Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/0Q44sLejPvOhbhVDNAKYfW1njaE.mft
File: 0Q44sLejPvOhbhVDNAKYfW1njaE.mft (raw, json)
Hash identifier: OOqkkJ381hxyu6nPtDanMHsLh0JSdDNvgH0SK2/Bop4=
Subject key identifier: C2:35:F4:A1:94:DD:FF:89:44:3E:DD:2D:17:F8:AE:E7:4E:81:41:AF
Authority key identifier: D1:0E:38:B0:B7:A3:3E:F3:A1:6E:15:43:34:02:98:7D:6D:67:8D:A1
Certificate issuer: /CN=d10e38b0b7a33ef3a16e15433402987d6d678da1
Certificate serial: 01965E039084F6A4AA422B2465C7935EE2FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q44sLejPvOhbhVDNAKYfW1njaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/0Q44sLejPvOhbhVDNAKYfW1njaE.mft
Manifest number: 11AD
Signing time: Tue 22 Apr 2025 15:00:13 +0000
Manifest this update: Tue 22 Apr 2025 15:00:13 +0000
Manifest next update: Wed 23 Apr 2025 15:00:13 +0000
Files and hashes: 1: 0Q44sLejPvOhbhVDNAKYfW1njaE.crl (hash: A3Ruaw7beFD3CphjrfeGlU62s5Yvi5W7bqjt5+5x5sc=)
2: pTXcU1-027t2C2Vu9gFY335XMJc.roa (hash: VazQFR0+HiS2IaElmJ/i9QSFb0To3uFvpZ1ELlNt0rw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/0Q44sLejPvOhbhVDNAKYfW1njaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/0Q44sLejPvOhbhVDNAKYfW1njaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Q44sLejPvOhbhVDNAKYfW1njaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5e:03:90:84:f6:a4:aa:42:2b:24:65:c7:93:5e:e2:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10e38b0b7a33ef3a16e15433402987d6d678da1
Validity
Not Before: Apr 22 15:00:13 2025 GMT
Not After : Apr 23 15:00:13 2025 GMT
Subject: CN=c235f4a194ddff89443edd2d17f8aee74e8141af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fc:30:82:11:5d:4e:e0:77:4e:fe:66:93:78:
7d:dc:ad:d2:56:30:a9:19:21:66:4a:a0:02:17:12:
61:51:2a:68:54:03:81:96:c6:b0:ce:c8:09:c4:27:
08:97:5a:f4:f9:85:9d:20:69:13:87:40:c9:80:df:
5d:39:3b:c8:70:61:a1:9f:ce:14:4d:c7:c8:e7:bd:
ce:68:68:2c:d3:59:0c:19:c1:a5:c9:0f:95:95:bb:
92:5f:c5:c7:f6:35:dc:73:53:bb:b5:42:76:52:49:
c0:6b:e1:f6:6e:5f:dc:87:80:7c:25:5e:cb:84:44:
ca:19:9b:12:aa:c4:d7:7f:42:ae:85:f5:2d:0d:36:
60:71:c0:56:43:d9:d4:2f:45:a1:58:e8:c2:5a:7a:
92:47:f2:db:4c:ec:27:30:c9:31:08:2b:60:03:81:
11:cf:1d:1a:7b:99:7c:8d:de:81:78:49:ac:ff:ce:
3b:64:3d:78:1a:66:c1:28:e8:f4:bb:99:cb:de:f3:
2b:35:0d:f3:d3:ac:52:61:bd:6b:9f:c8:2a:7c:71:
e4:47:e2:c6:5f:6f:63:20:8e:30:cc:f4:10:26:18:
21:3f:83:7f:45:cd:24:15:37:3a:d0:a2:57:5b:75:
fa:30:af:3f:9d:f7:57:ed:30:f9:42:08:af:7d:7f:
fc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:35:F4:A1:94:DD:FF:89:44:3E:DD:2D:17:F8:AE:E7:4E:81:41:AF
X509v3 Authority Key Identifier:
keyid:D1:0E:38:B0:B7:A3:3E:F3:A1:6E:15:43:34:02:98:7D:6D:67:8D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q44sLejPvOhbhVDNAKYfW1njaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/0Q44sLejPvOhbhVDNAKYfW1njaE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/3fa09a-e874-4f34-bf45-2c0eda70666a/1/0Q44sLejPvOhbhVDNAKYfW1njaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:c5:29:cc:df:1c:ba:fa:4a:6f:68:08:4a:77:db:d9:e6:25:
b6:5a:63:9e:bc:c3:c6:ae:5a:6b:a9:73:4e:c4:25:15:68:8c:
8e:7b:7c:b1:77:6d:38:67:c2:2e:50:79:5d:59:89:f4:ce:c9:
da:93:5b:5c:ee:de:a5:5a:90:4b:fc:d6:c1:0c:48:9d:1e:66:
a3:d4:b5:32:3c:40:b9:8f:41:a7:1f:75:af:4c:31:24:2d:ee:
76:8e:6c:3b:a4:f6:e1:b7:2c:04:5a:7a:11:53:26:30:a9:bb:
b6:d2:52:1d:df:d7:a1:3e:01:9c:b0:4b:67:56:7c:8a:e5:39:
de:56:ba:c4:d5:23:82:e3:5d:dc:8f:20:73:dc:99:06:6b:9d:
15:8b:8f:db:b5:f4:76:e8:2f:f9:4b:1b:51:90:ef:9a:36:71:
ec:3d:f3:5b:ed:d6:39:e9:94:76:b9:96:94:51:2d:69:ef:b7:
85:c4:07:85:4e:8d:7f:ec:e4:29:21:a2:c1:b5:5a:0e:2b:1c:
e6:d8:6b:f3:cc:e9:55:6e:bb:23:8b:8f:65:f0:0f:c9:1b:3d:
21:80:15:f0:7c:59:2f:1e:ee:bf:fc:a0:a5:fb:87:ea:a6:80:
a2:e9:4f:b5:65:7a:ea:c7:b9:45:ab:9d:75:2d:ea:8e:af:78:
1e:24:0b:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZeA5CE9qSqQiskZceTXuL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGUzOGIwYjdhMzNlZjNhMTZlMTU0MzM0MDI5ODdkNmQ2
NzhkYTEwHhcNMjUwNDIyMTUwMDEzWhcNMjUwNDIzMTUwMDEzWjAzMTEwLwYDVQQD
EyhjMjM1ZjRhMTk0ZGRmZjg5NDQzZWRkMmQxN2Y4YWVlNzRlODE0MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfwwghFdTuB3Tv5mk3h93K3SVjCp
GSFmSqACFxJhUSpoVAOBlsawzsgJxCcIl1r0+YWdIGkTh0DJgN9dOTvIcGGhn84U
TcfI573OaGgs01kMGcGlyQ+VlbuSX8XH9jXcc1O7tUJ2UknAa+H2bl/ch4B8JV7L
hETKGZsSqsTXf0KuhfUtDTZgccBWQ9nUL0WhWOjCWnqSR/LbTOwnMMkxCCtgA4ER
zx0ae5l8jd6BeEms/847ZD14GmbBKOj0u5nL3vMrNQ3z06xSYb1rn8gqfHHkR+LG
X29jII4wzPQQJhghP4N/Rc0kFTc60KJXW3X6MK8/nfdX7TD5QgivfX/8cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMI19KGU3f+JRD7dLRf4rudOgUGvMB8GA1UdIwQY
MBaAFNEOOLC3oz7zoW4VQzQCmH1tZ42hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFE0NHNMZWpQdk9oYmhWRE5BS1lmVzFuamFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8zZmEwOWEtZTg3NC00ZjM0LWJmNDUt
MmMwZWRhNzA2NjZhLzEvMFE0NHNMZWpQdk9oYmhWRE5BS1lmVzFuamFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8zZmEwOWEtZTg3NC00ZjM0LWJmNDUtMmMwZWRhNzA2NjZh
LzEvMFE0NHNMZWpQdk9oYmhWRE5BS1lmVzFuamFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVMUpzN8c
uvpKb2gISnfb2eYltlpjnrzDxq5aa6lzTsQlFWiMjnt8sXdtOGfCLlB5XVmJ9M7J
2pNbXO7epVqQS/zWwQxInR5mo9S1MjxAuY9Bpx91r0wxJC3udo5sO6T24bcsBFp6
EVMmMKm7ttJSHd/XoT4BnLBLZ1Z8iuU53la6xNUjguNd3I8gc9yZBmudFYuP27X0
dugv+UsbUZDvmjZx7D3zW+3WOemUdrmWlFEtae+3hcQHhU6Nf+zkKSGiwbVaDisc
5thr88zpVW67I4uPZfAPyRs9IYAV8HxZLx7uv/ygpfuH6qaAoulPtWV66se5Raud
dS3qjq94HiQL2g==
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:24:13 2025 by rpki-client