Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: IGxMTAADP4KzYC5JActlf4fnIkeEDYtqvCLmoE1gdLM=
Subject key identifier: 28:93:BD:00:52:81:65:F2:CE:17:E6:D6:AC:70:7C:2F:2A:D2:1C:53
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 01965982F7D5E2899D6A2E8459BC23860ABF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 07FC
Signing time: Mon 21 Apr 2025 18:01:17 +0000
Manifest this update: Mon 21 Apr 2025 18:01:17 +0000
Manifest next update: Tue 22 Apr 2025 18:01:17 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: lTJqRM6d2LyCTqfQfEbGI99OhGoo3HysOSqa/ta7twY=)
2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:82:f7:d5:e2:89:9d:6a:2e:84:59:bc:23:86:0a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Apr 21 18:01:17 2025 GMT
Not After : Apr 22 18:01:17 2025 GMT
Subject: CN=2893bd00528165f2ce17e6d6ac707c2f2ad21c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:28:d3:c6:f5:82:67:09:cc:33:16:62:81:43:
0f:2b:bc:64:7a:2e:fc:c3:40:20:ff:45:be:df:3e:
d8:3f:69:9c:57:a1:a9:08:62:6a:68:ed:b8:64:d3:
1c:be:e1:50:58:1f:fb:83:2a:0e:1d:e2:b6:64:31:
96:03:88:b1:5e:f4:df:8d:d8:51:22:2a:b2:88:3c:
ae:d2:a4:da:14:ab:71:7f:2a:1a:61:1e:a4:32:f0:
49:ac:7d:bf:97:f9:3e:7d:6c:d9:4d:2c:30:77:12:
c2:d0:9e:c6:85:28:fa:84:ac:0c:9f:94:00:2e:19:
2e:04:90:f5:2d:1f:f2:fc:7c:f6:a7:1a:6b:0f:ec:
8a:b4:7b:6e:7d:ea:d5:8e:71:76:98:fc:2c:4a:b9:
94:7e:31:c4:93:50:ca:5c:cc:41:f4:5f:84:f3:1e:
b0:e6:a9:2f:81:55:57:93:fb:c8:9c:7a:a5:aa:02:
f9:a7:93:82:bb:e8:b1:45:2f:c6:7f:ef:c4:46:99:
ec:37:e7:14:e6:da:67:6e:91:60:43:6d:34:a5:93:
27:f0:3e:63:d1:8b:be:e3:f3:93:c6:03:93:d3:9c:
82:61:1d:1c:12:09:af:7a:4c:db:f3:91:3b:ec:82:
b8:49:85:5d:44:dd:1d:05:a2:ad:91:23:39:d1:7b:
a6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:93:BD:00:52:81:65:F2:CE:17:E6:D6:AC:70:7C:2F:2A:D2:1C:53
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:a8:a4:79:2f:19:1f:dd:34:a5:54:bd:72:17:f7:57:01:24:
0c:11:bb:b0:a9:91:f5:f9:5c:63:41:54:07:af:0c:79:c5:9c:
1f:22:cc:5e:ba:78:58:aa:0f:7f:4c:24:8f:51:0e:1a:5e:70:
b7:5c:e5:e0:10:95:d9:53:98:46:63:17:05:6f:4f:59:c8:7a:
8d:a2:57:2a:a0:16:26:b8:53:5d:bc:82:49:83:bf:2b:d6:3b:
26:9a:40:80:9d:1d:49:b9:29:4d:9b:85:b8:20:cb:18:52:31:
be:03:ad:b9:39:3d:56:0e:18:50:85:c7:b2:a5:dc:26:89:f9:
29:4d:b1:82:34:f0:68:4b:6c:a3:23:db:0b:af:66:6c:37:2d:
e8:f7:fc:fb:33:ab:90:7c:6a:fa:86:32:c2:47:12:f5:62:9d:
20:b9:f6:e7:e9:0d:5e:18:e8:bb:0a:3e:eb:34:d6:f8:71:43:
e5:58:5f:a6:ad:53:cf:1f:93:f0:7f:c8:c6:d6:84:df:48:ce:
44:76:fa:94:1f:08:c4:e7:c5:75:c8:ae:10:09:bd:21:6c:33:
1a:38:17:d1:25:07:05:91:87:dc:26:4e:a7:53:6c:9d:30:9e:
b6:61:98:5b:71:d5:7d:00:6e:25:d1:2a:59:dc:f7:e8:50:b1:
f0:51:b4:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgvfV4omdai6EWbwjhgq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjUwNDIxMTgwMTE3WhcNMjUwNDIyMTgwMTE3WjAzMTEwLwYDVQQD
EygyODkzYmQwMDUyODE2NWYyY2UxN2U2ZDZhYzcwN2MyZjJhZDIxYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCjTxvWCZwnMMxZigUMPK7xkei78
w0Ag/0W+3z7YP2mcV6GpCGJqaO24ZNMcvuFQWB/7gyoOHeK2ZDGWA4ixXvTfjdhR
IiqyiDyu0qTaFKtxfyoaYR6kMvBJrH2/l/k+fWzZTSwwdxLC0J7GhSj6hKwMn5QA
LhkuBJD1LR/y/Hz2pxprD+yKtHtuferVjnF2mPwsSrmUfjHEk1DKXMxB9F+E8x6w
5qkvgVVXk/vInHqlqgL5p5OCu+ixRS/Gf+/ERpnsN+cU5tpnbpFgQ200pZMn8D5j
0Yu+4/OTxgOT05yCYR0cEgmvekzb85E77IK4SYVdRN0dBaKtkSM50Xum0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiTvQBSgWXyzhfm1qxwfC8q0hxTMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP6ikeS8Z
H900pVS9chf3VwEkDBG7sKmR9flcY0FUB68MecWcHyLMXrp4WKoPf0wkj1EOGl5w
t1zl4BCV2VOYRmMXBW9PWch6jaJXKqAWJrhTXbyCSYO/K9Y7JppAgJ0dSbkpTZuF
uCDLGFIxvgOtuTk9Vg4YUIXHsqXcJon5KU2xgjTwaEtsoyPbC69mbDct6Pf8+zOr
kHxq+oYywkcS9WKdILn25+kNXhjouwo+6zTW+HFD5Vhfpq1Tzx+T8H/IxtaE30jO
RHb6lB8IxOfFdciuEAm9IWwzGjgX0SUHBZGH3CZOp1NsnTCetmGYW3HVfQBuJdEq
Wdz36FCx8FG03g==
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:28:19 2025 by rpki-client