Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier: y2aZhEzw9vkCKNIgZ7Es34hTe/nEuSHeNFtvAKsTZyQ=
Subject key identifier: CA:14:89:C1:B8:7C:F6:70:6D:EF:13:BD:B4:16:E9:D9:5A:33:F5:E8
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial: 0196D2BF55E8B5A7559D39668EB7A18A2695
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number: 153D
Signing time: Thu 15 May 2025 07:01:16 +0000
Manifest this update: Thu 15 May 2025 07:01:16 +0000
Manifest next update: Fri 16 May 2025 07:01:16 +0000
Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: Yd8Fti5dPFIKGRFWTfVkvSZWomTwtowIY3k886OEyrA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 07:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:bf:55:e8:b5:a7:55:9d:39:66:8e:b7:a1:8a:26:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Validity
Not Before: May 15 07:01:16 2025 GMT
Not After : May 16 07:01:16 2025 GMT
Subject: CN=ca1489c1b87cf6706def13bdb416e9d95a33f5e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:77:82:c9:7a:00:08:4f:20:25:5b:0d:6f:d2:
20:94:6c:b1:b4:04:51:f7:14:6b:3b:e1:78:60:04:
9f:ad:e6:d8:57:55:a7:33:8c:25:45:d9:95:3e:61:
60:fb:52:d3:64:74:bf:2a:22:d0:f9:14:57:01:00:
05:6b:c5:61:a7:80:a5:c4:9f:a1:c9:d9:89:b0:e7:
78:57:be:af:d2:b8:f1:55:f2:75:b5:1f:30:03:66:
59:b7:a4:85:a6:43:d5:1d:e8:7c:ad:79:4c:88:a0:
3d:5e:3b:76:c1:1d:95:d5:c5:a1:70:3f:a9:c3:b8:
5f:48:21:49:fe:77:af:da:ec:40:a5:74:89:9e:a3:
20:21:fb:77:bb:82:ad:73:ea:b4:28:55:f0:48:c7:
b9:e0:47:f6:a5:71:be:ea:ae:22:ad:76:0f:fe:4a:
fe:16:fd:43:f4:06:a3:73:30:c3:7e:97:44:fb:d4:
7e:0d:8e:12:13:81:85:1f:9a:fc:6a:4b:8f:e5:2b:
f5:cd:cd:de:cb:1b:31:90:f3:80:91:a3:d7:9b:1c:
6f:f5:1e:77:dd:ed:e9:ec:a9:dc:cf:2a:1f:42:7b:
7f:1e:7b:d8:41:c7:41:d0:6c:85:0c:ee:0b:87:fd:
7e:b2:ec:fa:fa:55:0a:83:cb:b3:9f:ba:3b:c5:65:
a7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:14:89:C1:B8:7C:F6:70:6D:EF:13:BD:B4:16:E9:D9:5A:33:F5:E8
X509v3 Authority Key Identifier:
keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:f1:15:dd:5c:d9:a0:c0:f7:e1:3a:18:24:03:0f:7f:19:02:
29:f1:7a:89:ae:4e:6b:19:4d:aa:48:21:40:4e:0d:05:cf:1c:
df:80:1f:eb:ba:c2:45:89:df:b1:13:58:47:07:16:c4:81:d5:
80:c0:07:c4:ee:be:df:19:b5:87:56:9a:2b:44:24:10:07:91:
3f:8b:f8:e7:84:78:11:65:ca:12:4e:4c:0c:2b:be:98:54:f5:
68:0e:94:73:63:47:09:02:b1:b3:25:0f:86:ff:fa:45:e2:40:
eb:fd:42:3c:41:33:dd:6e:42:cf:61:dd:90:4c:19:6d:44:e2:
c3:d1:0b:78:3c:f2:2c:07:a9:a7:c5:85:01:6b:51:d3:1c:a2:
8c:76:08:7c:3a:11:7c:d3:05:51:45:b2:d7:37:05:41:77:6e:
3c:ba:67:95:1b:39:0b:7e:cd:fe:23:75:37:34:24:c4:e5:73:
f7:ef:71:10:82:aa:d8:38:89:28:46:2b:3a:75:52:f0:40:31:
41:7b:36:e8:62:2c:b6:bf:ca:cd:4e:4d:65:43:4c:f4:aa:03:
b3:e4:00:27:ff:27:a6:9e:c8:7a:07:cf:e5:2f:2f:51:5a:94:
ec:66:54:31:e2:c1:b0:a4:66:de:d0:f8:99:73:12:b9:d4:33:
5d:29:9c:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbSv1XotadVnTlmjrehiiaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjUwNTE1MDcwMTE2WhcNMjUwNTE2MDcwMTE2WjAzMTEwLwYDVQQD
EyhjYTE0ODljMWI4N2NmNjcwNmRlZjEzYmRiNDE2ZTlkOTVhMzNmNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqneCyXoACE8gJVsNb9IglGyxtARR
9xRrO+F4YASfrebYV1WnM4wlRdmVPmFg+1LTZHS/KiLQ+RRXAQAFa8Vhp4ClxJ+h
ydmJsOd4V76v0rjxVfJ1tR8wA2ZZt6SFpkPVHeh8rXlMiKA9Xjt2wR2V1cWhcD+p
w7hfSCFJ/nev2uxApXSJnqMgIft3u4Ktc+q0KFXwSMe54Ef2pXG+6q4irXYP/kr+
Fv1D9AajczDDfpdE+9R+DY4SE4GFH5r8akuP5Sv1zc3eyxsxkPOAkaPXmxxv9R53
3e3p7KnczyofQnt/HnvYQcdB0GyFDO4Lh/1+suz6+lUKg8uzn7o7xWWndwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMoUicG4fPZwbe8TvbQW6dlaM/XoMB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPEV3VzZ
oMD34ToYJAMPfxkCKfF6ia5OaxlNqkghQE4NBc8c34Af67rCRYnfsRNYRwcWxIHV
gMAHxO6+3xm1h1aaK0QkEAeRP4v454R4EWXKEk5MDCu+mFT1aA6Uc2NHCQKxsyUP
hv/6ReJA6/1CPEEz3W5Cz2HdkEwZbUTiw9ELeDzyLAepp8WFAWtR0xyijHYIfDoR
fNMFUUWy1zcFQXduPLpnlRs5C37N/iN1NzQkxOVz9+9xEIKq2DiJKEYrOnVS8EAx
QXs26GIstr/KzU5NZUNM9KoDs+QAJ/8npp7IegfP5S8vUVqU7GZUMeLBsKRm3tD4
mXMSudQzXSmcaQ==
-----END CERTIFICATE-----
Generated at Thu May 15 10:30:46 2025 by rpki-client