Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
File: zT5kktRzFSDB7tvNopZ5UArAg6s.mft (raw, json)
Hash identifier: xARWKyH4z5u7byFOvGiJO+6Ozoub9Xy6EKfjzKC2bIA=
Subject key identifier: 21:4F:82:9B:78:D3:44:0F:51:F4:49:4B:A2:02:91:26:8D:19:72:2D
Authority key identifier: CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB
Certificate issuer: /CN=cd3e6492d4731520c1eedbcda29679500ac083ab
Certificate serial: 01965A2745B741D486E34969FF602EDB1F86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
Manifest number: 03CE
Signing time: Mon 21 Apr 2025 21:00:45 +0000
Manifest this update: Mon 21 Apr 2025 21:00:45 +0000
Manifest next update: Tue 22 Apr 2025 21:00:45 +0000
Files and hashes: 1: COOSirhVHTLVRSIt4NAQH8L8vr4.roa (hash: tu1lQ0uqkhi4vcEmV6leM3hmh+odZkH5lyLz+npAcNE=)
2: zT5kktRzFSDB7tvNopZ5UArAg6s.crl (hash: UUsR7EzxEz1lX3oqyUJRssy4/6HLXDvgqIhqgqGw7L4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:27:45:b7:41:d4:86:e3:49:69:ff:60:2e:db:1f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3e6492d4731520c1eedbcda29679500ac083ab
Validity
Not Before: Apr 21 21:00:45 2025 GMT
Not After : Apr 22 21:00:45 2025 GMT
Subject: CN=214f829b78d3440f51f4494ba20291268d19722d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:25:d9:2f:a4:5e:f3:83:73:90:b6:8d:ae:
75:6d:3b:45:44:c6:30:32:e0:cc:84:67:bb:c0:d8:
23:20:50:af:3c:8f:89:df:e8:3f:f7:34:08:ce:c4:
80:f6:f2:78:23:ca:38:da:67:3a:ec:63:9c:7a:db:
7f:19:5c:ce:72:ab:9f:2b:9b:4a:84:a2:d5:7f:2e:
f3:e2:1a:fc:04:f3:e3:4e:5a:8f:7c:14:a3:23:48:
26:24:29:fb:41:ab:b6:e9:68:cf:4f:3e:2e:43:28:
ab:09:dd:93:2d:d1:76:82:7e:f8:3d:4a:24:d7:50:
2c:f7:22:35:26:b4:bb:67:96:eb:a7:30:74:78:69:
86:d4:4d:d5:80:f2:73:99:a2:6b:b3:9f:4d:ee:27:
06:74:93:0c:d6:cb:fa:fb:96:dd:94:35:e9:74:79:
d3:4b:8a:11:27:36:1f:a2:f8:bb:62:29:4c:25:08:
aa:8f:da:4e:42:4b:39:4f:82:7e:dc:d4:12:c6:91:
fa:39:f1:53:7c:61:99:c5:a0:31:dc:83:bf:05:17:
36:d6:25:0c:bb:a1:69:00:6a:9e:be:40:61:f2:62:
5f:c7:50:f5:3a:b4:3f:d3:ff:0d:03:a4:0e:13:41:
43:ea:0d:f2:3d:bd:d2:64:39:a7:bd:1e:73:fe:27:
cc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4F:82:9B:78:D3:44:0F:51:F4:49:4B:A2:02:91:26:8D:19:72:2D
X509v3 Authority Key Identifier:
keyid:CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:0f:82:3a:69:8d:1c:e1:a1:4b:da:52:e0:38:40:03:43:5d:
7a:a3:44:36:1e:49:3f:09:eb:03:60:17:da:f1:36:f2:e3:a0:
dc:42:b0:e5:82:b2:66:bb:4f:15:4f:83:75:1d:b8:68:f8:76:
fc:5f:d3:da:58:48:1d:f2:c5:e2:8a:03:6d:8b:71:1e:9b:6c:
6b:1b:38:01:df:82:71:73:b9:df:02:12:a5:97:8b:34:36:28:
4c:ab:1f:0f:e4:6a:2c:3a:f9:3b:6b:55:09:ad:b4:b1:25:39:
58:c2:2c:de:5a:6b:35:12:ae:8a:43:af:e7:2f:09:b8:84:e9:
84:fe:18:09:99:27:4c:80:dc:72:4c:70:e4:40:ab:c7:23:6f:
19:f9:d5:39:d6:de:d4:ea:81:91:f3:2a:4a:53:09:9d:b2:d3:
36:ee:52:1e:43:98:02:a7:5a:15:68:e5:06:1b:eb:bd:e0:8d:
7e:b3:1a:ab:4c:64:3e:13:52:f3:bc:6f:19:64:8b:19:a1:ec:
6f:9f:41:09:01:29:a2:c7:9c:dc:5a:aa:52:5a:47:af:82:be:
63:70:13:d9:8d:c1:18:c3:6d:43:97:06:8a:66:4e:ef:d3:98:
5e:fc:54:eb:56:c9:15:f4:f3:34:34:bd:56:3e:ec:bb:cc:6b:
f0:b5:39:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaJ0W3QdSG40lp/2Au2x+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2U2NDkyZDQ3MzE1MjBjMWVlZGJjZGEyOTY3OTUwMGFj
MDgzYWIwHhcNMjUwNDIxMjEwMDQ1WhcNMjUwNDIyMjEwMDQ1WjAzMTEwLwYDVQQD
EygyMTRmODI5Yjc4ZDM0NDBmNTFmNDQ5NGJhMjAyOTEyNjhkMTk3MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdgl2S+kXvODc5C2ja51bTtFRMYw
MuDMhGe7wNgjIFCvPI+J3+g/9zQIzsSA9vJ4I8o42mc67GOcett/GVzOcqufK5tK
hKLVfy7z4hr8BPPjTlqPfBSjI0gmJCn7Qau26WjPTz4uQyirCd2TLdF2gn74PUok
11As9yI1JrS7Z5brpzB0eGmG1E3VgPJzmaJrs59N7icGdJMM1sv6+5bdlDXpdHnT
S4oRJzYfovi7YilMJQiqj9pOQks5T4J+3NQSxpH6OfFTfGGZxaAx3IO/BRc21iUM
u6FpAGqevkBh8mJfx1D1OrQ/0/8NA6QOE0FD6g3yPb3SZDmnvR5z/ifMdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFPgpt400QPUfRJS6ICkSaNGXItMB8GA1UdIwQY
MBaAFM0+ZJLUcxUgwe7bzaKWeVAKwIOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUt
Y2ZjZmZhM2MwNjY1LzEvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUtY2ZjZmZhM2MwNjY1
LzEvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOg+COmmN
HOGhS9pS4DhAA0NdeqNENh5JPwnrA2AX2vE28uOg3EKw5YKyZrtPFU+DdR24aPh2
/F/T2lhIHfLF4ooDbYtxHptsaxs4Ad+CcXO53wISpZeLNDYoTKsfD+RqLDr5O2tV
Ca20sSU5WMIs3lprNRKuikOv5y8JuITphP4YCZknTIDcckxw5ECrxyNvGfnVOdbe
1OqBkfMqSlMJnbLTNu5SHkOYAqdaFWjlBhvrveCNfrMaq0xkPhNS87xvGWSLGaHs
b59BCQEposec3FqqUlpHr4K+Y3AT2Y3BGMNtQ5cGimZO79OYXvxU61bJFfTzNDS9
Vj7su8xr8LU5FQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:56:56 2025 by rpki-client