Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier: RIsfKLyqKhgK7rc90PBgxetMoai3T8UnIRQmQHO/3mU=
Subject key identifier: 25:AF:43:98:1B:AC:7D:7B:91:AF:D6:0E:A6:27:43:E2:1A:F8:14:D0
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial: 0196A541246B183E96719999D21A6E1B5C93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number: 0258
Signing time: Tue 06 May 2025 11:00:31 +0000
Manifest this update: Tue 06 May 2025 11:00:31 +0000
Manifest next update: Wed 07 May 2025 11:00:31 +0000
Files and hashes: 1: kdQZ4QS0sUqXnywKZ8M79hUmfTA.roa (hash: xGG3G4XfdVhcDuFzw8EOPzLUi5vn/b3D8pkyEY9PSkc=)
2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: Jmj32RuqhvgLTiCXIr1J+bNNzLMbvMa93k+UZbT6pbc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 11:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:41:24:6b:18:3e:96:71:99:99:d2:1a:6e:1b:5c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Validity
Not Before: May 6 11:00:31 2025 GMT
Not After : May 7 11:00:31 2025 GMT
Subject: CN=25af43981bac7d7b91afd60ea62743e21af814d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:44:84:66:75:95:2f:bc:7c:ca:65:9b:ea:2d:
8a:e1:ec:07:64:0d:35:d9:16:58:9f:16:df:1b:d0:
3a:db:0c:83:d6:7c:1f:62:17:70:3e:81:e2:20:c8:
da:aa:4f:12:e0:81:5a:86:00:6e:40:0a:eb:71:2c:
f7:73:84:0b:ff:03:1a:86:13:b3:11:ab:d8:b3:25:
0e:bb:82:ec:ba:0d:e8:a3:f4:41:cb:8b:5b:ae:82:
5d:39:04:12:1d:34:c0:8f:60:f4:68:79:bf:12:78:
7c:b1:30:ee:8b:51:57:74:d5:71:9b:81:95:f7:fe:
89:b3:2f:4c:7c:2e:d6:11:d6:62:52:c7:d0:67:9e:
45:6d:57:a9:b9:d6:bc:48:9a:22:d5:d8:fe:22:c1:
d0:c8:34:a9:cb:af:82:76:6d:83:92:dc:ee:0c:03:
67:c6:6c:7e:7a:49:c2:18:f7:2c:ea:38:47:62:9f:
17:c3:ca:30:07:70:5b:95:3c:ba:af:b8:ec:4e:bd:
71:79:47:8c:66:97:6d:8e:d0:62:24:b5:67:f5:4a:
b5:9f:e8:30:b2:28:37:ab:ce:f5:8d:0b:cd:8f:77:
a2:94:94:05:a3:eb:e9:7e:1a:a6:6e:81:6e:4e:c6:
5a:bb:7a:61:b9:43:63:9f:06:31:ea:61:21:5e:e3:
15:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AF:43:98:1B:AC:7D:7B:91:AF:D6:0E:A6:27:43:E2:1A:F8:14:D0
X509v3 Authority Key Identifier:
keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:4c:7e:82:dc:0b:d9:c0:47:e7:94:c9:b2:aa:91:96:41:1c:
bd:19:ef:aa:70:c6:c9:a1:21:85:7e:8a:a7:1d:6b:80:b6:e5:
c0:50:1c:6f:59:3b:57:32:3b:ed:76:a9:6f:01:b4:0a:55:75:
7c:66:79:aa:78:c7:a6:d9:2d:93:c9:83:59:35:01:49:28:22:
51:0c:07:3d:f9:f5:27:29:52:14:c0:8e:e7:f8:67:1f:77:ca:
f7:41:66:7b:b6:a3:d3:3e:31:fb:e9:6e:f1:96:a6:88:f4:8c:
a9:37:3a:6b:3c:4d:c0:96:03:7f:bb:92:54:51:8d:fb:23:01:
30:33:a7:fd:8c:ef:4a:f5:d9:f7:bf:ce:3f:40:67:95:82:72:
27:58:30:cf:a3:c2:2b:7b:42:ab:9c:1a:13:40:ab:4e:22:b8:
95:3b:31:41:72:ad:fd:1c:48:7d:45:67:5e:04:95:fe:a4:3b:
6c:62:7d:38:91:dc:7d:84:b9:2d:cc:90:5d:03:db:41:d5:06:
c8:5d:e4:1f:f0:41:22:b9:dc:3e:f4:73:6d:6b:8e:c2:92:40:
5e:d2:2f:14:64:1d:81:e1:7c:d0:98:6b:b6:1a:c8:7e:12:f2:
d0:90:d0:01:25:f0:1e:96:e8:e1:9b:a2:db:b3:79:97:63:13:
59:64:a9:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZalQSRrGD6WcZmZ0hpuG1yTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjUwNTA2MTEwMDMxWhcNMjUwNTA3MTEwMDMxWjAzMTEwLwYDVQQD
EygyNWFmNDM5ODFiYWM3ZDdiOTFhZmQ2MGVhNjI3NDNlMjFhZjgxNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+0SEZnWVL7x8ymWb6i2K4ewHZA01
2RZYnxbfG9A62wyD1nwfYhdwPoHiIMjaqk8S4IFahgBuQArrcSz3c4QL/wMahhOz
EavYsyUOu4Lsug3oo/RBy4tbroJdOQQSHTTAj2D0aHm/Enh8sTDui1FXdNVxm4GV
9/6Jsy9MfC7WEdZiUsfQZ55FbVepuda8SJoi1dj+IsHQyDSpy6+Cdm2DktzuDANn
xmx+eknCGPcs6jhHYp8Xw8owB3BblTy6r7jsTr1xeUeMZpdtjtBiJLVn9Uq1n+gw
sig3q871jQvNj3eilJQFo+vpfhqmboFuTsZau3phuUNjnwYx6mEhXuMVHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWvQ5gbrH17ka/WDqYnQ+Ia+BTQMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQEx+gtwL
2cBH55TJsqqRlkEcvRnvqnDGyaEhhX6Kpx1rgLblwFAcb1k7VzI77XapbwG0ClV1
fGZ5qnjHptktk8mDWTUBSSgiUQwHPfn1JylSFMCO5/hnH3fK90Fme7aj0z4x++lu
8ZamiPSMqTc6azxNwJYDf7uSVFGN+yMBMDOn/YzvSvXZ97/OP0BnlYJyJ1gwz6PC
K3tCq5waE0CrTiK4lTsxQXKt/RxIfUVnXgSV/qQ7bGJ9OJHcfYS5LcyQXQPbQdUG
yF3kH/BBIrncPvRzbWuOwpJAXtIvFGQdgeF80JhrthrIfhLy0JDQASXwHpbo4Zui
27N5l2MTWWSpyQ==
-----END CERTIFICATE-----
Generated at Tue May 6 14:56:37 2025 by rpki-client