Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
File: IZUnwiTwCiiy9MtOExLXSNXKUWk.mft (raw, json)
Hash identifier: vjQiVI5GqB0x0FgKzEqym3Cp5hguzbfnMmh/wzbgTF0=
Subject key identifier: 82:20:38:9F:A6:A8:06:4F:CD:6C:4A:83:D2:A5:66:7D:12:FE:DD:81
Authority key identifier: 21:95:27:C2:24:F0:0A:28:B2:F4:CB:4E:13:12:D7:48:D5:CA:51:69
Certificate issuer: /CN=219527c224f00a28b2f4cb4e1312d748d5ca5169
Certificate serial: 019655A62BA03B941B582FEEABB193C7C4E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZUnwiTwCiiy9MtOExLXSNXKUWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
Manifest number: 14FC
Signing time: Mon 21 Apr 2025 00:01:15 +0000
Manifest this update: Mon 21 Apr 2025 00:01:15 +0000
Manifest next update: Tue 22 Apr 2025 00:01:15 +0000
Files and hashes: 1: IZUnwiTwCiiy9MtOExLXSNXKUWk.crl (hash: GdbwXN5SfGaz5tEZBhmry4oNwJdzx1p3dYV/UinSrSQ=)
2: l8INnv3QTRexkISN97lg6HuKeCY.roa (hash: pDEsYARUuEJK1pYQPfyythtLkxkCfRaxj9c1qzwCEIU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IZUnwiTwCiiy9MtOExLXSNXKUWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 00:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:a6:2b:a0:3b:94:1b:58:2f:ee:ab:b1:93:c7:c4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=219527c224f00a28b2f4cb4e1312d748d5ca5169
Validity
Not Before: Apr 21 00:01:15 2025 GMT
Not After : Apr 22 00:01:15 2025 GMT
Subject: CN=8220389fa6a8064fcd6c4a83d2a5667d12fedd81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:09:a0:fe:b2:0e:19:39:b2:19:13:e4:3f:f2:
f4:68:f6:66:08:a6:c5:a1:d1:7b:82:c1:e5:ff:76:
d3:fc:30:85:8b:b2:16:a2:3b:05:2b:a8:1b:74:c3:
29:4f:17:7e:b3:2b:ad:43:49:2a:13:30:6a:ec:c0:
e4:ca:9f:ea:8f:e4:8a:bf:81:cb:39:77:fd:29:d5:
15:43:e7:02:ac:44:15:15:96:d1:37:96:cc:5d:81:
ee:3e:5a:b8:1f:48:01:5a:11:c5:29:7d:b7:f0:17:
ef:45:d8:b7:9f:bd:bd:92:53:15:62:fa:ea:81:57:
5a:51:34:87:e2:0b:fb:96:56:4b:14:7d:c5:c2:06:
53:db:69:30:99:a1:cb:52:a5:9d:a8:68:5b:1c:3a:
7c:cc:26:67:20:3f:22:6d:82:28:5a:6a:fb:48:7d:
32:b4:d8:f6:aa:29:ce:5c:0f:e8:6f:25:11:c2:a6:
92:7c:59:92:f9:6b:b2:db:3d:66:78:42:4b:ab:7e:
67:ac:df:23:ee:ee:73:40:41:61:89:29:d5:88:ad:
b9:0b:f6:d5:8c:30:20:fe:c2:e9:1b:c9:28:f3:71:
18:12:69:d4:7d:e7:25:32:01:27:bf:4c:ac:ef:db:
9c:05:da:77:f5:68:b4:b0:73:24:ff:eb:70:c6:22:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:20:38:9F:A6:A8:06:4F:CD:6C:4A:83:D2:A5:66:7D:12:FE:DD:81
X509v3 Authority Key Identifier:
keyid:21:95:27:C2:24:F0:0A:28:B2:F4:CB:4E:13:12:D7:48:D5:CA:51:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZUnwiTwCiiy9MtOExLXSNXKUWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:2a:bc:50:a7:54:b6:57:bc:67:02:0d:90:95:de:cb:a8:f0:
5e:03:e7:a5:7e:c3:38:05:a9:43:b2:35:fb:20:21:be:21:5c:
66:06:07:f6:73:4e:d3:c7:21:32:df:e5:f9:d8:55:d3:67:47:
0c:14:86:70:3e:7c:39:b8:4f:8c:55:7f:9e:f4:96:41:c3:f2:
5c:40:37:18:9c:d0:15:81:2e:54:2b:7e:92:c7:19:47:5f:04:
fe:f4:b7:19:e3:c6:be:0e:35:2d:c6:b7:11:f2:67:8f:ad:08:
7a:de:40:40:f0:77:65:10:00:cc:15:65:26:0e:b9:13:eb:32:
a6:50:37:f3:07:b0:6e:48:06:91:00:f5:88:8d:54:d6:3f:a3:
1f:19:30:b9:2a:f2:5c:ce:eb:e4:cc:b4:5c:e5:85:bc:a8:99:
c2:b4:66:14:e7:41:db:02:fd:0d:cc:4c:bd:d7:00:9b:96:ed:
93:81:26:f0:c7:e8:8a:a4:8f:09:fb:7e:fd:91:f3:6c:9b:10:
77:5f:3e:e4:c1:a1:5a:d4:e9:7f:f2:d1:53:39:5e:c8:e5:14:
59:df:d3:32:cf:f7:44:bf:ca:9f:b1:50:68:3d:ea:b2:d1:f4:
aa:70:28:40:72:c6:72:0a:cd:3d:a2:f9:e1:66:9a:41:97:f2:
da:4b:b8:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpiugO5QbWC/uq7GTx8TjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOTUyN2MyMjRmMDBhMjhiMmY0Y2I0ZTEzMTJkNzQ4ZDVj
YTUxNjkwHhcNMjUwNDIxMDAwMTE1WhcNMjUwNDIyMDAwMTE1WjAzMTEwLwYDVQQD
Eyg4MjIwMzg5ZmE2YTgwNjRmY2Q2YzRhODNkMmE1NjY3ZDEyZmVkZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywmg/rIOGTmyGRPkP/L0aPZmCKbF
odF7gsHl/3bT/DCFi7IWojsFK6gbdMMpTxd+syutQ0kqEzBq7MDkyp/qj+SKv4HL
OXf9KdUVQ+cCrEQVFZbRN5bMXYHuPlq4H0gBWhHFKX238BfvRdi3n729klMVYvrq
gVdaUTSH4gv7llZLFH3FwgZT22kwmaHLUqWdqGhbHDp8zCZnID8ibYIoWmr7SH0y
tNj2qinOXA/obyURwqaSfFmS+Wuy2z1meEJLq35nrN8j7u5zQEFhiSnViK25C/bV
jDAg/sLpG8ko83EYEmnUfeclMgEnv0ys79ucBdp39Wi0sHMk/+twxiIYZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIgOJ+mqAZPzWxKg9KlZn0S/t2BMB8GA1UdIwQY
MBaAFCGVJ8Ik8AoosvTLThMS10jVylFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVpVbndpVHdDaWl5OU10T0V4TFhTTlhLVVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84NTQwZGItZjkwMS00MzNiLTgxYmIt
OTdkNTVmMzkxNTYxLzEvSVpVbndpVHdDaWl5OU10T0V4TFhTTlhLVVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84NTQwZGItZjkwMS00MzNiLTgxYmItOTdkNTVmMzkxNTYx
LzEvSVpVbndpVHdDaWl5OU10T0V4TFhTTlhLVVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdiq8UKdU
tle8ZwINkJXey6jwXgPnpX7DOAWpQ7I1+yAhviFcZgYH9nNO08chMt/l+dhV02dH
DBSGcD58ObhPjFV/nvSWQcPyXEA3GJzQFYEuVCt+kscZR18E/vS3GePGvg41Lca3
EfJnj60Iet5AQPB3ZRAAzBVlJg65E+syplA38wewbkgGkQD1iI1U1j+jHxkwuSry
XM7r5My0XOWFvKiZwrRmFOdB2wL9DcxMvdcAm5btk4Em8MfoiqSPCft+/ZHzbJsQ
d18+5MGhWtTpf/LRUzleyOUUWd/TMs/3RL/Kn7FQaD3qstH0qnAoQHLGcgrNPaL5
4WaaQZfy2ku44g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:16:57 2025 by rpki-client