Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json)
Hash identifier: 8nVohnMttU23WWl1fWG2cUynVVtV9Iiia7GKOsgaK68=
Subject key identifier: 98:25:89:3B:64:71:5E:AC:4C:4F:03:2A:22:91:1D:F4:7B:3F:34:42
Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Certificate serial: 0196C53A6588D5A25F074ED114E569EFE333
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
Manifest number: 0574
Signing time: Mon 12 May 2025 16:01:00 +0000
Manifest this update: Mon 12 May 2025 16:01:00 +0000
Manifest next update: Tue 13 May 2025 16:01:00 +0000
Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: jQX/mkrx0PtPZ4iZ1mwGwzg9cC64UAl+uvnarx29/uU=)
2: v5LwLHwuCUZrT_0G6r3v0bfLSQs.roa (hash: +ztaiH2S/aHDtgvKfj/YkXPsW58SyJ9uS27Ej7psyFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:3a:65:88:d5:a2:5f:07:4e:d1:14:e5:69:ef:e3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Validity
Not Before: May 12 16:01:00 2025 GMT
Not After : May 13 16:01:00 2025 GMT
Subject: CN=9825893b64715eac4c4f032a22911df47b3f3442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:67:ba:7f:67:7f:ea:cd:33:16:80:9c:a8:ed:
37:48:df:e0:d6:73:14:6d:b3:f0:3c:7f:7f:f1:3e:
68:99:39:26:b3:91:74:6f:1e:0c:12:0a:e3:2f:7c:
2f:71:08:d7:89:90:df:4a:96:a2:f8:7a:0b:30:f6:
94:1d:d5:60:44:b4:67:b1:c3:06:a5:92:77:56:20:
68:47:88:64:8f:11:8d:2c:ac:e5:3d:ae:70:54:ee:
3b:0d:5c:20:6a:32:77:8d:6a:66:b3:77:97:1b:6a:
f4:67:d0:2b:da:60:51:86:b5:f3:a5:0a:c6:aa:68:
16:bd:34:27:6a:67:46:27:9f:a6:6f:59:c7:73:41:
15:2e:d7:d7:b4:b4:f5:6d:2b:d0:5f:7e:c1:d0:39:
24:13:77:59:a1:12:c2:d3:d1:3b:b4:2c:37:ad:d0:
50:0c:f8:5f:c5:15:c0:93:63:56:be:d3:4a:ca:27:
a0:a2:14:8a:ec:84:9d:f3:2b:d0:5f:ec:b4:8e:a0:
97:53:7b:c3:90:d7:66:a2:90:24:9b:fe:37:7f:9e:
95:71:19:91:4f:8b:6b:17:e8:19:34:e5:9f:30:e5:
ec:a0:bc:86:43:80:e7:c0:d8:59:8c:91:c2:b5:76:
6a:24:c2:7c:8c:de:5d:ef:77:98:7d:e4:4e:d6:25:
ae:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:25:89:3B:64:71:5E:AC:4C:4F:03:2A:22:91:1D:F4:7B:3F:34:42
X509v3 Authority Key Identifier:
keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:14:10:b7:21:70:05:a2:76:36:d2:d2:3a:72:58:da:16:ff:
3e:d2:49:00:54:cb:16:0f:b6:ce:4e:c3:94:ce:61:f6:f1:7c:
d8:20:a6:63:6c:c0:91:50:39:21:03:cd:1e:85:a3:a6:2c:61:
b6:80:ea:35:27:f3:0e:c6:3b:7a:bd:90:49:dc:a4:f7:fd:94:
86:18:24:ed:09:2e:e7:5f:2b:36:68:d0:32:29:f6:5f:86:6a:
90:83:15:a3:22:62:b9:eb:04:94:56:6d:29:89:43:b5:31:b9:
04:ec:cc:6c:f1:ba:56:29:4b:50:51:54:86:85:ed:59:bc:1d:
b3:67:35:42:50:0b:51:1a:14:1a:c6:fc:79:13:3d:e9:f1:ce:
0d:51:c7:29:e3:76:4d:df:ff:d6:86:8c:54:3b:a8:19:18:a9:
c8:97:84:90:76:52:15:25:57:58:80:4b:13:47:18:87:eb:ba:
4d:ba:55:47:b9:9e:8f:3e:15:36:ba:20:cc:a1:07:22:29:c8:
61:44:c0:3e:12:d3:44:85:e0:e8:bf:2f:47:89:e8:c8:17:5d:
05:de:44:8b:65:c8:f4:b9:7f:f4:e8:cf:14:1a:1b:77:28:88:
bc:37:f8:ca:33:40:b8:71:28:af:cf:ad:c6:23:34:23:c6:80:
c8:50:e3:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOmWI1aJfB07RFOVp7+MzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4
YTc5MzgwHhcNMjUwNTEyMTYwMTAwWhcNMjUwNTEzMTYwMTAwWjAzMTEwLwYDVQQD
Eyg5ODI1ODkzYjY0NzE1ZWFjNGM0ZjAzMmEyMjkxMWRmNDdiM2YzNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ge6f2d/6s0zFoCcqO03SN/g1nMU
bbPwPH9/8T5omTkms5F0bx4MEgrjL3wvcQjXiZDfSpai+HoLMPaUHdVgRLRnscMG
pZJ3ViBoR4hkjxGNLKzlPa5wVO47DVwgajJ3jWpms3eXG2r0Z9Ar2mBRhrXzpQrG
qmgWvTQnamdGJ5+mb1nHc0EVLtfXtLT1bSvQX37B0DkkE3dZoRLC09E7tCw3rdBQ
DPhfxRXAk2NWvtNKyiegohSK7ISd8yvQX+y0jqCXU3vDkNdmopAkm/43f56VcRmR
T4trF+gZNOWfMOXsoLyGQ4DnwNhZjJHCtXZqJMJ8jN5d73eYfeRO1iWufQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgliTtkcV6sTE8DKiKRHfR7PzRCMB8GA1UdIwQY
MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt
ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi
LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATxQQtyFw
BaJ2NtLSOnJY2hb/PtJJAFTLFg+2zk7DlM5h9vF82CCmY2zAkVA5IQPNHoWjpixh
toDqNSfzDsY7er2QSdyk9/2Uhhgk7Qku518rNmjQMin2X4ZqkIMVoyJiuesElFZt
KYlDtTG5BOzMbPG6VilLUFFUhoXtWbwds2c1QlALURoUGsb8eRM96fHODVHHKeN2
Td//1oaMVDuoGRipyJeEkHZSFSVXWIBLE0cYh+u6TbpVR7mejz4VNrogzKEHIinI
YUTAPhLTRIXg6L8vR4noyBddBd5Ei2XI9Ll/9OjPFBobdyiIvDf4yjNAuHEor8+t
xiM0I8aAyFDjpw==
-----END CERTIFICATE-----
Generated at Mon May 12 20:37:50 2025 by rpki-client