Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
File: czsHKLegVDWEws0LSLdHjEGU7wo.mft (raw, json)
Hash identifier: u6y8L/OdZ1FmHO1yKwjEOm0DalXHgsGJwzQghebrYWM=
Subject key identifier: AE:38:5D:97:24:BC:60:D9:A0:38:6B:6D:99:36:E5:E6:A8:85:3D:C8
Authority key identifier: 73:3B:07:28:B7:A0:54:35:84:C2:CD:0B:48:B7:47:8C:41:94:EF:0A
Certificate issuer: /CN=733b0728b7a0543584c2cd0b48b7478c4194ef0a
Certificate serial: 0196AFC5073B45AC19327C788272AF21B9EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
Manifest number: 0664
Signing time: Thu 08 May 2025 12:00:47 +0000
Manifest this update: Thu 08 May 2025 12:00:47 +0000
Manifest next update: Fri 09 May 2025 12:00:47 +0000
Files and hashes: 1: 0o1YRHDHs6Y_Qq6pCAQcKlyWFz8.roa (hash: nsMIKNS3OeQBs34bWYRCT4THehdiZrvKLdywuELl5UY=)
2: U5txbLmFPtaoMKOU1TbkV_FaGV8.roa (hash: z+0QM51o7tqW6/RjLGXF1BwNrcfJdd2i6D7WxQKXfAc=)
3: czsHKLegVDWEws0LSLdHjEGU7wo.crl (hash: dmHw9UNXSLiBYNUhEqHy4WtbX74LhY/gjIMPKn6XZ9U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:c5:07:3b:45:ac:19:32:7c:78:82:72:af:21:b9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=733b0728b7a0543584c2cd0b48b7478c4194ef0a
Validity
Not Before: May 8 12:00:47 2025 GMT
Not After : May 9 12:00:47 2025 GMT
Subject: CN=ae385d9724bc60d9a0386b6d9936e5e6a8853dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0e:bd:8a:90:8c:03:12:be:e7:59:37:61:c4:
db:5a:91:3d:ba:c1:75:10:a2:02:e8:96:c2:f7:dd:
12:50:c3:54:96:7c:b8:f9:05:c1:52:4d:a3:ae:ae:
01:a7:7a:d4:20:32:43:a7:f7:dd:6a:0e:3f:7c:fc:
8d:95:08:f1:08:47:b7:1e:0b:93:f4:e9:d4:45:f5:
7e:58:76:5a:85:57:75:f6:0b:99:8c:cd:36:ae:ec:
eb:a6:83:64:fd:f2:2b:e8:10:05:54:cc:bb:4b:8c:
b5:4e:5b:1e:c6:f6:df:50:82:c1:66:1a:f1:10:90:
e9:fa:e9:62:71:7d:a0:f6:e1:59:75:8e:94:ca:54:
14:39:c8:ad:95:16:27:55:e4:79:2a:56:26:69:d9:
ed:41:85:b3:1b:4c:67:9a:71:fe:51:d1:91:b0:0b:
86:d7:f2:a6:0d:e3:48:db:d8:8b:ef:ae:22:76:56:
03:74:4d:27:9a:66:66:4a:d9:57:02:ec:13:15:22:
d0:b7:28:21:33:d1:4d:e0:d8:11:74:85:4d:bd:9a:
70:f7:7e:c1:77:04:e3:66:30:24:45:56:fd:ce:08:
d4:b8:af:49:d4:8c:8f:58:49:78:d2:7f:35:9d:45:
0b:d1:0b:3a:03:87:ea:46:90:0b:ce:ca:36:fe:6e:
2f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:38:5D:97:24:BC:60:D9:A0:38:6B:6D:99:36:E5:E6:A8:85:3D:C8
X509v3 Authority Key Identifier:
keyid:73:3B:07:28:B7:A0:54:35:84:C2:CD:0B:48:B7:47:8C:41:94:EF:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:0a:67:14:39:f8:53:94:3f:c0:f1:65:73:42:27:27:01:0e:
21:d1:5d:09:85:c1:e4:ec:12:f3:64:bf:f9:a5:8e:94:8c:8b:
b1:81:e5:be:2d:fe:ad:9c:17:22:fe:c9:aa:7e:6f:48:72:40:
98:01:fa:46:f7:de:c4:5b:93:f9:a3:4f:23:7a:b8:1e:bf:f6:
71:2d:c5:58:f6:3b:1c:35:86:a5:4e:19:81:24:4a:b7:41:30:
65:f6:39:46:a6:d5:0c:3e:4e:b3:36:26:56:32:35:77:87:ae:
b9:57:4a:12:48:88:28:37:42:bc:9d:d4:61:32:b9:1a:2a:03:
d9:a1:64:d1:e0:d1:55:3c:a3:09:c5:54:d1:79:60:36:05:c3:
6d:16:29:fb:5a:1f:35:c3:d0:6e:08:73:b5:e1:04:43:bb:2d:
3a:9e:3e:98:b3:52:98:96:c1:3e:12:1d:d5:28:a6:76:00:33:
35:5f:b8:5c:86:7d:5d:da:65:bc:45:92:3d:53:ca:77:3d:cd:
87:5f:fc:66:ab:24:93:e8:b6:f6:6c:7e:64:74:1f:1f:3c:6d:
26:20:0d:48:06:55:91:d1:8d:40:8c:2b:1a:b5:d2:7a:ac:cd:
5d:95:ed:19:fd:bc:63:c7:6f:8f:b2:d8:e5:c6:31:d5:c6:bc:
99:e7:ef:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZavxQc7RawZMnx4gnKvIbnrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczM2IwNzI4YjdhMDU0MzU4NGMyY2QwYjQ4Yjc0NzhjNDE5
NGVmMGEwHhcNMjUwNTA4MTIwMDQ3WhcNMjUwNTA5MTIwMDQ3WjAzMTEwLwYDVQQD
EyhhZTM4NWQ5NzI0YmM2MGQ5YTAzODZiNmQ5OTM2ZTVlNmE4ODUzZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlg69ipCMAxK+51k3YcTbWpE9usF1
EKIC6JbC990SUMNUlny4+QXBUk2jrq4Bp3rUIDJDp/fdag4/fPyNlQjxCEe3HguT
9OnURfV+WHZahVd19guZjM02ruzrpoNk/fIr6BAFVMy7S4y1TlsexvbfUILBZhrx
EJDp+ulicX2g9uFZdY6UylQUOcitlRYnVeR5KlYmadntQYWzG0xnmnH+UdGRsAuG
1/KmDeNI29iL764idlYDdE0nmmZmStlXAuwTFSLQtyghM9FN4NgRdIVNvZpw937B
dwTjZjAkRVb9zgjUuK9J1IyPWEl40n81nUUL0Qs6A4fqRpALzso2/m4v8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK44XZckvGDZoDhrbZk25eaohT3IMB8GA1UdIwQY
MBaAFHM7Byi3oFQ1hMLNC0i3R4xBlO8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hODM0ZGEtMWNjYS00MDE3LTkwYjgt
ZGFlZTBhZWFmYjJiLzEvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hODM0ZGEtMWNjYS00MDE3LTkwYjgtZGFlZTBhZWFmYjJi
LzEvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlgpnFDn4
U5Q/wPFlc0InJwEOIdFdCYXB5OwS82S/+aWOlIyLsYHlvi3+rZwXIv7Jqn5vSHJA
mAH6RvfexFuT+aNPI3q4Hr/2cS3FWPY7HDWGpU4ZgSRKt0EwZfY5RqbVDD5OszYm
VjI1d4euuVdKEkiIKDdCvJ3UYTK5GioD2aFk0eDRVTyjCcVU0XlgNgXDbRYp+1of
NcPQbghzteEEQ7stOp4+mLNSmJbBPhId1SimdgAzNV+4XIZ9XdplvEWSPVPKdz3N
h1/8Zqskk+i29mx+ZHQfHzxtJiANSAZVkdGNQIwrGrXSeqzNXZXtGf28Y8dvj7LY
5cYx1ca8mefvfQ==
-----END CERTIFICATE-----
Generated at Thu May 8 16:53:39 2025 by rpki-client