Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
File: tAqlFjSW4FOna21pzcRfdQBs2N8.mft (raw, json)
Hash identifier: RLORKVrcVCt3j3AjZ0veGik6uwiagJ0BVr1Knzy49bU=
Subject key identifier: C7:37:05:07:05:39:CB:5B:F1:50:26:87:CA:07:26:58:65:60:D1:3F
Authority key identifier: B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
Certificate issuer: /CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Certificate serial: 01965424E5FB7063A38189BB63C4CEB738F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
Manifest number: 14FE
Signing time: Sun 20 Apr 2025 17:00:26 +0000
Manifest this update: Sun 20 Apr 2025 17:00:26 +0000
Manifest next update: Mon 21 Apr 2025 17:00:26 +0000
Files and hashes: 1: 1-d6DUI7mmJKHILGE-ACGJbIFV40.roa (hash: WM+ispXO9qKwdYzXWtwDmpPip6PK1PIBVYZaFFY6Sl4=)
2: tAqlFjSW4FOna21pzcRfdQBs2N8.crl (hash: E3PRGQo6FAMgeSS9950ny/YP5iMZKEgDGiyOkFsAMKU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:24:e5:fb:70:63:a3:81:89:bb:63:c4:ce:b7:38:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40aa5163496e053a76b6d69cdc45f75006cd8df
Validity
Not Before: Apr 20 17:00:26 2025 GMT
Not After : Apr 21 17:00:26 2025 GMT
Subject: CN=c73705070539cb5bf1502687ca0726586560d13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2c:46:1f:42:d8:17:89:05:2d:be:15:b1:3f:
c8:7d:65:ad:08:11:4b:49:8b:06:89:de:37:2a:21:
a5:4f:d5:46:19:68:36:84:8a:b2:fa:74:27:e8:60:
9c:ec:71:00:79:ed:38:91:37:73:95:a8:04:97:6f:
6c:58:e0:55:85:39:41:b5:99:89:df:bf:f8:c4:ac:
cc:68:65:6c:9d:bd:66:e4:89:43:df:56:34:98:e4:
17:fe:69:31:35:62:b4:83:37:3e:bb:fb:de:db:35:
b3:04:99:51:01:0c:c8:d2:01:a9:1e:a9:c6:68:f1:
09:4e:39:12:a9:b9:86:c4:9e:7d:59:89:92:69:b5:
1c:a3:e7:f4:1e:fd:b1:15:12:11:ef:47:13:e4:70:
df:f1:2d:a5:b9:61:ff:22:af:93:5b:05:bb:fa:e6:
a9:b7:f3:a7:3b:1b:83:93:6a:1a:85:6c:e4:5e:14:
12:31:a2:77:19:c3:ea:64:f5:a9:5c:71:7a:19:03:
e9:91:f6:17:ca:64:66:1d:43:b7:06:b2:14:a8:73:
91:1b:e0:ee:dd:e7:92:bc:dd:34:bb:9f:81:a8:db:
ee:61:3f:c1:79:ad:86:d9:3e:44:27:27:e3:7c:76:
d8:df:fe:0f:bc:ec:a5:d8:2c:32:6a:5e:12:ef:53:
3c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:37:05:07:05:39:CB:5B:F1:50:26:87:CA:07:26:58:65:60:D1:3F
X509v3 Authority Key Identifier:
keyid:B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:58:fa:1f:06:72:1c:cf:43:f8:85:90:0e:f7:d5:d8:f5:90:
8a:95:e7:e9:9f:21:41:e4:4a:ad:d9:9b:ca:de:88:92:a6:d7:
50:35:ee:72:2e:99:a4:99:31:0f:c6:de:b6:6a:fb:77:e7:c4:
54:66:23:63:88:a5:0f:38:ee:37:76:90:5f:8b:23:0d:d2:e4:
fb:bb:1c:b0:88:c9:00:71:23:ec:66:60:eb:3e:30:42:e0:01:
a1:60:ff:2a:bb:8d:36:f0:f6:08:98:d5:44:30:5f:22:0e:29:
5c:0d:f2:bc:5b:3b:d2:1c:f8:c3:d2:f3:c9:b9:f2:07:10:f1:
9b:06:75:f7:3c:fd:45:5e:ae:da:fc:f1:1d:61:98:3d:85:a5:
6d:53:f9:da:60:84:57:b9:41:b5:38:23:0b:d0:30:0a:0a:da:
58:87:19:28:47:72:a9:2c:ff:26:07:82:7c:16:92:43:6e:91:
ac:80:7d:0e:f0:0a:4c:4c:8a:f0:5e:45:df:59:16:c5:41:0f:
99:e1:bc:5b:5c:06:29:8c:0d:03:9b:8f:74:23:45:10:c7:26:
c6:d0:fa:ba:94:a0:b0:cc:73:5e:08:76:00:2e:a6:34:e3:b9:
94:08:67:ca:2c:10:29:6a:f3:fe:5f:d9:8f:8f:aa:0a:b8:f9:
01:d9:b9:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJOX7cGOjgYm7Y8TOtzjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MGFhNTE2MzQ5NmUwNTNhNzZiNmQ2OWNkYzQ1Zjc1MDA2
Y2Q4ZGYwHhcNMjUwNDIwMTcwMDI2WhcNMjUwNDIxMTcwMDI2WjAzMTEwLwYDVQQD
EyhjNzM3MDUwNzA1MzljYjViZjE1MDI2ODdjYTA3MjY1ODY1NjBkMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoixGH0LYF4kFLb4VsT/IfWWtCBFL
SYsGid43KiGlT9VGGWg2hIqy+nQn6GCc7HEAee04kTdzlagEl29sWOBVhTlBtZmJ
37/4xKzMaGVsnb1m5IlD31Y0mOQX/mkxNWK0gzc+u/ve2zWzBJlRAQzI0gGpHqnG
aPEJTjkSqbmGxJ59WYmSabUco+f0Hv2xFRIR70cT5HDf8S2luWH/Iq+TWwW7+uap
t/OnOxuDk2oahWzkXhQSMaJ3GcPqZPWpXHF6GQPpkfYXymRmHUO3BrIUqHORG+Du
3eeSvN00u5+BqNvuYT/Bea2G2T5EJyfjfHbY3/4PvOyl2Cwyal4S71M8rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMc3BQcFOctb8VAmh8oHJlhlYNE/MB8GA1UdIwQY
MBaAFLQKpRY0luBTp2ttac3EX3UAbNjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUt
YzcyY2JhYzI4NWY4LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUtYzcyY2JhYzI4NWY4
LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFVj6HwZy
HM9D+IWQDvfV2PWQipXn6Z8hQeRKrdmbyt6IkqbXUDXuci6ZpJkxD8betmr7d+fE
VGYjY4ilDzjuN3aQX4sjDdLk+7scsIjJAHEj7GZg6z4wQuABoWD/KruNNvD2CJjV
RDBfIg4pXA3yvFs70hz4w9LzybnyBxDxmwZ19zz9RV6u2vzxHWGYPYWlbVP52mCE
V7lBtTgjC9AwCgraWIcZKEdyqSz/JgeCfBaSQ26RrIB9DvAKTEyK8F5F31kWxUEP
meG8W1wGKYwNA5uPdCNFEMcmxtD6upSgsMxzXgh2AC6mNOO5lAhnyiwQKWrz/l/Z
j4+qCrj5Adm5pg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:19:02 2025 by rpki-client