Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.mft
File: TKRH97Ondvck2LyBQL4xdmYsJNA.mft (raw, json)
Hash identifier: TwrVr+I5kzstFJZsX8L90BxRjbBZpnpxjOdw7UJjX4U=
Subject key identifier: 38:30:1F:D7:7F:FB:67:44:C5:49:71:7E:07:BD:25:9C:06:50:80:F8
Authority key identifier: 4C:A4:47:F7:B3:A7:76:F7:24:D8:BC:81:40:BE:31:76:66:2C:24:D0
Certificate issuer: /CN=4ca447f7b3a776f724d8bc8140be3176662c24d0
Certificate serial: 01965613C2EFB01B36372DA5F732D0EFD6D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKRH97Ondvck2LyBQL4xdmYsJNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.mft
Manifest number: 0590
Signing time: Mon 21 Apr 2025 02:00:57 +0000
Manifest this update: Mon 21 Apr 2025 02:00:57 +0000
Manifest next update: Tue 22 Apr 2025 02:00:57 +0000
Files and hashes: 1: TKRH97Ondvck2LyBQL4xdmYsJNA.crl (hash: /aO8qM/RRITOUSBcOrPbfRKbXHIOPZ28B9/jrFJvcS8=)
2: fIoweheWq1JqzVdLBCrrD-x4kK4.roa (hash: yoQba86aaUs4p2P/E/UoxSeIL5NEm/wDobQOVMT4e5A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKRH97Ondvck2LyBQL4xdmYsJNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:13:c2:ef:b0:1b:36:37:2d:a5:f7:32:d0:ef:d6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca447f7b3a776f724d8bc8140be3176662c24d0
Validity
Not Before: Apr 21 02:00:57 2025 GMT
Not After : Apr 22 02:00:57 2025 GMT
Subject: CN=38301fd77ffb6744c549717e07bd259c065080f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fc:a4:eb:f2:fc:f1:af:18:0a:cd:59:2e:ef:
4c:63:42:d8:09:08:e6:57:35:03:74:3c:05:45:14:
65:49:15:17:ee:95:e9:f0:87:64:fa:48:d5:2f:f2:
1f:f1:49:b4:b3:af:3b:95:0e:dc:40:eb:e5:b3:26:
31:42:e5:ba:1b:a4:bf:bb:e1:18:4c:81:62:22:67:
4e:2c:3f:23:be:b6:fb:ad:d9:06:8f:f7:cb:2f:b1:
a8:69:9c:b3:cc:8e:21:62:5e:f9:80:71:bd:fd:ee:
f4:b5:e8:0e:c3:f8:e9:ac:33:09:df:86:c4:52:8b:
de:0f:c3:eb:29:4e:b9:64:a6:84:92:85:fe:29:79:
09:06:2d:c1:24:47:0a:09:f1:0a:1b:39:90:0b:83:
c6:59:42:dc:5d:c4:97:0c:39:a0:c3:65:69:07:31:
0d:b5:ba:58:59:fc:15:3a:49:2e:f9:2c:46:96:63:
6d:e6:79:09:bc:79:47:a1:24:c7:59:8c:92:16:f3:
b0:12:bf:84:d5:15:6f:70:22:6d:03:66:df:86:45:
d0:be:9d:8e:4b:34:c4:fa:c3:5e:7b:c6:2c:4a:3e:
4f:d1:58:9a:69:58:de:78:3b:92:1d:7f:32:7b:b9:
1b:7c:cf:d8:88:d2:58:15:ed:60:c2:9d:90:b7:ee:
f7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:30:1F:D7:7F:FB:67:44:C5:49:71:7E:07:BD:25:9C:06:50:80:F8
X509v3 Authority Key Identifier:
keyid:4C:A4:47:F7:B3:A7:76:F7:24:D8:BC:81:40:BE:31:76:66:2C:24:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKRH97Ondvck2LyBQL4xdmYsJNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:aa:34:18:9e:8f:f1:fd:3f:6e:c0:49:5c:0f:0e:4f:09:81:
52:e7:2d:da:b1:14:63:a8:eb:d6:a1:36:d4:d2:4a:4f:db:79:
bb:b3:2c:e8:7b:a9:00:5b:b9:db:79:97:4d:2e:df:5b:c3:1d:
e9:a5:62:8e:63:62:0a:66:1e:d3:b1:61:e5:c1:af:b0:e1:45:
e2:7a:98:eb:2d:43:03:d9:e3:e9:27:2b:78:82:b0:1d:c1:95:
44:9c:fd:9b:81:47:96:a0:44:59:58:37:fc:67:b7:70:9b:42:
bb:72:71:f5:e0:a6:95:9d:bc:9b:e3:12:24:84:bf:9c:b0:36:
1b:ae:af:49:b4:27:22:65:e2:1e:92:d0:51:81:02:5e:da:de:
19:39:64:33:47:c5:05:17:c3:14:4d:c6:57:5f:84:8b:d3:1b:
21:65:a0:da:20:46:c0:6e:17:30:40:bf:95:75:7e:84:ba:a1:
7d:39:af:05:ef:ee:96:f8:e5:f0:7c:e0:80:4d:b1:83:a6:e0:
66:ab:9c:eb:5e:5f:76:df:3c:ec:ec:fa:b7:95:b3:b3:e3:af:
84:2f:47:60:d7:04:6f:5f:7c:46:40:e9:ae:ec:e3:07:e7:a0:
80:04:1a:64:03:dd:fc:12:e6:02:f5:52:94:7a:d2:14:76:90:
2a:d2:8d:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE8LvsBs2Ny2l9zLQ79bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTQ0N2Y3YjNhNzc2ZjcyNGQ4YmM4MTQwYmUzMTc2NjYy
YzI0ZDAwHhcNMjUwNDIxMDIwMDU3WhcNMjUwNDIyMDIwMDU3WjAzMTEwLwYDVQQD
EygzODMwMWZkNzdmZmI2NzQ0YzU0OTcxN2UwN2JkMjU5YzA2NTA4MGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fyk6/L88a8YCs1ZLu9MY0LYCQjm
VzUDdDwFRRRlSRUX7pXp8Idk+kjVL/If8Um0s687lQ7cQOvlsyYxQuW6G6S/u+EY
TIFiImdOLD8jvrb7rdkGj/fLL7GoaZyzzI4hYl75gHG9/e70tegOw/jprDMJ34bE
UoveD8PrKU65ZKaEkoX+KXkJBi3BJEcKCfEKGzmQC4PGWULcXcSXDDmgw2VpBzEN
tbpYWfwVOkku+SxGlmNt5nkJvHlHoSTHWYySFvOwEr+E1RVvcCJtA2bfhkXQvp2O
SzTE+sNee8YsSj5P0ViaaVjeeDuSHX8ye7kbfM/YiNJYFe1gwp2Qt+73GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgwH9d/+2dExUlxfge9JZwGUID4MB8GA1UdIwQY
MBaAFEykR/ezp3b3JNi8gUC+MXZmLCTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtSSDk3T25kdmNrMkx5QlFMNHhkbVlzSk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZjNlMGItMjZjMy00Y2Y5LTgwNTYt
MjlhZjMzYmM2Yjk4LzEvVEtSSDk3T25kdmNrMkx5QlFMNHhkbVlzSk5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZjNlMGItMjZjMy00Y2Y5LTgwNTYtMjlhZjMzYmM2Yjk4
LzEvVEtSSDk3T25kdmNrMkx5QlFMNHhkbVlzSk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGao0GJ6P
8f0/bsBJXA8OTwmBUuct2rEUY6jr1qE21NJKT9t5u7Ms6HupAFu523mXTS7fW8Md
6aVijmNiCmYe07Fh5cGvsOFF4nqY6y1DA9nj6ScreIKwHcGVRJz9m4FHlqBEWVg3
/Ge3cJtCu3Jx9eCmlZ28m+MSJIS/nLA2G66vSbQnImXiHpLQUYECXtreGTlkM0fF
BRfDFE3GV1+Ei9MbIWWg2iBGwG4XMEC/lXV+hLqhfTmvBe/ulvjl8HzggE2xg6bg
Zquc615fdt887Oz6t5Wzs+OvhC9HYNcEb198RkDpruzjB+eggAQaZAPd/BLmAvVS
lHrSFHaQKtKN6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:06:42 2025 by rpki-client