Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: v9+6dvyiI5OvUeEVdqkI4qNomkYqpxjuMgUEvXplQ+c=
Subject key identifier: D1:F6:24:8F:B5:12:C4:95:60:8C:CA:45:C6:16:6D:E7:BA:E2:8C:0A
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 01969E9A64D5EFE314D9DE92BD5F21336194
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 1527
Signing time: Mon 05 May 2025 04:00:40 +0000
Manifest this update: Mon 05 May 2025 04:00:40 +0000
Manifest next update: Tue 06 May 2025 04:00:40 +0000
Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=)
2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: A5gznZ/bk96qlkNVoUN5Jz/WAhe7Pp57CW27KLj56zY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9e:9a:64:d5:ef:e3:14:d9:de:92:bd:5f:21:33:61:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: May 5 04:00:40 2025 GMT
Not After : May 6 04:00:40 2025 GMT
Subject: CN=d1f6248fb512c495608cca45c6166de7bae28c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:a1:97:5b:a7:35:2e:fb:6c:ca:1e:c6:dc:
b6:2a:03:7b:ee:4a:dc:dd:b9:bb:d1:19:fb:1c:27:
e9:67:7f:8a:a9:4c:68:40:ca:da:21:e2:cb:ec:40:
35:e8:ab:45:9d:a4:4b:c1:06:26:91:b0:33:76:fd:
56:e1:ee:30:cf:8f:15:73:df:c9:94:4d:03:1b:c1:
17:d3:c1:25:25:1f:ec:57:f8:53:f6:03:c4:01:30:
10:6f:38:22:cd:b9:f3:fc:4d:7d:90:1e:32:fe:3d:
23:9f:cd:50:ae:c5:73:52:c5:40:4d:9c:30:5c:e8:
8d:40:87:1c:2e:be:b9:e4:cb:49:c1:66:9d:dd:26:
63:4e:f6:ff:cb:d5:7a:c8:8b:79:cc:8b:3f:10:7e:
23:ce:bc:74:a5:93:e6:91:87:93:f3:fc:3a:e6:95:
b7:28:de:7d:27:63:b8:03:02:42:26:0c:ce:08:8c:
f6:b9:fd:ec:0f:4f:b1:94:04:9d:20:85:2e:52:d5:
e7:ba:96:75:7e:a0:b9:9f:cd:e9:f7:ac:54:91:fe:
7c:64:64:12:2a:48:03:b7:e7:6e:e6:b6:1d:f1:b3:
e0:f3:11:b8:a7:a8:d7:40:3f:35:96:fe:0b:1b:fd:
10:7b:88:42:3e:af:e1:c1:13:be:16:1e:4f:79:55:
fd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F6:24:8F:B5:12:C4:95:60:8C:CA:45:C6:16:6D:E7:BA:E2:8C:0A
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:ae:b2:b2:7f:a9:f3:7b:26:54:d0:98:f0:bb:9c:92:eb:b9:
57:8c:b3:15:ad:e1:03:5b:2a:1a:87:48:a0:33:ab:37:3d:35:
71:c6:6b:67:a4:6f:35:9e:ab:07:36:0a:99:72:ba:10:22:ac:
0e:75:1b:6b:84:f3:44:ce:01:01:c1:98:d5:6c:76:a1:0e:e9:
b6:e2:f2:de:a6:e4:a2:c8:f9:70:34:85:30:4f:46:39:9c:d0:
2f:86:b6:f3:14:4b:cc:d0:45:81:59:30:a3:93:7a:fe:5d:62:
ef:c9:34:42:66:fa:3e:11:65:5c:ad:35:18:a8:c2:45:62:e0:
4c:af:01:14:28:f3:78:cf:c8:73:51:ee:a3:8f:bb:6d:76:06:
eb:1a:7b:5d:63:53:ce:ec:75:b0:a5:21:f2:77:18:2d:de:e2:
73:ab:41:d8:19:df:43:fc:a5:df:d0:cb:73:a8:40:5a:17:63:
72:1a:48:d7:52:62:c1:43:5a:0a:3d:e0:c1:c4:3a:7b:f7:8e:
65:44:cd:42:22:95:52:ca:f8:30:65:1c:c8:95:a0:c2:9c:ae:
8c:35:fa:0a:44:9e:f9:50:05:7d:a9:15:a0:d3:0f:85:64:28:
2e:21:77:d1:f6:5d:1c:4c:a0:18:df:ac:de:35:af:b0:28:99:
bb:90:fa:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemmTV7+MU2d6SvV8hM2GUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjUwNTA1MDQwMDQwWhcNMjUwNTA2MDQwMDQwWjAzMTEwLwYDVQQD
EyhkMWY2MjQ4ZmI1MTJjNDk1NjA4Y2NhNDVjNjE2NmRlN2JhZTI4YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDyhl1unNS77bMoexty2KgN77krc
3bm70Rn7HCfpZ3+KqUxoQMraIeLL7EA16KtFnaRLwQYmkbAzdv1W4e4wz48Vc9/J
lE0DG8EX08ElJR/sV/hT9gPEATAQbzgizbnz/E19kB4y/j0jn81QrsVzUsVATZww
XOiNQIccLr655MtJwWad3SZjTvb/y9V6yIt5zIs/EH4jzrx0pZPmkYeT8/w65pW3
KN59J2O4AwJCJgzOCIz2uf3sD0+xlASdIIUuUtXnupZ1fqC5n83p96xUkf58ZGQS
KkgDt+du5rYd8bPg8xG4p6jXQD81lv4LG/0Qe4hCPq/hwRO+Fh5PeVX9XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNH2JI+1EsSVYIzKRcYWbee64owKMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATq6ysn+p
83smVNCY8Luckuu5V4yzFa3hA1sqGodIoDOrNz01ccZrZ6RvNZ6rBzYKmXK6ECKs
DnUba4TzRM4BAcGY1Wx2oQ7ptuLy3qbkosj5cDSFME9GOZzQL4a28xRLzNBFgVkw
o5N6/l1i78k0Qmb6PhFlXK01GKjCRWLgTK8BFCjzeM/Ic1Huo4+7bXYG6xp7XWNT
zux1sKUh8ncYLd7ic6tB2BnfQ/yl39DLc6hAWhdjchpI11JiwUNaCj3gwcQ6e/eO
ZUTNQiKVUsr4MGUcyJWgwpyujDX6CkSe+VAFfakVoNMPhWQoLiF30fZdHEygGN+s
3jWvsCiZu5D6QQ==
-----END CERTIFICATE-----
Generated at Mon May 5 10:48:02 2025 by rpki-client