Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft
File: bwXPdx2ZkucP9nQOayBiDOUtDYs.mft (raw, json)
Hash identifier: 28RWnt0axoY7yePoKBjJ1I+/yT3Wkc5IZ7NnUc9FS6s=
Subject key identifier: C4:3C:51:21:B7:35:91:C6:8C:A1:8A:78:5E:F4:BC:3A:2F:AF:36:81
Authority key identifier: 6F:05:CF:77:1D:99:92:E7:0F:F6:74:0E:6B:20:62:0C:E5:2D:0D:8B
Certificate issuer: /CN=6f05cf771d9992e70ff6740e6b20620ce52d0d8b
Certificate serial: 01965726FD6EF1359F60D102ACCF00AA6613
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bwXPdx2ZkucP9nQOayBiDOUtDYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft
Manifest number: 0A9E
Signing time: Mon 21 Apr 2025 07:01:35 +0000
Manifest this update: Mon 21 Apr 2025 07:01:35 +0000
Manifest next update: Tue 22 Apr 2025 07:01:35 +0000
Files and hashes: 1: bwXPdx2ZkucP9nQOayBiDOUtDYs.crl (hash: C9HPQeXGcqT0SuM5EAWISO/gRgLqo/8DUvEHe0yVBk4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/bwXPdx2ZkucP9nQOayBiDOUtDYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:26:fd:6e:f1:35:9f:60:d1:02:ac:cf:00:aa:66:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f05cf771d9992e70ff6740e6b20620ce52d0d8b
Validity
Not Before: Apr 21 07:01:35 2025 GMT
Not After : Apr 22 07:01:35 2025 GMT
Subject: CN=c43c5121b73591c68ca18a785ef4bc3a2faf3681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:df:c3:e9:09:be:64:b5:55:62:d5:c6:73:
8e:a4:a1:52:ea:69:4e:3c:86:e7:4d:40:ea:0d:50:
db:d3:02:40:ba:70:79:8a:91:04:29:28:3f:71:49:
f0:d7:38:5a:cd:56:61:81:19:6f:43:7e:57:d6:a7:
91:00:ae:5b:3e:76:0a:ed:38:67:9e:6a:37:2e:e4:
41:56:a8:49:0c:f6:a0:22:5a:e4:af:2c:0a:07:1f:
fa:19:b4:6f:f9:08:b8:01:94:e9:80:a4:5f:91:d6:
bf:aa:59:7d:ab:e3:37:58:9d:16:5a:9d:34:0d:2a:
92:5b:1a:33:3b:66:b3:ce:c0:97:86:65:19:f1:35:
d1:c7:a4:0d:64:c9:3b:30:41:b9:fb:92:b3:72:15:
9d:47:33:fd:42:c8:f3:14:fc:b4:19:73:73:c3:cd:
1b:60:10:22:a2:7c:b4:c6:66:7c:6e:31:43:05:ff:
d3:b5:0b:5a:27:47:60:23:65:63:86:23:2f:e7:37:
cb:94:2c:cb:1a:4a:ba:6e:23:d0:b9:23:c3:45:89:
aa:81:0d:03:a6:46:da:60:f3:d6:56:f6:5d:1f:25:
fe:e7:d2:74:54:c7:aa:a0:bc:e6:50:a2:b8:a3:66:
06:ba:79:45:a1:74:f2:7d:c7:c3:52:49:4a:49:fa:
a0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3C:51:21:B7:35:91:C6:8C:A1:8A:78:5E:F4:BC:3A:2F:AF:36:81
X509v3 Authority Key Identifier:
keyid:6F:05:CF:77:1D:99:92:E7:0F:F6:74:0E:6B:20:62:0C:E5:2D:0D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwXPdx2ZkucP9nQOayBiDOUtDYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:c1:94:cb:2e:a6:fa:a0:12:27:42:4a:97:da:22:2c:bb:fc:
28:f2:2e:27:d9:e2:10:ac:6c:c7:9a:d1:c0:f8:a8:11:ff:90:
9a:33:6f:78:42:78:cd:82:eb:7d:4a:a6:f7:8b:8a:08:12:1f:
06:9b:97:76:07:16:3b:40:9c:16:3c:37:3d:03:8c:2d:e4:63:
2c:e4:64:b3:8e:e8:f7:1f:e0:7e:7a:a7:2d:1f:9a:a1:c1:47:
a0:2c:f7:17:09:89:80:a3:e8:0e:9b:7b:9b:b9:dd:37:07:26:
23:05:be:bc:7a:e4:8f:9a:f9:9a:06:80:f9:f6:30:a5:a2:9a:
d5:5b:89:06:2b:46:76:21:2e:27:54:d4:87:2e:e1:8b:0d:5e:
34:6d:b8:1d:0d:91:e0:cd:5f:20:0e:65:1e:6a:b9:d5:e5:aa:
b5:c7:81:45:02:f7:0d:54:e5:12:c9:6c:e3:ae:69:9c:80:d3:
71:14:85:bc:26:90:aa:24:78:26:7c:b6:c1:26:a8:2c:ed:1c:
ac:73:07:12:3d:3a:db:3e:02:57:b6:b2:16:71:66:ab:38:25:
53:74:af:4d:b1:77:24:d1:40:dc:78:56:e1:41:f4:1e:eb:df:
ae:01:a2:17:71:4f:1d:4b:83:5c:16:88:4e:a0:d2:a6:df:bf:
12:c4:da:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJv1u8TWfYNECrM8AqmYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMDVjZjc3MWQ5OTkyZTcwZmY2NzQwZTZiMjA2MjBjZTUy
ZDBkOGIwHhcNMjUwNDIxMDcwMTM1WhcNMjUwNDIyMDcwMTM1WjAzMTEwLwYDVQQD
EyhjNDNjNTEyMWI3MzU5MWM2OGNhMThhNzg1ZWY0YmMzYTJmYWYzNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzrfw+kJvmS1VWLVxnOOpKFS6mlO
PIbnTUDqDVDb0wJAunB5ipEEKSg/cUnw1zhazVZhgRlvQ35X1qeRAK5bPnYK7Thn
nmo3LuRBVqhJDPagIlrkrywKBx/6GbRv+Qi4AZTpgKRfkda/qll9q+M3WJ0WWp00
DSqSWxozO2azzsCXhmUZ8TXRx6QNZMk7MEG5+5KzchWdRzP9QsjzFPy0GXNzw80b
YBAiony0xmZ8bjFDBf/TtQtaJ0dgI2VjhiMv5zfLlCzLGkq6biPQuSPDRYmqgQ0D
pkbaYPPWVvZdHyX+59J0VMeqoLzmUKK4o2YGunlFoXTyfcfDUklKSfqg+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQ8USG3NZHGjKGKeF70vDovrzaBMB8GA1UdIwQY
MBaAFG8Fz3cdmZLnD/Z0DmsgYgzlLQ2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndYUGR4MlprdWNQOW5RT2F5QmlET1V0RFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hMjM0MDQtZjIxOS00OWY1LWJmMzMt
MjQ1NjUwZjg0MmQ1LzEvYndYUGR4MlprdWNQOW5RT2F5QmlET1V0RFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hMjM0MDQtZjIxOS00OWY1LWJmMzMtMjQ1NjUwZjg0MmQ1
LzEvYndYUGR4MlprdWNQOW5RT2F5QmlET1V0RFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMsGUyy6m
+qASJ0JKl9oiLLv8KPIuJ9niEKxsx5rRwPioEf+QmjNveEJ4zYLrfUqm94uKCBIf
BpuXdgcWO0CcFjw3PQOMLeRjLORks47o9x/gfnqnLR+aocFHoCz3FwmJgKPoDpt7
m7ndNwcmIwW+vHrkj5r5mgaA+fYwpaKa1VuJBitGdiEuJ1TUhy7hiw1eNG24HQ2R
4M1fIA5lHmq51eWqtceBRQL3DVTlEsls465pnIDTcRSFvCaQqiR4Jny2wSaoLO0c
rHMHEj062z4CV7ayFnFmqzglU3SvTbF3JNFA3HhW4UH0HuvfrgGiF3FPHUuDXBaI
TqDSpt+/EsTaMg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:43:23 2025 by rpki-client