Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
File: MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json)
Hash identifier: l4sbihrbNwagYQAnHR+7h0ABCXuqtpqDVl4E9TEFMMU=
Subject key identifier: 98:1D:4E:3A:D2:98:7D:E8:4D:AC:D8:0E:F5:7A:43:C5:36:73:07:60
Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
Certificate issuer: /CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Certificate serial: 0196BDEE918FB970C876E71E2450C733808A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
Manifest number: 0580
Signing time: Sun 11 May 2025 06:00:50 +0000
Manifest this update: Sun 11 May 2025 06:00:50 +0000
Manifest next update: Mon 12 May 2025 06:00:50 +0000
Files and hashes: 1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: 6LKfQjGmbAqXK091Ux32VnKky1GquQnu9M2KMsY3+CA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 06:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:ee:91:8f:b9:70:c8:76:e7:1e:24:50:c7:33:80:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Validity
Not Before: May 11 06:00:50 2025 GMT
Not After : May 12 06:00:50 2025 GMT
Subject: CN=981d4e3ad2987de84dacd80ef57a43c536730760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:55:dd:f6:01:a2:2d:e7:85:7f:9c:bc:24:29:
df:dd:de:77:36:20:73:b6:d3:32:35:0e:45:e7:79:
12:54:b8:c7:1d:68:64:a7:5f:35:eb:77:1c:28:0d:
ad:75:23:32:2b:c5:f3:af:99:f7:33:92:04:c4:64:
da:ba:7d:7d:04:11:9b:75:e4:ca:3c:f5:38:55:22:
2f:54:ae:a1:03:93:30:12:f3:91:59:e6:c0:24:aa:
10:37:1c:64:a2:c4:49:67:7c:ef:10:7a:1a:5c:4f:
05:72:c3:44:cf:31:0c:6a:f9:4d:b6:b5:a0:ff:8d:
ed:dd:82:8f:cc:16:e2:60:22:ef:45:42:5b:43:91:
4a:3b:9d:6a:33:a9:c3:cd:48:2e:e9:e0:ec:76:3a:
46:bf:9d:bd:43:e4:ca:42:a7:be:7a:88:5c:d7:23:
22:46:be:89:45:90:39:04:5c:b5:5d:b9:3b:0b:b2:
d0:55:f2:f2:18:0a:9e:2c:98:5f:37:38:cd:d9:73:
57:4d:b6:b0:ce:11:19:49:3d:4a:94:c5:f8:10:e0:
9d:f4:08:fd:a8:cb:ce:3f:44:e6:3f:12:20:22:a4:
4b:71:37:da:ba:ee:66:04:01:0b:43:6b:34:62:46:
7c:14:10:c4:5b:1a:43:21:72:0d:9d:e5:31:8e:23:
e6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1D:4E:3A:D2:98:7D:E8:4D:AC:D8:0E:F5:7A:43:C5:36:73:07:60
X509v3 Authority Key Identifier:
keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:f8:9d:a0:52:5e:a8:b2:47:d1:01:76:fa:9b:7f:37:91:6c:
a6:89:c6:54:1c:68:af:83:91:94:9d:a0:97:e6:e3:06:07:c2:
c7:f8:9d:83:50:63:dd:8b:16:fc:43:d2:fb:dc:23:c1:85:29:
c5:55:96:8b:02:2f:89:cf:8f:6b:f3:e2:87:43:95:f6:d2:83:
4f:1c:f9:5b:81:cc:7a:37:37:5a:85:c3:aa:2e:51:4e:15:9a:
50:20:ea:d9:bc:f1:aa:38:28:36:a7:47:8d:a8:23:0f:b9:54:
37:75:5f:c0:51:d7:58:00:99:ad:f1:c9:d7:1e:ea:0b:6c:2d:
fe:e7:50:65:0d:d9:9e:6a:78:36:e1:af:99:f3:07:2e:87:44:
6d:93:45:72:22:ee:fc:17:0e:1c:bf:bb:0d:4b:4e:33:36:d8:
ed:65:b7:5b:31:6e:a3:26:8f:14:aa:c6:7c:1d:c8:c8:28:ac:
04:f7:73:c6:7c:6f:93:50:e4:21:66:98:1f:f4:50:a5:92:a5:
38:55:02:bd:7a:d1:35:35:13:31:73:55:80:9b:f5:44:3f:28:
bb:07:8d:ec:5f:89:91:bf:0e:4b:83:04:e1:e7:26:6a:af:d3:
08:5e:51:f7:41:ab:67:c3:57:f6:c4:c1:be:63:62:2b:25:e7:
ef:4b:b8:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97pGPuXDIduceJFDHM4CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh
ZGVlNDgwHhcNMjUwNTExMDYwMDUwWhcNMjUwNTEyMDYwMDUwWjAzMTEwLwYDVQQD
Eyg5ODFkNGUzYWQyOTg3ZGU4NGRhY2Q4MGVmNTdhNDNjNTM2NzMwNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklXd9gGiLeeFf5y8JCnf3d53NiBz
ttMyNQ5F53kSVLjHHWhkp18163ccKA2tdSMyK8Xzr5n3M5IExGTaun19BBGbdeTK
PPU4VSIvVK6hA5MwEvORWebAJKoQNxxkosRJZ3zvEHoaXE8FcsNEzzEMavlNtrWg
/43t3YKPzBbiYCLvRUJbQ5FKO51qM6nDzUgu6eDsdjpGv529Q+TKQqe+eohc1yMi
Rr6JRZA5BFy1Xbk7C7LQVfLyGAqeLJhfNzjN2XNXTbawzhEZST1KlMX4EOCd9Aj9
qMvOP0TmPxIgIqRLcTfauu5mBAELQ2s0YkZ8FBDEWxpDIXINneUxjiPm9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgdTjrSmH3oTazYDvV6Q8U2cwdgMB8GA1UdIwQY
MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt
ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh
LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJPidoFJe
qLJH0QF2+pt/N5FsponGVBxor4ORlJ2gl+bjBgfCx/idg1Bj3YsW/EPS+9wjwYUp
xVWWiwIvic+Pa/Pih0OV9tKDTxz5W4HMejc3WoXDqi5RThWaUCDq2bzxqjgoNqdH
jagjD7lUN3VfwFHXWACZrfHJ1x7qC2wt/udQZQ3Znmp4NuGvmfMHLodEbZNFciLu
/BcOHL+7DUtOMzbY7WW3WzFuoyaPFKrGfB3IyCisBPdzxnxvk1DkIWaYH/RQpZKl
OFUCvXrRNTUTMXNVgJv1RD8ouweN7F+Jkb8OS4ME4ecmaq/TCF5R90GrZ8NX9sTB
vmNiKyXn70u4SQ==
-----END CERTIFICATE-----
Generated at Sun May 11 15:44:40 2025 by rpki-client