4:e7:a0:27:f0:a4:24:df:3e:cd:e5:69:2c:
57:00:b1:23:40:27:ae:e1:d7:ea:c9:e5:d7:fb:83:88:e1:e9:
3d:f7:d1:54:de:08:38:8f:d2:15:b8:e0:8e:36:e1:f5:63:8a:
be:52:19:2f:db:dd:40:5b:f1:d4:b3:65:fe:fc:71:1e:11:02:
cd:8b:43:00:df:02:39:c8:bb:2c:47:59:ed:3d:11:7b:80:e7:
73:35:96:05:ba:e6:48:65:4c:ec:78:a2:af:a5:0e:a1:3e:cf:
28:3e:ee:fa:5a:cf:b6:b8:8f:09:71:f7:83:f9:b1:33:3d:e9:
9d:14:94:bd:b7:18:64:ad:24:bc:e4:3d:b1:4e:25:a9:e6:48:
0e:a3:21:76:72:be:a0:86:1e:a9:4b:4c:86:a0:e1:79:19:62:
22:19:29:f0:9e:d6:62:35:69:25:d8:13:45:b9:87:d9:9d:af:
bd:4c:72:1d:8b:e7:10:9e:05:31:17:40:29:98:ca:75:3a:43:
b3:33:93:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbF3u7b1jQTRFr9JcC3AsouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz
ODEyNGYwHhcNMjUwNTEyMTkwMDQzWhcNMjUwNTEzMTkwMDQzWjAzMTEwLwYDVQQD
Eyg0MmJlMDUxNDc3YjVkMTdkNzVlM2YxNGM2OWVjYmQ0NTI4YTdlNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywUs5JccecAquqjmVRCFR8uFBpbD
1TDHYriT6FI96ItJcpgV3u1kL+CfNYNxA0fLu8zMtRckIfroTspOSUrGQyF3GQ4Q
JVqZyOWUEJeiLVoOGV5slSYzvwMv8wxddQvMJ2uvLI8jTE94gL+CuG2dBiSplEJS
bWvvqcc+1gunIxLxX511+5Cy0JEb8y7I5i5TAjZIg1k0fqfFKmy8qcvvqq7JUyZh
ur6WJPgzWY/HEJsT01ijUUqJK5oNqtOMDQZl/9yNaDYTCpzo0G1box5Yb7/SkGmn
4ejSkzpgvXOLxqTrQ6355vgjPhpjUTd+kgtcsJl5NGa4GjKw++XGlIKvHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEK+BRR3tdF9dePxTGnsvUUop+R+MB8GA1UdIwQY
MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt
ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj
LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi0l/w2UR
lJ5CRkfSla8WM1b8CY1GgPN5rX7dxNVuyFN4rcpFpuAzbCvxRiKpohZ3KlHGQG/D
bF5Ep5jk56An8KQk3z7N5WksVwCxI0AnruHX6snl1/uDiOHpPffRVN4IOI/SFbjg
jjbh9WOKvlIZL9vdQFvx1LNl/vxxHhECzYtDAN8COci7LEdZ7T0Re4DnczWWBbrm
SGVM7Hiir6UOoT7PKD7u+lrPtriPCXH3g/mxMz3pnRSUvbcYZK0kvOQ9sU4lqeZI
DqMhdnK+oIYeqUtMhqDheRliIhkp8J7WYjVpJdgTRbmH2Z2vvUxyHYvnEJ4FMRdA
KZjKdTpDszOTXQ==
-----END CERTIFICATE-----
Generated at Mon May 12 23:04:55 2025 by rpki-client