Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: w17VkVo978/rZ3y2q+HkLHlDLJiUu0u8SdHmd0mfoSA=
Subject key identifier: 27:B1:13:17:68:81:F2:B3:85:24:C7:16:A9:F6:29:59:B5:30:CA:80
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 0196AA9ED7B10EADDB7B4E2AF3D9DC099402
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 152C
Signing time: Wed 07 May 2025 12:00:58 +0000
Manifest this update: Wed 07 May 2025 12:00:58 +0000
Manifest next update: Thu 08 May 2025 12:00:58 +0000
Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=)
2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: titpFtBRRsbhvPwZ3s8kEegW5T2dNnlJn6l348/N7bs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 12:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:9e:d7:b1:0e:ad:db:7b:4e:2a:f3:d9:dc:09:94:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: May 7 12:00:58 2025 GMT
Not After : May 8 12:00:58 2025 GMT
Subject: CN=27b113176881f2b38524c716a9f62959b530ca80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:df:16:86:ca:54:2e:28:4d:38:5f:42:3d:03:
05:13:ad:6f:c8:c0:62:e4:3c:8f:e1:ad:bb:76:b8:
9b:44:0c:f3:fc:68:88:de:b8:fe:4b:df:9a:cc:08:
8e:13:58:74:58:d9:06:7b:f6:73:75:cd:4c:2b:69:
03:85:30:cb:8a:80:92:5f:09:7c:68:5f:82:95:29:
f7:ff:52:98:5c:f1:04:9b:3c:c4:5b:e7:6f:93:51:
d3:04:2a:60:89:05:b0:d8:85:2b:6c:3e:bf:7b:c3:
9e:f0:ae:0e:7a:2a:17:99:64:15:c2:32:3b:40:c6:
bd:33:fd:d7:4e:dd:a0:07:5a:15:a6:a8:a1:ee:48:
7a:f1:a5:b7:1d:c5:78:20:48:52:6d:d7:ac:d1:ec:
68:8a:95:37:01:4b:1e:a6:3d:65:88:fe:8e:f5:ed:
53:7a:52:9b:d0:db:47:eb:84:71:e0:b4:b0:e4:6f:
32:29:68:21:d7:79:bc:80:de:9c:da:de:65:ff:72:
13:c6:96:89:27:08:8d:01:cb:a1:1d:5c:e1:be:f7:
5b:bc:31:e6:6b:77:15:e6:96:57:94:c5:db:e5:5e:
81:28:53:db:c7:c4:d9:c4:65:c3:2f:f7:1a:69:3f:
ab:73:a4:e0:d2:4a:da:2c:27:1a:ed:46:5d:95:af:
2e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B1:13:17:68:81:F2:B3:85:24:C7:16:A9:F6:29:59:B5:30:CA:80
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:1c:12:ae:68:28:47:5d:0c:1a:ff:ae:34:a8:20:3a:cd:fb:
e0:87:ba:dc:fe:29:34:e9:2e:31:2c:97:99:88:a4:4f:7d:65:
c0:7f:5d:87:c4:4f:2b:f3:3a:85:fa:66:42:dd:77:f0:17:d5:
a7:0c:d7:07:37:98:25:d4:50:b9:78:29:3c:ea:7f:dd:e4:ae:
c5:8d:48:21:c6:bf:92:68:12:4a:a6:53:0b:d5:2e:ab:12:3d:
2f:ea:ef:9d:6a:64:9d:22:55:74:af:f5:0c:88:8f:78:e4:61:
22:36:04:92:f3:f7:0e:4d:3f:4d:8a:49:e8:d4:3b:77:36:d9:
83:3b:98:fc:c6:96:50:8d:f3:6b:61:df:9a:1a:69:60:b7:58:
38:06:9c:01:81:1c:97:59:b7:12:35:01:58:e7:18:82:25:bc:
cc:7a:a2:a0:c0:68:46:4a:e4:88:33:bb:32:f0:58:d8:6d:96:
25:92:c5:87:c9:46:d1:7d:21:30:a6:c4:7d:70:2a:5d:fa:e4:
8b:41:3a:bf:5c:5d:b9:31:8d:a2:5e:24:96:a9:b7:f2:98:b4:
20:02:69:b0:d4:d0:e9:10:9f:a0:ca:ab:b6:44:2e:ea:1e:e6:
59:f8:3f:e5:40:0f:83:c0:a1:fc:70:69:74:51:a8:b9:62:e8:
5b:cf:c7:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqntexDq3be04q89ncCZQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjUwNTA3MTIwMDU4WhcNMjUwNTA4MTIwMDU4WjAzMTEwLwYDVQQD
EygyN2IxMTMxNzY4ODFmMmIzODUyNGM3MTZhOWY2Mjk1OWI1MzBjYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt8WhspULihNOF9CPQMFE61vyMBi
5DyP4a27dribRAzz/GiI3rj+S9+azAiOE1h0WNkGe/Zzdc1MK2kDhTDLioCSXwl8
aF+ClSn3/1KYXPEEmzzEW+dvk1HTBCpgiQWw2IUrbD6/e8Oe8K4OeioXmWQVwjI7
QMa9M/3XTt2gB1oVpqih7kh68aW3HcV4IEhSbdes0exoipU3AUsepj1liP6O9e1T
elKb0NtH64Rx4LSw5G8yKWgh13m8gN6c2t5l/3ITxpaJJwiNAcuhHVzhvvdbvDHm
a3cV5pZXlMXb5V6BKFPbx8TZxGXDL/caaT+rc6Tg0kraLCca7UZdla8u7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCexExdogfKzhSTHFqn2KVm1MMqAMB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADBwSrmgo
R10MGv+uNKggOs374Ie63P4pNOkuMSyXmYikT31lwH9dh8RPK/M6hfpmQt138BfV
pwzXBzeYJdRQuXgpPOp/3eSuxY1IIca/kmgSSqZTC9UuqxI9L+rvnWpknSJVdK/1
DIiPeORhIjYEkvP3Dk0/TYpJ6NQ7dzbZgzuY/MaWUI3za2HfmhppYLdYOAacAYEc
l1m3EjUBWOcYgiW8zHqioMBoRkrkiDO7MvBY2G2WJZLFh8lG0X0hMKbEfXAqXfrk
i0E6v1xduTGNol4klqm38pi0IAJpsNTQ6RCfoMqrtkQu6h7mWfg/5UAPg8Ch/HBp
dFGouWLoW8/HxQ==
-----END CERTIFICATE-----
Generated at Wed May 7 18:13:07 2025 by rpki-client