Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.mft
File: 3VBysTiAwfG6hvzExAKX9dn0N3Q.mft (raw, json)
Hash identifier: 9gQmZ+/TZdRFshCDzLUCBJox0X7Lqi1NDtsOWAO3a2w=
Subject key identifier: 49:40:18:16:81:03:90:F5:B4:B9:AC:DE:9C:DE:61:75:1F:25:29:36
Authority key identifier: DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
Certificate issuer: /CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Certificate serial: 019656135BB5AB0352230818163A2B6DAE44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.mft
Manifest number: 14FF
Signing time: Mon 21 Apr 2025 02:00:31 +0000
Manifest this update: Mon 21 Apr 2025 02:00:31 +0000
Manifest next update: Tue 22 Apr 2025 02:00:31 +0000
Files and hashes: 1: 3VBysTiAwfG6hvzExAKX9dn0N3Q.crl (hash: Gwqp0AXIMjXYkM3u6qm3UMscZPQkrkRuiBCB9DB3KYY=)
2: PJZXdpkwhKYbc-mgI8o-ftVhCug.roa (hash: SBqSW5ehFYdMdBJe2odGE82C7AsVO9/yZgJ8RXmPXUU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:13:5b:b5:ab:03:52:23:08:18:16:3a:2b:6d:ae:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Validity
Not Before: Apr 21 02:00:31 2025 GMT
Not After : Apr 22 02:00:31 2025 GMT
Subject: CN=49401816810390f5b4b9acde9cde61751f252936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1a:81:ed:1f:b8:0d:ec:0c:f2:c6:c7:88:bd:
8a:60:4d:1e:e1:59:40:33:0e:29:26:c5:a5:52:fa:
d6:9b:e5:fb:3a:3e:b3:ba:b6:4a:22:c8:9a:4a:43:
6e:e9:f5:10:0f:fd:13:26:3f:4a:cd:49:ac:fa:94:
f4:29:c8:f2:45:fa:5f:31:55:cd:cf:e0:29:32:74:
da:84:e3:c4:bc:4a:3d:d8:42:c3:e4:79:da:3f:62:
34:8d:fb:63:46:0e:d3:aa:54:d0:91:c7:35:05:12:
e2:fa:38:db:f5:f4:3f:03:d6:64:af:c0:5a:98:41:
ef:07:36:a1:ef:f5:21:ea:b7:dd:25:f6:36:14:ed:
26:1f:9b:49:24:d9:01:d0:90:e3:39:1b:9c:1d:7d:
24:5d:8b:bf:8e:99:9d:9c:d9:5e:85:df:04:ca:3a:
3f:e2:30:8d:ee:bb:26:bd:b9:ef:6c:a0:57:d5:06:
7b:c1:11:85:b6:1f:78:bc:ca:d8:96:7d:e4:5e:ea:
1f:52:d5:11:ff:9b:71:a5:66:2f:ed:80:e0:15:c3:
fb:13:64:37:ed:74:c0:a4:96:c2:55:10:03:a6:70:
34:89:60:95:d7:d8:24:8b:50:1c:57:e3:17:4c:c9:
8d:d9:dc:1c:ff:9a:58:a7:eb:b3:23:58:a9:f6:ff:
4a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:40:18:16:81:03:90:F5:B4:B9:AC:DE:9C:DE:61:75:1F:25:29:36
X509v3 Authority Key Identifier:
keyid:DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:7f:6b:d8:a3:da:42:ac:5a:74:d6:bf:35:96:fd:be:3f:4c:
f1:14:e3:f4:1d:c7:09:2a:24:f5:c4:27:cf:37:f6:e9:4b:21:
cd:50:30:33:f3:52:1a:59:4b:48:47:28:aa:e6:a5:29:78:63:
4a:2b:a8:ee:4b:3e:11:f3:75:74:80:0e:ea:5e:c9:1e:ab:cc:
07:2e:d8:5c:fc:c0:22:b2:66:9f:3c:cf:7f:60:bd:fd:42:7f:
0a:7a:3e:39:0b:ae:13:ba:e0:5b:bc:75:92:ef:a3:c3:34:59:
a5:d2:49:d1:d3:6b:57:c3:10:9b:ea:d6:a7:8f:f7:59:5d:36:
8c:e8:0b:1e:53:3e:47:5d:42:74:0b:8f:29:f0:3f:c2:15:b3:
de:01:90:d6:17:72:d0:83:9f:67:c8:64:ab:e5:99:c7:db:63:
b0:bb:4f:80:cb:74:d9:54:8a:71:0a:b0:2a:e0:5a:d0:54:93:
81:3b:6c:09:18:44:73:6b:78:15:82:c9:87:f8:1a:8e:55:84:
f7:43:c1:1d:df:07:69:7a:f0:d7:bc:ad:ee:84:23:b4:1f:ed:
17:00:d3:92:ac:ea:fb:2b:c7:09:0a:0d:83:4b:8e:8f:92:91:
1a:50:2d:b8:e3:9c:4f:60:1a:0d:03:da:98:83:bc:0e:cc:91:
ac:44:1a:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE1u1qwNSIwgYFjorba5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTA3MmIxMzg4MGMxZjFiYTg2ZmNjNGM0MDI5N2Y1ZDlm
NDM3NzQwHhcNMjUwNDIxMDIwMDMxWhcNMjUwNDIyMDIwMDMxWjAzMTEwLwYDVQQD
Eyg0OTQwMTgxNjgxMDM5MGY1YjRiOWFjZGU5Y2RlNjE3NTFmMjUyOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxqB7R+4DewM8sbHiL2KYE0e4VlA
Mw4pJsWlUvrWm+X7Oj6zurZKIsiaSkNu6fUQD/0TJj9KzUms+pT0KcjyRfpfMVXN
z+ApMnTahOPEvEo92ELD5HnaP2I0jftjRg7TqlTQkcc1BRLi+jjb9fQ/A9Zkr8Ba
mEHvBzah7/Uh6rfdJfY2FO0mH5tJJNkB0JDjORucHX0kXYu/jpmdnNlehd8Eyjo/
4jCN7rsmvbnvbKBX1QZ7wRGFth94vMrYln3kXuofUtUR/5txpWYv7YDgFcP7E2Q3
7XTApJbCVRADpnA0iWCV19gki1AcV+MXTMmN2dwc/5pYp+uzI1ip9v9K7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElAGBaBA5D1tLms3pzeYXUfJSk2MB8GA1UdIwQY
MBaAFN1QcrE4gMHxuob8xMQCl/XZ9Dd0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0Mjct
NjRkMWJjNzM1YmFjLzEvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0MjctNjRkMWJjNzM1YmFj
LzEvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArn9r2KPa
QqxadNa/NZb9vj9M8RTj9B3HCSok9cQnzzf26UshzVAwM/NSGllLSEcoqualKXhj
Siuo7ks+EfN1dIAO6l7JHqvMBy7YXPzAIrJmnzzPf2C9/UJ/Cno+OQuuE7rgW7x1
ku+jwzRZpdJJ0dNrV8MQm+rWp4/3WV02jOgLHlM+R11CdAuPKfA/whWz3gGQ1hdy
0IOfZ8hkq+WZx9tjsLtPgMt02VSKcQqwKuBa0FSTgTtsCRhEc2t4FYLJh/gajlWE
90PBHd8HaXrw17yt7oQjtB/tFwDTkqzq+yvHCQoNg0uOj5KRGlAtuOOcT2AaDQPa
mIO8DsyRrEQaGA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:37:58 2025 by rpki-client