Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
File: nTHCM8vSZtsCYgud65DQjkFpLmc.mft (raw, json)
Hash identifier: Fo5nrPimONVrrKZuw7A9wtoAZGxjSikWqJEQJNqWJmE=
Subject key identifier: FB:CE:CD:97:34:F6:15:F2:E2:49:0B:EC:54:93:87:20:16:BA:39:C8
Authority key identifier: 9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
Certificate issuer: /CN=9d31c233cbd266db02620b9deb90d08e41692e67
Certificate serial: 0196C1266FFABA325F0ED751679B0D18BE2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
Manifest number: 0C16
Signing time: Sun 11 May 2025 21:00:43 +0000
Manifest this update: Sun 11 May 2025 21:00:43 +0000
Manifest next update: Mon 12 May 2025 21:00:43 +0000
Files and hashes: 1: _rMAcV1Zh6HxKo_vwEpVhjFVwy8.roa (hash: r1imevw1h8qWVS0OoTwBJnDWSm49xN9+9T+LLaWUqWk=)
2: nTHCM8vSZtsCYgud65DQjkFpLmc.crl (hash: Zotz7WgCelsUNXB45ae9pVIAVnivaB51PVYlfoTaSrk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c1:26:6f:fa:ba:32:5f:0e:d7:51:67:9b:0d:18:be:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d31c233cbd266db02620b9deb90d08e41692e67
Validity
Not Before: May 11 21:00:43 2025 GMT
Not After : May 12 21:00:43 2025 GMT
Subject: CN=fbcecd9734f615f2e2490bec5493872016ba39c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1b:2c:f1:7e:07:60:1b:e0:f7:e3:03:63:68:
3f:b0:8f:d7:ce:07:7f:3d:db:cd:e4:da:e0:aa:aa:
cc:91:ff:79:ce:62:48:87:c1:50:1d:69:eb:62:5e:
1a:8f:c7:13:c3:d9:54:6b:d3:b4:c9:56:6e:46:b8:
b4:af:24:e9:de:ce:30:3d:70:46:b9:5a:45:5d:c2:
f3:ef:f2:22:c7:f1:f8:fc:fb:f8:41:9b:b4:a2:88:
5e:84:96:cc:98:38:5f:b9:e0:90:7b:de:ca:a1:0a:
e6:c6:14:cb:4a:12:e6:de:47:75:42:21:94:5a:d2:
30:b9:19:c7:4c:85:d3:a7:f3:81:2f:9a:d5:ce:c1:
e3:75:c7:a5:43:9d:20:3c:77:69:fe:74:93:73:cf:
5f:3c:1b:59:1b:56:3b:77:27:4d:e5:a3:fc:78:b3:
13:86:24:bd:00:b3:b8:90:d1:5f:ac:fa:1d:29:98:
f9:4f:fc:17:2f:3c:92:1c:c4:1f:f0:61:e5:48:16:
52:8b:33:fb:62:e2:49:51:df:ec:27:7a:2b:25:71:
00:fe:e9:7f:7d:0a:66:54:0f:e8:b5:8b:2c:6c:cd:
7a:3e:58:d9:03:2f:1c:15:a9:6e:f1:77:e8:07:7b:
ba:8a:17:29:88:c4:df:ac:6e:03:1f:8a:2b:cb:cc:
a9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:CE:CD:97:34:F6:15:F2:E2:49:0B:EC:54:93:87:20:16:BA:39:C8
X509v3 Authority Key Identifier:
keyid:9D:31:C2:33:CB:D2:66:DB:02:62:0B:9D:EB:90:D0:8E:41:69:2E:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTHCM8vSZtsCYgud65DQjkFpLmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/34223a-e77e-4544-a207-fa1725034491/1/nTHCM8vSZtsCYgud65DQjkFpLmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:9b:8a:b3:03:a1:aa:89:4a:b0:e6:c4:73:0f:01:1b:58:76:
41:b3:0c:a2:7f:b2:7a:b3:b2:70:5e:28:29:3e:41:55:76:dc:
9a:4e:c7:c4:d6:a5:6b:3b:9f:8d:aa:4a:9d:56:ff:de:d7:de:
49:4f:39:94:0a:87:48:72:17:9d:6d:a7:08:b7:9a:6a:b2:68:
79:f0:6a:7f:73:6f:51:a3:22:f7:8a:ae:70:50:ec:49:f6:a7:
64:70:05:a9:a9:91:29:40:17:2c:9e:12:da:d1:52:01:8d:64:
73:ae:bb:f1:d8:d2:64:0e:be:46:ca:17:59:25:ab:bc:c5:4a:
73:de:26:ea:e1:51:38:a8:ef:1b:ca:ae:7c:a5:a0:dc:85:7a:
ac:3a:4b:eb:88:bb:57:d8:22:80:a2:bd:d3:5f:05:47:39:b0:
cb:e0:4c:48:dc:21:df:87:53:a4:f0:b9:3d:4a:a4:5b:3e:a6:
2a:20:4a:53:63:59:4e:cb:8a:39:46:bf:04:b7:1d:d4:91:c7:
90:8b:8f:36:18:b5:08:b4:63:65:ea:8d:ac:34:9e:84:69:5e:
37:bf:b8:66:db:04:2f:a5:76:62:95:ad:89:6c:20:4a:33:d5:
c0:5f:52:7f:f7:53:e2:b4:31:84:4f:dd:c9:49:b6:c6:79:36:
56:93:fe:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBJm/6ujJfDtdRZ5sNGL4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzFjMjMzY2JkMjY2ZGIwMjYyMGI5ZGViOTBkMDhlNDE2
OTJlNjcwHhcNMjUwNTExMjEwMDQzWhcNMjUwNTEyMjEwMDQzWjAzMTEwLwYDVQQD
EyhmYmNlY2Q5NzM0ZjYxNWYyZTI0OTBiZWM1NDkzODcyMDE2YmEzOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRss8X4HYBvg9+MDY2g/sI/Xzgd/
PdvN5NrgqqrMkf95zmJIh8FQHWnrYl4aj8cTw9lUa9O0yVZuRri0ryTp3s4wPXBG
uVpFXcLz7/Iix/H4/Pv4QZu0oohehJbMmDhfueCQe97KoQrmxhTLShLm3kd1QiGU
WtIwuRnHTIXTp/OBL5rVzsHjdcelQ50gPHdp/nSTc89fPBtZG1Y7dydN5aP8eLMT
hiS9ALO4kNFfrPodKZj5T/wXLzySHMQf8GHlSBZSizP7YuJJUd/sJ3orJXEA/ul/
fQpmVA/otYssbM16PljZAy8cFalu8XfoB3u6ihcpiMTfrG4DH4ory8ypgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvOzZc09hXy4kkL7FSThyAWujnIMB8GA1UdIwQY
MBaAFJ0xwjPL0mbbAmILneuQ0I5BaS5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDct
ZmExNzI1MDM0NDkxLzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zNDIyM2EtZTc3ZS00NTQ0LWEyMDctZmExNzI1MDM0NDkx
LzEvblRIQ004dlNadHNDWWd1ZDY1RFFqa0ZwTG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKZuKswOh
qolKsObEcw8BG1h2QbMMon+yerOycF4oKT5BVXbcmk7HxNalazufjapKnVb/3tfe
SU85lAqHSHIXnW2nCLeaarJoefBqf3NvUaMi94qucFDsSfanZHAFqamRKUAXLJ4S
2tFSAY1kc6678djSZA6+RsoXWSWrvMVKc94m6uFROKjvG8qufKWg3IV6rDpL64i7
V9gigKK9018FRzmwy+BMSNwh34dTpPC5PUqkWz6mKiBKU2NZTsuKOUa/BLcd1JHH
kIuPNhi1CLRjZeqNrDSehGleN7+4ZtsEL6V2YpWtiWwgSjPVwF9Sf/dT4rQxhE/d
yUm2xnk2VpP+vg==
-----END CERTIFICATE-----
Generated at Sun May 11 22:44:50 2025 by rpki-client