Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/443c4f-6406-4041-ac13-393ad25eb340/1/lKnqqdcbfFHJtLvqaBmzf_UpHVk.mft
File: lKnqqdcbfFHJtLvqaBmzf_UpHVk.mft (raw, json)
Hash identifier: a5NfCedbQH4HRz18ATt/n40bJB+zQqti4vg9nwzZ0MA=
Subject key identifier: AE:55:2F:4E:F4:0B:D4:44:C1:3A:3E:DA:6A:40:18:DB:CA:0B:E7:56
Authority key identifier: 94:A9:EA:A9:D7:1B:7C:51:C9:B4:BB:EA:68:19:B3:7F:F5:29:1D:59
Certificate issuer: /CN=94a9eaa9d71b7c51c9b4bbea6819b37ff5291d59
Certificate serial: 019656EEEB48725ABF82B4B8E44E4D35FC29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKnqqdcbfFHJtLvqaBmzf_UpHVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/443c4f-6406-4041-ac13-393ad25eb340/1/lKnqqdcbfFHJtLvqaBmzf_UpHVk.mft
Manifest number: 0215
Signing time: Mon 21 Apr 2025 06:00:20 +0000
Manifest this update: Mon 21 Apr 2025 06:00:20 +0000
Manifest next update: Tue 22 Apr 2025 06:00:20 +0000
Files and hashes: 1: 0aj2iC8UozSayvcd0gVttauRXrk.roa (hash: 58D9vVvqyItBf62Z1ii/QTTlH8NhErcObr48aTP7eUU=)
2: lKnqqdcbfFHJtLvqaBmzf_UpHVk.crl (hash: TlDtXXFI2sYTEICogpG1N+y+r3k1avTNusd+KnNcBUo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/443c4f-6406-4041-ac13-393ad25eb340/1/lKnqqdcbfFHJtLvqaBmzf_UpHVk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/443c4f-6406-4041-ac13-393ad25eb340/1/lKnqqdcbfFHJtLvqaBmzf_UpHVk.mft
rsync://rpki.ripe.net/repository/DEFAULT/lKnqqdcbfFHJtLvqaBmzf_UpHVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:ee:eb:48:72:5a:bf:82:b4:b8:e4:4e:4d:35:fc:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a9eaa9d71b7c51c9b4bbea6819b37ff5291d59
Validity
Not Before: Apr 21 06:00:20 2025 GMT
Not After : Apr 22 06:00:20 2025 GMT
Subject: CN=ae552f4ef40bd444c13a3eda6a4018dbca0be756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:05:f7:cb:67:a0:4c:2f:7a:27:c6:de:af:a9:
bb:24:76:54:be:22:f6:27:77:aa:a6:d3:f0:bf:20:
c9:6e:cf:7d:81:6b:5e:7f:b9:bc:35:65:bc:16:cf:
ef:3e:4e:8e:be:b3:20:16:bc:cc:e0:12:c9:4d:9f:
34:cb:bc:80:f3:2e:01:f0:bd:9e:ae:41:97:75:d7:
61:51:1c:c8:77:b2:de:c4:dd:ee:cb:8d:ef:52:37:
de:46:8a:da:00:b2:fb:ff:f0:ef:31:77:fc:1f:e1:
b6:5f:3f:33:33:ae:68:bc:8a:6f:77:09:32:64:5d:
3a:ac:9a:2c:59:31:9c:eb:03:51:63:8c:51:d6:79:
2f:7f:e9:ff:c8:67:69:b0:da:a1:a4:53:05:ff:b6:
45:39:04:c3:0e:de:e5:68:49:42:88:a1:27:17:c3:
02:fd:c5:33:dc:c5:ff:8d:ae:39:c9:f9:7f:ba:03:
6c:17:d8:c1:29:0d:1c:fc:53:68:e3:c8:1f:72:ba:
ec:d8:8f:40:14:7e:b3:1d:d7:49:c3:17:da:87:f4:
80:92:6d:64:5f:02:5c:98:75:de:26:4f:75:9b:91:
59:cb:49:fc:dc:c8:6f:6b:d0:66:ca:9c:d5:64:79:
f7:e2:18:62:9a:a5:c7:f4:4a:36:23:0c:96:5e:14:
71:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:55:2F:4E:F4:0B:D4:44:C1:3A:3E:DA:6A:40:18:DB:CA:0B:E7:56
X509v3 Authority Key Identifier:
keyid:94:A9:EA:A9:D7:1B:7C:51:C9:B4:BB:EA:68:19:B3:7F:F5:29:1D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKnqqdcbfFHJtLvqaBmzf_UpHVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/443c4f-6406-4041-ac13-393ad25eb340/1/lKnqqdcbfFHJtLvqaBmzf_UpHVk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/443c4f-6406-4041-ac13-393ad25eb340/1/lKnqqdcbfFHJtLvqaBmzf_UpHVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:55:45:dd:25:70:3b:ea:c0:20:d7:9b:cb:8c:3b:aa:31:cd:
1a:c5:a1:5c:de:ff:66:f8:4e:fb:4e:74:fa:85:90:4e:de:d4:
09:ef:23:df:dd:1c:38:b1:0f:3a:c6:c7:79:69:0f:ed:6f:c8:
ce:a7:54:9f:e0:3b:e7:22:26:b9:a2:5b:01:af:1d:87:cb:54:
cd:68:b1:f4:31:8a:75:86:73:25:f0:82:de:7c:d6:55:03:7f:
21:9b:f4:9c:4d:cd:82:dc:a6:ed:15:7d:11:5b:7a:0b:52:13:
cd:6f:96:f6:47:45:8f:d8:4e:2b:15:8f:9d:f6:84:b2:6d:9c:
45:5b:9f:df:d6:5b:5c:8d:49:f7:49:74:51:a3:81:d1:3e:7e:
5a:e7:05:dd:9b:33:ff:bd:b0:e7:be:86:18:70:5c:d5:8f:74:
43:c5:33:35:54:8e:6e:1c:d7:00:a0:5d:04:db:44:d8:00:b8:
11:c0:22:06:8b:6f:6f:ef:a6:b2:65:4a:70:27:5f:dc:e5:db:
c3:94:ed:bc:35:5b:f2:a4:12:f7:a0:34:a3:25:57:62:26:a4:
c4:b0:38:21:0f:53:25:a0:a8:df:5a:3a:9a:71:d4:a3:90:ab:
29:b8:e6:06:e1:84:de:8a:68:f3:b9:78:ca:1b:c3:54:9a:7f:
54:f6:23:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZW7utIclq/grS45E5NNfwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTllYWE5ZDcxYjdjNTFjOWI0YmJlYTY4MTliMzdmZjUy
OTFkNTkwHhcNMjUwNDIxMDYwMDIwWhcNMjUwNDIyMDYwMDIwWjAzMTEwLwYDVQQD
EyhhZTU1MmY0ZWY0MGJkNDQ0YzEzYTNlZGE2YTQwMThkYmNhMGJlNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgX3y2egTC96J8ber6m7JHZUviL2
J3eqptPwvyDJbs99gWtef7m8NWW8Fs/vPk6OvrMgFrzM4BLJTZ80y7yA8y4B8L2e
rkGXdddhURzId7LexN3uy43vUjfeRoraALL7//DvMXf8H+G2Xz8zM65ovIpvdwky
ZF06rJosWTGc6wNRY4xR1nkvf+n/yGdpsNqhpFMF/7ZFOQTDDt7laElCiKEnF8MC
/cUz3MX/ja45yfl/ugNsF9jBKQ0c/FNo48gfcrrs2I9AFH6zHddJwxfah/SAkm1k
XwJcmHXeJk91m5FZy0n83Mhva9BmypzVZHn34hhimqXH9Eo2IwyWXhRxAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5VL070C9REwTo+2mpAGNvKC+dWMB8GA1UdIwQY
MBaAFJSp6qnXG3xRybS76mgZs3/1KR1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtucXFkY2JmRkhKdEx2cWFCbXpmX1VwSFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80NDNjNGYtNjQwNi00MDQxLWFjMTMt
MzkzYWQyNWViMzQwLzEvbEtucXFkY2JmRkhKdEx2cWFCbXpmX1VwSFZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80NDNjNGYtNjQwNi00MDQxLWFjMTMtMzkzYWQyNWViMzQw
LzEvbEtucXFkY2JmRkhKdEx2cWFCbXpmX1VwSFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoFVF3SVw
O+rAINeby4w7qjHNGsWhXN7/ZvhO+050+oWQTt7UCe8j390cOLEPOsbHeWkP7W/I
zqdUn+A75yImuaJbAa8dh8tUzWix9DGKdYZzJfCC3nzWVQN/IZv0nE3Ngtym7RV9
EVt6C1ITzW+W9kdFj9hOKxWPnfaEsm2cRVuf39ZbXI1J90l0UaOB0T5+WucF3Zsz
/72w576GGHBc1Y90Q8UzNVSObhzXAKBdBNtE2AC4EcAiBotvb++msmVKcCdf3OXb
w5TtvDVb8qQS96A0oyVXYiakxLA4IQ9TJaCo31o6mnHUo5CrKbjmBuGE3opo87l4
yhvDVJp/VPYjtw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:17:55 2025 by rpki-client