Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: bYOxK+8ONvObTL0VFuqnR0ijOKmRcqQORS9L4wtifAc=
Subject key identifier: 23:19:01:DD:0A:9B:4F:4B:B7:03:69:10:E6:F8:6A:12:BA:D0:CF:93
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 0196C270217DFA262E590F7CFFEBE3837937
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1537
Signing time: Mon 12 May 2025 03:00:50 +0000
Manifest this update: Mon 12 May 2025 03:00:50 +0000
Manifest next update: Tue 13 May 2025 03:00:50 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: NAjqFVaXA0ZCzR2AhN9dGVR7eSbIVAAjyjND+9plqmk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c2:70:21:7d:fa:26:2e:59:0f:7c:ff:eb:e3:83:79:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: May 12 03:00:50 2025 GMT
Not After : May 13 03:00:50 2025 GMT
Subject: CN=231901dd0a9b4f4bb7036910e6f86a12bad0cf93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a7:8b:e0:c1:f0:e4:b3:47:c3:f4:fe:db:26:
8a:79:2f:97:86:11:3e:62:0b:fa:0d:4a:23:9e:4e:
d1:b1:d8:48:1e:c9:03:02:21:11:00:d1:ce:05:a3:
61:72:e6:9e:e0:18:b2:36:4f:c8:7b:38:07:27:58:
95:bb:17:a9:ac:b5:cf:b6:67:57:7e:18:4a:1b:c0:
f2:80:f2:70:36:df:6f:62:5c:06:b4:1d:1a:05:d1:
95:d5:34:de:76:08:62:0d:25:ed:02:94:17:7c:50:
dc:a5:95:3e:24:c9:46:9f:ca:60:5a:c4:6d:37:10:
c2:74:cc:6a:01:97:98:32:30:23:87:28:c8:a3:0c:
9d:d3:b7:0b:59:87:a2:36:bd:88:d8:5d:4e:6d:99:
0c:3e:a5:b6:a9:1a:83:26:29:cb:e4:10:da:34:65:
a9:1b:b5:cc:23:f2:af:43:e2:05:56:69:ad:8a:74:
e3:b3:c6:45:e2:8d:2b:8c:2d:51:33:06:ed:04:0f:
39:d5:18:48:92:63:c7:2a:e4:8e:e3:59:7e:a5:8b:
9d:31:d3:3e:41:94:f9:2b:1e:4f:26:fd:c6:9d:f1:
eb:7f:ce:39:7b:04:4b:7d:67:21:94:57:12:13:c0:
d2:56:82:fc:76:41:60:63:7f:8c:b4:e7:a9:56:fe:
a3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:19:01:DD:0A:9B:4F:4B:B7:03:69:10:E6:F8:6A:12:BA:D0:CF:93
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:92:dc:2c:51:70:fb:d1:fc:56:09:33:6e:40:9a:1f:c2:b6:
a2:9e:0c:cc:ef:87:b7:f6:1e:9c:bb:6c:89:0d:8e:81:68:60:
98:e8:df:6c:3e:a3:99:b2:a1:40:e0:ba:3f:79:46:1e:d3:18:
68:ff:84:4a:46:b6:eb:82:30:aa:e1:d6:d5:b4:21:39:9b:ec:
d6:52:71:f8:ce:94:96:e4:17:30:53:d5:98:02:35:55:70:fd:
97:83:17:c4:83:81:6c:ee:31:aa:92:80:ae:e9:97:ac:8a:f1:
3b:0a:55:24:e4:3f:20:75:e3:2b:90:71:1f:91:b9:98:75:86:
ff:a4:86:d4:e0:eb:a3:75:8e:f1:dd:15:34:52:f5:e7:df:d2:
f2:82:47:58:17:f3:9e:95:f4:b1:76:74:c1:aa:9f:d2:a9:e8:
76:9c:ba:a1:3c:c1:04:f7:67:e2:d6:a0:0c:51:a6:10:e1:84:
9d:8d:ef:d9:fd:a1:14:e6:d8:cf:43:a1:f5:32:71:28:aa:f7:
fd:a6:20:1b:36:5c:f2:52:3a:2c:35:02:e1:c2:d8:bc:e1:76:
26:50:33:0c:ce:0d:80:3f:0c:dd:ad:c6:ef:b9:2e:b7:af:b6:
9e:d5:9d:b5:a6:34:e5:72:c4:46:e8:80:15:cf:47:de:7f:00:
8f:92:e3:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCcCF9+iYuWQ98/+vjg3k3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwNTEyMDMwMDUwWhcNMjUwNTEzMDMwMDUwWjAzMTEwLwYDVQQD
EygyMzE5MDFkZDBhOWI0ZjRiYjcwMzY5MTBlNmY4NmExMmJhZDBjZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qeL4MHw5LNHw/T+2yaKeS+XhhE+
Ygv6DUojnk7RsdhIHskDAiERANHOBaNhcuae4BiyNk/IezgHJ1iVuxeprLXPtmdX
fhhKG8DygPJwNt9vYlwGtB0aBdGV1TTedghiDSXtApQXfFDcpZU+JMlGn8pgWsRt
NxDCdMxqAZeYMjAjhyjIowyd07cLWYeiNr2I2F1ObZkMPqW2qRqDJinL5BDaNGWp
G7XMI/KvQ+IFVmmtinTjs8ZF4o0rjC1RMwbtBA851RhIkmPHKuSO41l+pYudMdM+
QZT5Kx5PJv3GnfHrf845ewRLfWchlFcSE8DSVoL8dkFgY3+MtOepVv6jzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMZAd0Km09LtwNpEOb4ahK60M+TMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJLcLFFw
+9H8VgkzbkCaH8K2op4MzO+Ht/YenLtsiQ2OgWhgmOjfbD6jmbKhQOC6P3lGHtMY
aP+ESka264IwquHW1bQhOZvs1lJx+M6UluQXMFPVmAI1VXD9l4MXxIOBbO4xqpKA
rumXrIrxOwpVJOQ/IHXjK5BxH5G5mHWG/6SG1ODro3WO8d0VNFL159/S8oJHWBfz
npX0sXZ0waqf0qnodpy6oTzBBPdn4tagDFGmEOGEnY3v2f2hFObYz0Oh9TJxKKr3
/aYgGzZc8lI6LDUC4cLYvOF2JlAzDM4NgD8M3a3G77kut6+2ntWdtaY05XLERuiA
Fc9H3n8Aj5Lj5Q==
-----END CERTIFICATE-----
Generated at Mon May 12 11:17:17 2025 by rpki-client