Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json)
Hash identifier: n+QswxCpxJAU02UcBSyoqziKeid6Nx5Mj/pGTJ4Or+o=
Subject key identifier: DB:F4:04:D0:34:4B:1F:40:40:AE:E6:76:6F:2D:20:E0:36:BE:EA:02
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 019653B7C85118E205782FAAB82045090A52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
Manifest number: 14FF
Signing time: Sun 20 Apr 2025 15:01:15 +0000
Manifest this update: Sun 20 Apr 2025 15:01:15 +0000
Manifest next update: Mon 21 Apr 2025 15:01:15 +0000
Files and hashes: 1: DFk17XzVK0-2LT-y57eUHLqsGoE.roa (hash: dXqY+iE+GyZrGAN3VZSoDHBgCd8KrkAD+zhIs/sw6B0=)
2: InA1Og6sR4YUgU6o-aAa42NlxCE.roa (hash: +mBUSakr5JllZ5ayoZAKPyK7MyouaEc8pwLjmxou6hg=)
3: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: rOfOJuwsdrdbvpkoX+GOL6tYTZ4nZG3NXSL3eYhUuiA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 15:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:b7:c8:51:18:e2:05:78:2f:aa:b8:20:45:09:0a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: Apr 20 15:01:15 2025 GMT
Not After : Apr 21 15:01:15 2025 GMT
Subject: CN=dbf404d0344b1f4040aee6766f2d20e036beea02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ff:32:ca:1e:6a:91:09:d8:d2:c7:6b:04:45:
b7:d1:a9:20:79:fd:5c:78:b1:7e:68:53:02:f3:4c:
9f:5e:55:35:a2:18:b6:f5:7f:28:c3:cb:8c:ec:db:
c3:a9:be:26:b0:ab:3d:a9:05:1d:d3:60:64:91:4d:
34:33:5d:34:64:67:79:45:f6:14:24:cc:e9:08:d6:
38:f0:50:1b:99:1c:e7:6b:39:94:9b:c4:e9:93:85:
ea:b5:39:d7:a4:b3:52:3b:0d:10:d3:c6:0b:c8:43:
94:6e:a3:97:01:93:6b:e9:1f:7f:32:65:dd:d0:a8:
44:7c:68:1d:94:32:e2:e7:6d:7d:fb:bc:9d:db:ad:
ac:25:30:0e:97:b0:e3:df:65:b5:7b:30:36:26:92:
e5:55:20:1b:85:eb:0e:df:65:ea:ae:d4:74:f0:25:
e3:c3:63:ab:9a:4c:42:74:3e:25:9d:c2:d6:61:19:
13:4b:ac:dd:a6:2e:80:b2:1c:00:8a:8b:c3:ad:d3:
b8:5e:48:b0:11:96:7a:55:25:a8:ce:d6:25:26:20:
80:a1:ad:6f:df:04:a3:86:20:df:fc:53:02:38:e9:
86:bc:c3:bf:fd:74:f5:b6:e5:8d:8f:7f:a2:07:39:
94:16:84:3f:25:65:c5:c9:c0:10:99:9e:9b:98:c2:
bc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F4:04:D0:34:4B:1F:40:40:AE:E6:76:6F:2D:20:E0:36:BE:EA:02
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:13:88:cd:a8:ae:67:c4:3d:0a:cd:64:9e:3d:16:c7:58:64:
07:2f:5a:d2:05:81:60:f2:6a:2a:de:30:a1:1a:b3:d3:06:4a:
7b:6f:2c:98:c6:b7:a5:f0:d9:d5:30:cb:c6:90:fa:c6:af:d1:
52:71:e8:9a:24:b1:d7:2f:0d:ee:9c:f6:22:8c:f3:be:b9:c9:
aa:ba:07:bd:d2:9a:c1:1b:de:41:28:79:25:2b:23:f2:24:5d:
6d:82:10:50:40:1c:ca:83:57:b4:e9:ef:a0:69:a5:a7:3a:01:
59:6a:a6:d6:b5:4b:96:07:0d:ce:7c:f4:dd:f4:46:3b:d9:54:
a7:5e:4a:9a:1f:af:40:25:0e:13:4b:75:14:50:40:ad:9f:6e:
93:39:5e:1a:53:2e:d8:8e:68:e0:ce:3f:3e:e3:42:ed:18:ef:
56:05:34:ea:c2:c3:cb:2e:d0:92:9a:ee:8e:f7:94:77:e8:6b:
6e:e1:34:72:83:91:30:7b:80:a2:75:29:87:ad:f4:2f:2d:cb:
0a:33:bb:f4:5e:de:7d:2b:03:39:58:71:6c:88:03:ba:ea:d7:
26:62:f0:ce:1f:58:90:8c:fd:e8:8f:d6:7f:63:4a:a3:08:03:
bc:09:b1:a1:6a:21:6e:f8:92:8a:cf:1a:c3:ae:3c:31:54:06:
c8:a2:62:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTt8hRGOIFeC+quCBFCQpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjUwNDIwMTUwMTE1WhcNMjUwNDIxMTUwMTE1WjAzMTEwLwYDVQQD
EyhkYmY0MDRkMDM0NGIxZjQwNDBhZWU2NzY2ZjJkMjBlMDM2YmVlYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6P8yyh5qkQnY0sdrBEW30akgef1c
eLF+aFMC80yfXlU1ohi29X8ow8uM7NvDqb4msKs9qQUd02BkkU00M100ZGd5RfYU
JMzpCNY48FAbmRznazmUm8Tpk4XqtTnXpLNSOw0Q08YLyEOUbqOXAZNr6R9/MmXd
0KhEfGgdlDLi5219+7yd262sJTAOl7Dj32W1ezA2JpLlVSAbhesO32XqrtR08CXj
w2OrmkxCdD4lncLWYRkTS6zdpi6AshwAiovDrdO4XkiwEZZ6VSWoztYlJiCAoa1v
3wSjhiDf/FMCOOmGvMO//XT1tuWNj3+iBzmUFoQ/JWXFycAQmZ6bmMK87QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNv0BNA0Sx9AQK7mdm8tIOA2vuoCMB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANxOIzaiu
Z8Q9Cs1knj0Wx1hkBy9a0gWBYPJqKt4woRqz0wZKe28smMa3pfDZ1TDLxpD6xq/R
UnHomiSx1y8N7pz2IozzvrnJqroHvdKawRveQSh5JSsj8iRdbYIQUEAcyoNXtOnv
oGmlpzoBWWqm1rVLlgcNznz03fRGO9lUp15Kmh+vQCUOE0t1FFBArZ9ukzleGlMu
2I5o4M4/PuNC7RjvVgU06sLDyy7QkprujveUd+hrbuE0coORMHuAonUph630Ly3L
CjO79F7efSsDOVhxbIgDuurXJmLwzh9YkIz96I/Wf2NKowgDvAmxoWohbviSis8a
w648MVQGyKJisA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:25:30 2025 by rpki-client