Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: u7R3K9sK8xHrgJ3o2UzXxkNKCwZhZWT3Pi6pdirrMIA=
Subject key identifier: 4A:94:9D:15:F9:7D:88:43:BD:A3:EA:AC:0D:AF:3D:B1:27:2D:AD:90
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 0196A0F6C3A22BE37F73D166E28CB92A01F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 1526
Signing time: Mon 05 May 2025 15:00:48 +0000
Manifest this update: Mon 05 May 2025 15:00:48 +0000
Manifest next update: Tue 06 May 2025 15:00:48 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: pL7VlKps2odwAf69Bz+Qp9VWdBHZVFVmPgTglyvwXeo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 15:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:f6:c3:a2:2b:e3:7f:73:d1:66:e2:8c:b9:2a:01:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: May 5 15:00:48 2025 GMT
Not After : May 6 15:00:48 2025 GMT
Subject: CN=4a949d15f97d8843bda3eaac0daf3db1272dad90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:23:f7:c7:7b:9f:fa:4f:a4:26:9d:1c:e4:c2:
fc:a4:cf:50:1c:47:32:7a:8d:74:9c:90:05:42:1c:
48:b4:e6:15:3b:5b:08:66:21:03:62:44:2a:30:bc:
e9:3b:2e:6f:1f:85:c1:c3:c0:f9:71:78:e8:5a:a3:
06:2b:31:be:26:4d:aa:bf:de:e7:33:0e:e6:cd:9a:
c7:e2:00:71:3b:63:cc:96:ec:04:da:a9:0f:b4:51:
1c:c9:df:06:f5:b0:93:1f:8d:f9:d3:8d:94:77:88:
fc:56:6d:36:31:43:90:f5:bb:fe:de:f5:ca:28:72:
01:17:6a:65:71:60:7a:b4:16:1c:9e:78:57:eb:6f:
a5:78:4a:0d:03:41:16:d4:6c:d6:77:fc:fe:12:ea:
ac:92:76:69:ba:71:15:2a:0b:e3:67:02:85:90:ea:
d6:5f:de:72:bf:d2:28:16:52:24:bc:84:57:4c:44:
1b:0c:6a:f8:1d:e9:23:0e:94:90:38:b4:c3:80:65:
ef:e6:40:cb:ef:52:cf:38:37:12:2d:9a:ce:b7:a2:
cc:28:ee:5d:9b:66:21:08:3a:51:b3:2a:67:f4:ab:
fa:da:19:52:49:d5:1d:cb:71:39:b3:ca:b6:1d:da:
31:e3:93:95:c5:83:0c:1c:0e:cb:b3:75:d2:de:9b:
fb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:94:9D:15:F9:7D:88:43:BD:A3:EA:AC:0D:AF:3D:B1:27:2D:AD:90
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:3a:f8:42:5f:65:44:f6:7a:eb:7c:47:de:92:ad:d4:6c:78:
f5:fb:f3:07:4d:fc:55:b5:68:54:cf:c0:33:97:72:58:a2:d1:
af:fa:7a:d7:99:a2:24:66:11:ee:25:a1:c8:2f:92:84:fd:21:
51:63:63:0f:f7:25:26:8b:14:25:db:e3:b4:6e:77:37:90:12:
c6:aa:57:08:01:a1:ed:85:c8:e2:80:de:de:81:67:61:fd:2a:
66:24:8d:77:b4:0f:26:dc:13:dc:f5:42:a7:b2:ec:29:60:e1:
e0:b1:ae:30:70:ed:fa:eb:06:c9:2f:3a:6c:8f:35:56:29:7f:
99:ea:7a:0c:1c:38:49:1a:da:3f:30:63:30:10:37:fd:a3:0a:
8f:8d:64:9a:3c:d7:81:f2:32:02:7f:3c:79:2d:44:f4:5b:3f:
5b:82:ca:76:af:27:67:fe:22:ff:b7:e2:58:fb:e5:1b:b0:ed:
d1:1b:8f:bd:2d:c2:c7:4b:2e:03:e8:4a:64:7f:b1:57:f9:b1:
d2:52:07:ac:f1:ff:ef:12:4c:9b:c6:96:85:7a:22:8f:d0:67:
67:5b:2c:11:23:f4:d3:a9:7c:3a:a5:4a:85:d0:c6:b7:e0:d2:
d5:bf:eb:f5:72:70:e8:38:b2:0e:27:6a:c8:7c:c0:bf:69:36:
69:97:cd:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZag9sOiK+N/c9Fm4oy5KgHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwNTA1MTUwMDQ4WhcNMjUwNTA2MTUwMDQ4WjAzMTEwLwYDVQQD
Eyg0YTk0OWQxNWY5N2Q4ODQzYmRhM2VhYWMwZGFmM2RiMTI3MmRhZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniP3x3uf+k+kJp0c5ML8pM9QHEcy
eo10nJAFQhxItOYVO1sIZiEDYkQqMLzpOy5vH4XBw8D5cXjoWqMGKzG+Jk2qv97n
Mw7mzZrH4gBxO2PMluwE2qkPtFEcyd8G9bCTH435042Ud4j8Vm02MUOQ9bv+3vXK
KHIBF2plcWB6tBYcnnhX62+leEoNA0EW1GzWd/z+EuqsknZpunEVKgvjZwKFkOrW
X95yv9IoFlIkvIRXTEQbDGr4HekjDpSQOLTDgGXv5kDL71LPODcSLZrOt6LMKO5d
m2YhCDpRsypn9Kv62hlSSdUdy3E5s8q2Hdox45OVxYMMHA7Ls3XS3pv7sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqUnRX5fYhDvaPqrA2vPbEnLa2QMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsDr4Ql9l
RPZ663xH3pKt1Gx49fvzB038VbVoVM/AM5dyWKLRr/p615miJGYR7iWhyC+ShP0h
UWNjD/clJosUJdvjtG53N5ASxqpXCAGh7YXI4oDe3oFnYf0qZiSNd7QPJtwT3PVC
p7LsKWDh4LGuMHDt+usGyS86bI81Vil/mep6DBw4SRraPzBjMBA3/aMKj41kmjzX
gfIyAn88eS1E9Fs/W4LKdq8nZ/4i/7fiWPvlG7Dt0RuPvS3Cx0suA+hKZH+xV/mx
0lIHrPH/7xJMm8aWhXoij9BnZ1ssESP006l8OqVKhdDGt+DS1b/r9XJw6DiyDidq
yHzAv2k2aZfNlg==
-----END CERTIFICATE-----
Generated at Mon May 5 21:45:43 2025 by rpki-client