Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File: M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier: KUJrGqmvovMyUeyO+rk5MkWMfUz3YLIggRNhk/xyAl0=
Subject key identifier: 35:8B:F6:27:83:B8:6A:F1:EE:CB:5C:A9:29:85:96:34:A3:DD:17:72
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer: /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial: 01966029810938C3ED8A3E3BE67FAB313B8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number: 083B
Signing time: Wed 23 Apr 2025 01:00:54 +0000
Manifest this update: Wed 23 Apr 2025 01:00:54 +0000
Manifest next update: Thu 24 Apr 2025 01:00:54 +0000
Files and hashes: 1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: GiWLen7aLPQVLAluTW70EBbBa6jPHN7KaF34xEgZ51k=)
2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:60:29:81:09:38:c3:ed:8a:3e:3b:e6:7f:ab:31:3b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
Validity
Not Before: Apr 23 01:00:54 2025 GMT
Not After : Apr 24 01:00:54 2025 GMT
Subject: CN=358bf62783b86af1eecb5ca929859634a3dd1772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4b:e7:a1:d0:45:10:40:43:07:8c:42:ac:54:
d9:a3:0a:ea:fe:54:38:1f:29:b2:4f:d9:07:2c:2d:
0a:41:3f:af:3c:85:dd:64:95:db:56:1d:c3:c0:f5:
d5:c8:8f:14:4d:d1:66:36:56:40:d0:a7:75:4f:3a:
a7:d7:b2:f2:7c:02:d9:06:8a:03:aa:59:33:23:cf:
86:87:24:35:1a:7d:b3:68:02:d6:65:d2:39:3c:05:
c0:f3:26:62:61:15:61:00:cf:b7:e1:70:29:9a:ab:
59:41:4a:cb:70:e3:61:74:4f:20:23:47:f0:3d:0d:
64:0e:0d:8b:fc:b1:9d:b7:9f:59:2f:c5:b4:1e:7a:
d2:f9:56:00:91:fc:e8:59:e7:87:9c:e7:c6:7c:89:
20:0f:7f:22:ae:5e:c7:39:7c:c5:ff:f5:1f:39:de:
5c:76:ea:4a:00:27:55:92:d9:57:f8:bd:a6:68:42:
a8:8d:a5:39:dd:98:f9:95:2f:17:01:09:6c:1e:b3:
28:40:bc:2e:03:97:9c:17:48:7e:39:00:e4:b1:24:
a4:d1:fa:17:c3:64:8f:4a:b3:f5:71:b2:c8:a3:0e:
b1:45:98:bd:af:31:66:b7:b4:6c:2e:fb:98:7d:ef:
68:26:2f:7a:e6:12:55:c9:c8:b2:4f:4a:59:61:38:
01:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8B:F6:27:83:B8:6A:F1:EE:CB:5C:A9:29:85:96:34:A3:DD:17:72
X509v3 Authority Key Identifier:
keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:96:59:02:f7:10:b5:e3:74:7d:43:3a:f7:bc:c0:e8:de:83:
5a:7f:d2:cb:17:ee:31:13:db:cc:47:75:4a:5e:9b:91:b0:24:
f4:b3:ac:ae:57:4b:c3:92:10:0a:a0:89:0a:02:fb:d4:47:b3:
42:6e:37:27:9c:d9:f9:e6:60:31:bd:05:29:d0:28:4b:4b:1c:
f3:6b:8c:a7:9c:af:bb:bc:ad:2d:0d:8e:f3:a0:f1:9a:1e:23:
d9:e6:76:eb:50:de:0e:86:e3:cf:20:1a:b5:b8:e3:da:d3:9c:
7c:ff:bd:5b:97:b5:cd:e1:0d:c1:cb:79:25:22:27:2c:7c:5a:
c5:8c:9c:9c:51:dc:28:f8:02:ec:6f:e2:08:4e:89:44:5f:2b:
07:48:73:50:9e:ee:06:1d:a9:d0:b7:10:03:eb:54:30:ad:14:
92:91:6a:6a:49:76:d2:7e:bd:af:c5:31:cc:30:bf:48:a7:c7:
5c:51:59:78:6b:7d:39:5a:1f:01:46:7a:0a:d9:8d:d7:f3:cd:
a2:63:56:35:3d:61:08:e8:4a:8c:a3:ac:d3:cc:0e:4d:06:1c:
48:1b:d6:c9:72:bb:59:45:88:2d:7e:a3:00:8d:f8:49:13:b0:
02:e1:d4:33:bc:72:c9:99:9f:b2:c5:38:4e:d2:d5:be:56:19:
da:22:45:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZgKYEJOMPtij475n+rMTuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUwNDIzMDEwMDU0WhcNMjUwNDI0MDEwMDU0WjAzMTEwLwYDVQQD
EygzNThiZjYyNzgzYjg2YWYxZWVjYjVjYTkyOTg1OTYzNGEzZGQxNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkvnodBFEEBDB4xCrFTZowrq/lQ4
HymyT9kHLC0KQT+vPIXdZJXbVh3DwPXVyI8UTdFmNlZA0Kd1Tzqn17LyfALZBooD
qlkzI8+GhyQ1Gn2zaALWZdI5PAXA8yZiYRVhAM+34XApmqtZQUrLcONhdE8gI0fw
PQ1kDg2L/LGdt59ZL8W0HnrS+VYAkfzoWeeHnOfGfIkgD38irl7HOXzF//UfOd5c
dupKACdVktlX+L2maEKojaU53Zj5lS8XAQlsHrMoQLwuA5ecF0h+OQDksSSk0foX
w2SPSrP1cbLIow6xRZi9rzFmt7RsLvuYfe9oJi965hJVyciyT0pZYTgBfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWL9ieDuGrx7stcqSmFljSj3RdyMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJZZAvcQ
teN0fUM697zA6N6DWn/SyxfuMRPbzEd1Sl6bkbAk9LOsrldLw5IQCqCJCgL71Eez
Qm43J5zZ+eZgMb0FKdAoS0sc82uMp5yvu7ytLQ2O86Dxmh4j2eZ261DeDobjzyAa
tbjj2tOcfP+9W5e1zeENwct5JSInLHxaxYycnFHcKPgC7G/iCE6JRF8rB0hzUJ7u
Bh2p0LcQA+tUMK0UkpFqakl20n69r8UxzDC/SKfHXFFZeGt9OVofAUZ6CtmN1/PN
omNWNT1hCOhKjKOs08wOTQYcSBvWyXK7WUWILX6jAI34SROwAuHUM7xyyZmfssU4
TtLVvlYZ2iJFlw==
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:13:41 2025 by rpki-client