Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.mft
File: rgQQbzAsAHfpC2Z2LrsiLmEbM90.mft (raw, json)
Hash identifier: 6zgggxRMybpsh6OCEvAQTt36gghnBaVxhmYoYlWExV8=
Subject key identifier: 59:87:AB:37:BF:49:8A:84:37:0C:E5:54:BC:3F:23:74:2C:B5:67:82
Authority key identifier: AE:04:10:6F:30:2C:00:77:E9:0B:66:76:2E:BB:22:2E:61:1B:33:DD
Certificate issuer: /CN=ae04106f302c0077e90b66762ebb222e611b33dd
Certificate serial: 019655DCD7DF5D284145A41797D90766061E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgQQbzAsAHfpC2Z2LrsiLmEbM90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.mft
Manifest number: 0431
Signing time: Mon 21 Apr 2025 01:00:58 +0000
Manifest this update: Mon 21 Apr 2025 01:00:58 +0000
Manifest next update: Tue 22 Apr 2025 01:00:58 +0000
Files and hashes: 1: GOFFPgaA_FNPo8jH9LLALXPdKRA.roa (hash: JZqDVZ5TyXAW6arfyTRJvqhjtcPlVF0bW1jBuVqcZ2U=)
2: rgQQbzAsAHfpC2Z2LrsiLmEbM90.crl (hash: UqfW8Y/knAb+DrLk9beOGZZfo9oXixgO6M0rbDA8PaY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.mft
rsync://rpki.ripe.net/repository/DEFAULT/rgQQbzAsAHfpC2Z2LrsiLmEbM90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:dc:d7:df:5d:28:41:45:a4:17:97:d9:07:66:06:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae04106f302c0077e90b66762ebb222e611b33dd
Validity
Not Before: Apr 21 01:00:58 2025 GMT
Not After : Apr 22 01:00:58 2025 GMT
Subject: CN=5987ab37bf498a84370ce554bc3f23742cb56782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:08:89:80:05:8e:42:33:2a:68:e0:e5:f8:4c:
10:90:72:94:1a:8d:92:fd:00:96:01:94:3d:6f:df:
70:6c:a4:92:70:9b:e3:2e:bd:a4:ee:7f:cd:67:d4:
22:e3:41:f0:89:d0:4e:e7:a1:9c:c6:d0:37:8b:77:
0e:6d:e0:3c:fa:ef:e2:4c:c5:3c:1f:19:97:42:5e:
f3:bf:f2:57:ed:72:9a:c4:70:ad:f3:6a:1d:61:3a:
a6:9f:b1:51:9d:7b:e8:6f:7e:9c:a1:1f:7d:60:24:
30:d7:b6:6a:64:38:ff:20:ee:3f:19:45:1b:c3:f1:
5d:ac:aa:27:be:e1:3e:07:ae:8e:d8:2c:0d:ca:9d:
d3:ab:d4:ae:3b:03:98:ec:9e:bb:cc:84:b0:33:77:
c6:b2:f4:da:33:39:85:4e:75:63:ac:86:95:d1:e3:
93:96:c5:45:6c:0f:b4:2a:b2:0f:77:31:c6:d9:9e:
27:0b:20:e9:9a:d4:83:b6:a9:17:7e:a2:9d:3e:07:
85:c9:5b:ad:1b:34:2b:f7:95:54:a2:94:56:cc:7c:
7a:90:39:79:97:cd:0c:c4:67:de:79:9d:0d:8c:f3:
77:f8:24:6f:74:23:f6:bc:79:ec:0e:e7:8d:cc:76:
39:3a:5f:cc:a7:1c:36:b6:d2:b4:4a:fb:e2:11:47:
7e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:87:AB:37:BF:49:8A:84:37:0C:E5:54:BC:3F:23:74:2C:B5:67:82
X509v3 Authority Key Identifier:
keyid:AE:04:10:6F:30:2C:00:77:E9:0B:66:76:2E:BB:22:2E:61:1B:33:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgQQbzAsAHfpC2Z2LrsiLmEbM90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:dd:cf:c3:1b:0a:0c:0a:e2:40:c0:b7:66:f0:9f:b6:86:38:
bf:69:23:aa:e5:c3:53:c4:fc:35:28:70:71:6b:22:66:f8:cb:
a1:39:32:9a:a9:ed:e2:37:52:0b:15:cc:82:cc:ec:14:86:6d:
bf:3f:7e:ae:50:8b:4e:db:c0:1b:be:f8:22:42:81:dc:e0:a6:
75:c1:a0:76:09:92:b9:d3:9e:14:ce:9a:b8:a3:d7:4d:c2:96:
72:d1:5b:36:fa:fd:2a:e6:30:8d:9b:fe:68:d9:2f:e6:ac:1e:
55:bf:e3:73:e2:53:1a:37:26:a8:58:ed:d3:4c:88:61:2c:38:
e7:40:d1:be:48:56:4e:82:24:42:8b:57:c4:4b:4e:7d:c7:f3:
45:69:7b:84:e0:2a:9a:37:f3:6d:85:3f:3f:f6:3d:d8:fd:e7:
7b:83:23:4b:1f:dc:ba:23:b9:9a:50:16:c7:42:62:53:ae:da:
96:17:8d:f5:cf:60:96:a4:3f:76:ab:cd:48:10:2a:d0:e9:35:
2c:85:f2:b4:5f:8b:d6:be:9c:3f:f6:41:88:4c:cb:68:0d:44:
ad:76:9e:41:a1:91:9a:37:17:81:95:8b:75:16:52:1c:d1:4d:
c6:18:de:db:dc:57:2e:e3:9e:c5:63:37:a3:3a:3c:9c:46:25:
95:cb:9b:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3NffXShBRaQXl9kHZgYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMDQxMDZmMzAyYzAwNzdlOTBiNjY3NjJlYmIyMjJlNjEx
YjMzZGQwHhcNMjUwNDIxMDEwMDU4WhcNMjUwNDIyMDEwMDU4WjAzMTEwLwYDVQQD
Eyg1OTg3YWIzN2JmNDk4YTg0MzcwY2U1NTRiYzNmMjM3NDJjYjU2NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAiJgAWOQjMqaODl+EwQkHKUGo2S
/QCWAZQ9b99wbKSScJvjLr2k7n/NZ9Qi40HwidBO56GcxtA3i3cObeA8+u/iTMU8
HxmXQl7zv/JX7XKaxHCt82odYTqmn7FRnXvob36coR99YCQw17ZqZDj/IO4/GUUb
w/FdrKonvuE+B66O2CwNyp3Tq9SuOwOY7J67zISwM3fGsvTaMzmFTnVjrIaV0eOT
lsVFbA+0KrIPdzHG2Z4nCyDpmtSDtqkXfqKdPgeFyVutGzQr95VUopRWzHx6kDl5
l80MxGfeeZ0NjPN3+CRvdCP2vHnsDueNzHY5Ol/Mpxw2ttK0SvviEUd+OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmHqze/SYqENwzlVLw/I3QstWeCMB8GA1UdIwQY
MBaAFK4EEG8wLAB36Qtmdi67Ii5hGzPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmdRUWJ6QXNBSGZwQzJaMkxyc2lMbUViTTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9iOTA3MjktODNkMi00YzE4LTgwNjMt
MTFmZTI3ZDhlMTcwLzEvcmdRUWJ6QXNBSGZwQzJaMkxyc2lMbUViTTkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9iOTA3MjktODNkMi00YzE4LTgwNjMtMTFmZTI3ZDhlMTcw
LzEvcmdRUWJ6QXNBSGZwQzJaMkxyc2lMbUViTTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxN3PwxsK
DAriQMC3ZvCftoY4v2kjquXDU8T8NShwcWsiZvjLoTkymqnt4jdSCxXMgszsFIZt
vz9+rlCLTtvAG774IkKB3OCmdcGgdgmSudOeFM6auKPXTcKWctFbNvr9KuYwjZv+
aNkv5qweVb/jc+JTGjcmqFjt00yIYSw450DRvkhWToIkQotXxEtOfcfzRWl7hOAq
mjfzbYU/P/Y92P3ne4MjSx/cuiO5mlAWx0JiU67alheN9c9glqQ/dqvNSBAq0Ok1
LIXytF+L1r6cP/ZBiEzLaA1ErXaeQaGRmjcXgZWLdRZSHNFNxhje29xXLuOexWM3
ozo8nEYllcubWQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:50:55 2025 by rpki-client