Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: E7aHOYc0oJRDwCtZFZWQ3tRMv30bpDnc5kkGdA2s0Fk=
Subject key identifier: DA:AF:9A:6C:C8:7F:E3:F9:20:1E:DF:B8:E8:62:C1:54:48:A9:0F:1A
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 0196BBFFBFD527ACFE7B9A9B56A5461827BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 1532
Signing time: Sat 10 May 2025 21:00:22 +0000
Manifest this update: Sat 10 May 2025 21:00:22 +0000
Manifest next update: Sun 11 May 2025 21:00:22 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: AloTLUa90Kzjpv2SYc/XRBPQvq3WXDJyJC141ZGx2G4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 21:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bb:ff:bf:d5:27:ac:fe:7b:9a:9b:56:a5:46:18:27:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: May 10 21:00:22 2025 GMT
Not After : May 11 21:00:22 2025 GMT
Subject: CN=daaf9a6cc87fe3f9201edfb8e862c15448a90f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f0:bf:b2:7d:75:68:e2:2e:a9:e9:b3:29:93:
f8:60:b7:12:b1:55:a7:84:a8:65:70:b8:7e:6f:74:
55:98:4a:5b:e0:94:50:e2:22:bd:7c:04:e1:d5:e8:
9b:1b:10:5a:5f:ea:65:e1:95:15:ee:be:ae:40:27:
8b:60:38:c8:37:17:ff:12:c4:c6:74:e3:92:0c:74:
72:b7:2e:d2:01:7d:7d:78:0f:e3:f8:91:9c:80:27:
1e:a8:6f:17:0e:a8:67:77:1f:0a:3c:78:16:82:cc:
0f:de:60:05:62:4a:b1:83:a4:d6:7d:a2:f0:c4:99:
2d:aa:f4:fd:4a:19:3f:0f:f3:bd:3b:99:dc:39:51:
32:86:2f:ff:21:40:65:88:a6:88:a0:e2:72:74:43:
e8:22:d1:6e:63:76:81:46:67:3d:ea:e4:81:66:bd:
8d:bf:43:94:3e:7d:15:96:c5:eb:1d:34:08:22:e3:
25:8e:ae:b2:2f:c6:2f:3d:85:b5:cf:73:72:e2:7c:
be:04:11:9c:66:30:f9:fd:3a:5f:88:50:34:c2:d5:
fe:5d:49:79:68:68:60:64:1c:a8:3b:af:33:54:b2:
81:67:1d:5c:9c:79:07:ba:b2:7e:55:17:bf:75:d6:
c1:70:12:69:63:44:b1:4d:ab:06:54:9d:0c:9d:71:
06:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:9A:6C:C8:7F:E3:F9:20:1E:DF:B8:E8:62:C1:54:48:A9:0F:1A
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:a4:e5:5f:42:2b:4f:7a:c4:f7:c2:37:8f:5d:3c:73:b5:76:
c7:93:4e:a7:17:63:ae:83:91:25:d2:58:2a:d6:af:18:21:6c:
fe:01:1e:73:2e:fb:47:77:e9:2d:6a:42:19:f4:63:89:79:d8:
2e:79:8d:0a:fc:01:0d:6f:7e:62:69:18:b8:41:43:41:a8:98:
36:a0:dc:90:d9:5f:e9:e2:1a:a7:13:0a:e5:b9:df:20:0f:43:
76:12:51:23:47:7e:1c:6b:8b:a5:d4:34:9f:62:9f:ca:d9:45:
bf:9b:74:b5:9b:4e:1e:80:7d:f8:e8:39:ef:96:b1:f0:8f:c1:
24:e5:0b:b4:25:38:1d:3d:ff:7f:34:30:46:38:aa:58:1c:66:
45:08:95:a8:18:51:5f:5f:77:d8:f1:c9:d7:11:33:a6:b2:c9:
a8:7b:39:d4:36:56:c5:e5:da:ae:89:25:ef:c6:9b:44:68:c3:
45:26:b5:13:b4:95:55:29:e2:17:2a:c6:b9:9f:8f:d8:99:66:
80:2e:48:ce:81:5a:3b:2e:f1:67:bb:9c:8a:ec:5d:e5:27:eb:
96:59:a9:a0:91:48:2e:1d:18:89:b3:17:07:c1:fa:f0:49:3c:
3b:c2:ad:5a:6d:6b:b7:f2:0a:1f:8f:65:75:97:8d:a3:8f:12:
df:99:c0:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7/7/VJ6z+e5qbVqVGGCe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUwNTEwMjEwMDIyWhcNMjUwNTExMjEwMDIyWjAzMTEwLwYDVQQD
EyhkYWFmOWE2Y2M4N2ZlM2Y5MjAxZWRmYjhlODYyYzE1NDQ4YTkwZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfC/sn11aOIuqemzKZP4YLcSsVWn
hKhlcLh+b3RVmEpb4JRQ4iK9fATh1eibGxBaX+pl4ZUV7r6uQCeLYDjINxf/EsTG
dOOSDHRyty7SAX19eA/j+JGcgCceqG8XDqhndx8KPHgWgswP3mAFYkqxg6TWfaLw
xJktqvT9Shk/D/O9O5ncOVEyhi//IUBliKaIoOJydEPoItFuY3aBRmc96uSBZr2N
v0OUPn0VlsXrHTQIIuMljq6yL8YvPYW1z3Ny4ny+BBGcZjD5/TpfiFA0wtX+XUl5
aGhgZByoO68zVLKBZx1cnHkHurJ+VRe/ddbBcBJpY0SxTasGVJ0MnXEGXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqvmmzIf+P5IB7fuOhiwVRIqQ8aMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZaTlX0Ir
T3rE98I3j108c7V2x5NOpxdjroORJdJYKtavGCFs/gEecy77R3fpLWpCGfRjiXnY
LnmNCvwBDW9+YmkYuEFDQaiYNqDckNlf6eIapxMK5bnfIA9DdhJRI0d+HGuLpdQ0
n2KfytlFv5t0tZtOHoB9+Og575ax8I/BJOULtCU4HT3/fzQwRjiqWBxmRQiVqBhR
X1932PHJ1xEzprLJqHs51DZWxeXarokl78abRGjDRSa1E7SVVSniFyrGuZ+P2Jlm
gC5IzoFaOy7xZ7uciuxd5SfrllmpoJFILh0YibMXB8H68Ek8O8KtWm1rt/IKH49l
dZeNo48S35nAzg==
-----END CERTIFICATE-----
Generated at Sun May 11 02:43:22 2025 by rpki-client