Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
File: aM73Itq-WXXKT5uoYWOI7GxlaiA.mft (raw, json)
Hash identifier: qjuxYWm6eAePTksrtiSJo1RwqKj+euUqyW6pqWP8eAw=
Subject key identifier: 1A:19:04:43:D8:27:BC:BA:95:C8:A5:79:3C:8B:1B:67:9C:2D:B3:49
Authority key identifier: 68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
Certificate issuer: /CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Certificate serial: 0196C2DD63A14F8C8164DBD9E86D5F4A6CBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
Manifest number: 0A20
Signing time: Mon 12 May 2025 05:00:10 +0000
Manifest this update: Mon 12 May 2025 05:00:10 +0000
Manifest next update: Tue 13 May 2025 05:00:10 +0000
Files and hashes: 1: F66nmw_9gnfRz1vGxzlxmQMgQys.roa (hash: V2QUSY1nIUt0LG1yVgyvdzAwGo/lvS6oHhY3urqyJbE=)
2: IdMP5mSXjXy5RCG7h8iUYBC-7wU.roa (hash: Ak+0cLrZuuXp8cAQmKH4z3k18zZ0o3zgplicC1IedBk=)
3: aM73Itq-WXXKT5uoYWOI7GxlaiA.crl (hash: wYefwAwydLhSiSxzdy36FJsgRBXnwUgKzMqk2GKAS6Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c2:dd:63:a1:4f:8c:81:64:db:d9:e8:6d:5f:4a:6c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cef722dabe5975ca4f9ba8616388ec6c656a20
Validity
Not Before: May 12 05:00:10 2025 GMT
Not After : May 13 05:00:10 2025 GMT
Subject: CN=1a190443d827bcba95c8a5793c8b1b679c2db349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:42:c1:80:28:e1:72:ec:27:87:ac:5e:21:73:
23:1c:33:ab:98:1e:21:df:34:4f:ce:39:ae:e4:57:
8a:3b:eb:0e:87:b6:73:c2:bd:32:21:af:54:e8:7d:
1f:e2:7c:24:a7:d4:e1:c9:87:2c:97:f8:a7:c3:0d:
7f:5f:67:f8:f6:02:ba:44:59:48:97:cd:44:6b:58:
0b:72:44:fb:ff:60:2c:66:b5:6e:3a:58:a6:76:cf:
48:be:46:2b:a6:72:51:0d:ac:d5:16:ba:51:55:b5:
26:bc:f1:39:5a:03:02:61:9b:f2:41:14:18:85:ff:
4d:31:7b:8a:38:7a:0f:83:2b:dc:93:fc:62:81:1d:
51:04:8c:64:d3:44:98:2b:f7:6c:99:0f:85:4a:01:
c5:4e:99:97:72:1e:e5:ca:3a:30:40:92:04:ff:81:
02:ed:0c:cc:13:75:73:5e:48:34:bc:58:91:79:97:
ea:00:fe:95:2f:d5:ee:bc:01:fd:c8:63:90:90:65:
d2:d3:52:01:3c:55:68:20:96:f4:b8:c3:66:c5:14:
62:92:fe:1c:23:23:a5:96:67:7c:6b:c4:70:c8:b4:
81:9d:31:3d:a1:69:3a:ad:5b:37:3e:c0:1d:a8:6b:
3c:7a:fa:57:46:dc:8c:b0:4c:30:fd:3e:ae:26:55:
f9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:19:04:43:D8:27:BC:BA:95:C8:A5:79:3C:8B:1B:67:9C:2D:B3:49
X509v3 Authority Key Identifier:
keyid:68:CE:F7:22:DA:BE:59:75:CA:4F:9B:A8:61:63:88:EC:6C:65:6A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM73Itq-WXXKT5uoYWOI7GxlaiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/790c15-2058-4c39-90cb-cd677ab431aa/1/aM73Itq-WXXKT5uoYWOI7GxlaiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:8f:5b:20:00:3e:c4:6c:a7:62:16:aa:d4:ed:ad:8a:c4:ab:
2b:7f:19:d5:c8:e1:02:e8:cc:1f:8d:e3:e8:e0:cc:f4:c6:98:
65:4b:66:0c:83:5c:14:34:ce:53:ab:7e:d0:41:f3:30:a8:3a:
12:c8:cc:a7:31:af:58:97:a2:15:60:98:f0:58:a8:ac:0c:6e:
25:68:01:c1:94:61:66:d3:7b:b8:37:3f:5a:ca:ac:a2:01:e1:
88:08:fe:e0:94:1d:37:ff:7f:80:03:a9:e4:5e:7c:3f:a6:02:
d7:e6:a7:37:ca:31:51:b7:34:dd:e5:e7:c4:39:23:f7:da:19:
5f:75:91:b4:af:06:4a:4c:84:18:b8:4c:29:c7:c3:e8:ba:8a:
54:e3:85:5b:3f:cc:02:6c:25:81:32:0e:36:12:f0:03:88:31:
db:0d:ec:e0:a6:1a:17:06:71:52:7d:a2:d7:59:86:f6:e6:d3:
65:40:c7:2f:14:fd:32:46:21:76:d8:5e:85:ef:61:df:69:35:
c7:b9:7f:43:2d:39:cb:2f:fc:67:ce:1f:09:87:0f:46:1d:81:
cf:6c:55:30:9b:74:c9:ab:a3:1f:67:ec:ff:87:1f:61:cb:1a:
ba:38:03:85:dd:a8:20:33:00:41:47:46:07:55:22:3e:f2:56:
a4:46:85:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbC3WOhT4yBZNvZ6G1fSmy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2VmNzIyZGFiZTU5NzVjYTRmOWJhODYxNjM4OGVjNmM2
NTZhMjAwHhcNMjUwNTEyMDUwMDEwWhcNMjUwNTEzMDUwMDEwWjAzMTEwLwYDVQQD
EygxYTE5MDQ0M2Q4MjdiY2JhOTVjOGE1NzkzYzhiMWI2NzljMmRiMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0LBgCjhcuwnh6xeIXMjHDOrmB4h
3zRPzjmu5FeKO+sOh7Zzwr0yIa9U6H0f4nwkp9ThyYcsl/inww1/X2f49gK6RFlI
l81Ea1gLckT7/2AsZrVuOlimds9IvkYrpnJRDazVFrpRVbUmvPE5WgMCYZvyQRQY
hf9NMXuKOHoPgyvck/xigR1RBIxk00SYK/dsmQ+FSgHFTpmXch7lyjowQJIE/4EC
7QzME3VzXkg0vFiReZfqAP6VL9XuvAH9yGOQkGXS01IBPFVoIJb0uMNmxRRikv4c
IyOllmd8a8RwyLSBnTE9oWk6rVs3PsAdqGs8evpXRtyMsEww/T6uJlX54wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoZBEPYJ7y6lcileTyLG2ecLbNJMB8GA1UdIwQY
MBaAFGjO9yLavll1yk+bqGFjiOxsZWogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2It
Y2Q2NzdhYjQzMWFhLzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83OTBjMTUtMjA1OC00YzM5LTkwY2ItY2Q2NzdhYjQzMWFh
LzEvYU03M0l0cS1XWFhLVDV1b1lXT0k3R3hsYWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABI9bIAA+
xGynYhaq1O2tisSrK38Z1cjhAujMH43j6ODM9MaYZUtmDINcFDTOU6t+0EHzMKg6
EsjMpzGvWJeiFWCY8FiorAxuJWgBwZRhZtN7uDc/WsqsogHhiAj+4JQdN/9/gAOp
5F58P6YC1+anN8oxUbc03eXnxDkj99oZX3WRtK8GSkyEGLhMKcfD6LqKVOOFWz/M
AmwlgTIONhLwA4gx2w3s4KYaFwZxUn2i11mG9ubTZUDHLxT9MkYhdthehe9h32k1
x7l/Qy05yy/8Z84fCYcPRh2Bz2xVMJt0yaujH2fs/4cfYcsaujgDhd2oIDMAQUdG
B1UiPvJWpEaFhw==
-----END CERTIFICATE-----
Generated at Mon May 12 15:40:20 2025 by rpki-client