Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File: shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier: tCImMQEguTUV1KstY0A6dfGCvPuO/aPc4J/gB750j48=
Subject key identifier: 78:8A:78:EB:66:F7:74:CD:D9:D7:74:3C:DC:8B:6B:AE:60:8F:51:FB
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer: /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial: 019655A5D37B65CCF0CBEB77844D61139DA2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number: 14FD
Signing time: Mon 21 Apr 2025 00:00:52 +0000
Manifest this update: Mon 21 Apr 2025 00:00:52 +0000
Manifest next update: Tue 22 Apr 2025 00:00:52 +0000
Files and hashes: 1: P2sE-3tUICXx7cfC0favLdtRCZ0.roa (hash: ayIaE8Pk074Tx7I6FVVUWCPvr0NKwOuaUa8Xe24IzDg=)
2: eGoVDFCAKRgMU7yFCgUyj1lHOYk.roa (hash: i9IHtchSCoTvu2jWZ+d1LDgXIzrS7PbiIZtxvaQvRRk=)
3: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: kOipLqJIFlH4UsMVXHETwP+5atDeMqiKnwWus5OaMkA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 00:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:a5:d3:7b:65:cc:f0:cb:eb:77:84:4d:61:13:9d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
Validity
Not Before: Apr 21 00:00:52 2025 GMT
Not After : Apr 22 00:00:52 2025 GMT
Subject: CN=788a78eb66f774cdd9d7743cdc8b6bae608f51fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a3:1a:31:b6:cf:0e:af:48:af:85:9b:e9:28:
2a:23:42:7e:ed:3f:f7:bb:bc:f9:0f:83:c8:38:74:
e4:96:70:88:f7:e6:a9:7b:d2:93:11:0d:b2:e2:29:
94:17:40:93:51:ac:d3:b2:0d:67:f7:4b:3d:0f:0e:
9d:81:60:6c:d6:6d:58:b7:d4:14:ca:cb:ec:1f:cc:
2d:19:8b:4d:61:c6:3b:aa:c2:ff:f7:ba:9a:42:fd:
f6:e9:be:78:79:dd:8a:3d:5b:5c:09:11:1b:2b:64:
55:91:0b:6a:e6:51:23:88:4d:20:f9:ea:03:b1:4a:
3d:fe:c8:54:d2:0e:4a:c7:4c:9a:27:0d:41:0a:2f:
de:5a:5a:d6:e4:99:e0:a9:97:e4:37:57:95:f5:03:
56:3d:7b:e0:1d:7c:7f:f3:95:d2:73:aa:f3:fa:32:
ed:14:90:67:60:37:7b:88:b6:fc:8c:15:22:7d:8c:
18:b9:c7:e9:77:4c:7d:aa:9c:a9:d9:73:97:8c:03:
26:3e:17:a5:2c:b2:e7:81:ec:ee:c9:27:00:b9:1b:
70:b6:9c:cd:fd:6d:14:00:e7:3c:7b:fa:b7:96:7e:
58:2c:eb:7f:b2:f5:6f:16:d5:fc:fe:88:e3:70:01:
44:fb:5c:39:7f:da:ba:da:eb:09:34:52:51:6d:4d:
63:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8A:78:EB:66:F7:74:CD:D9:D7:74:3C:DC:8B:6B:AE:60:8F:51:FB
X509v3 Authority Key Identifier:
keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:66:e8:4a:17:85:b3:77:d5:c2:f8:60:d0:5d:06:8b:7b:15:
93:ed:af:3b:6d:1d:58:99:4d:59:72:0a:cd:28:55:b7:c3:00:
4e:d3:0e:ec:23:68:b2:51:2e:88:de:35:9b:b5:cc:85:a9:d1:
29:37:03:23:80:c9:58:e3:3d:b7:25:93:3c:c0:02:82:50:6f:
bb:59:5a:1f:1e:97:f2:3c:12:b9:92:49:58:8c:ab:37:7e:5b:
f7:39:a1:85:05:09:2c:2b:75:45:fe:f6:bb:9d:85:ca:b9:02:
11:fa:c5:71:00:1a:bb:61:5d:61:7b:bd:aa:dd:2e:ed:06:2f:
73:ed:3d:0d:f6:00:27:75:ae:a0:99:58:b6:63:a7:5e:6b:71:
d1:37:83:bf:9a:2b:80:c8:fd:57:4f:ad:9d:d0:a6:b5:7d:12:
58:c6:ba:df:bf:a2:0f:0a:39:81:a5:cd:ab:3f:88:5c:45:bf:
a3:de:8a:31:d0:d0:b4:99:5d:1c:ee:ee:99:7e:52:44:e2:51:
f2:f4:69:71:79:b6:50:6b:c8:dc:d9:e7:0f:78:33:cb:fb:5f:
4c:84:6a:52:bb:49:e7:5b:e4:41:4d:73:2c:db:4d:ad:56:13:
3d:c7:d7:98:af:89:78:86:28:65:f1:05:64:7f:27:1f:a8:1d:
ca:3c:2c:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpdN7Zczwy+t3hE1hE52iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjUwNDIxMDAwMDUyWhcNMjUwNDIyMDAwMDUyWjAzMTEwLwYDVQQD
Eyg3ODhhNzhlYjY2Zjc3NGNkZDlkNzc0M2NkYzhiNmJhZTYwOGY1MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6MaMbbPDq9Ir4Wb6SgqI0J+7T/3
u7z5D4PIOHTklnCI9+ape9KTEQ2y4imUF0CTUazTsg1n90s9Dw6dgWBs1m1Yt9QU
ysvsH8wtGYtNYcY7qsL/97qaQv326b54ed2KPVtcCREbK2RVkQtq5lEjiE0g+eoD
sUo9/shU0g5Kx0yaJw1BCi/eWlrW5JngqZfkN1eV9QNWPXvgHXx/85XSc6rz+jLt
FJBnYDd7iLb8jBUifYwYucfpd0x9qpyp2XOXjAMmPhelLLLngezuyScAuRtwtpzN
/W0UAOc8e/q3ln5YLOt/svVvFtX8/ojjcAFE+1w5f9q62usJNFJRbU1jSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiKeOtm93TN2dd0PNyLa65gj1H7MB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArmboSheF
s3fVwvhg0F0Gi3sVk+2vO20dWJlNWXIKzShVt8MATtMO7CNoslEuiN41m7XMhanR
KTcDI4DJWOM9tyWTPMACglBvu1laHx6X8jwSuZJJWIyrN35b9zmhhQUJLCt1Rf72
u52FyrkCEfrFcQAau2FdYXu9qt0u7QYvc+09DfYAJ3WuoJlYtmOnXmtx0TeDv5or
gMj9V0+tndCmtX0SWMa637+iDwo5gaXNqz+IXEW/o96KMdDQtJldHO7umX5SROJR
8vRpcXm2UGvI3NnnD3gzy/tfTIRqUrtJ51vkQU1zLNtNrVYTPcfXmK+JeIYoZfEF
ZH8nH6gdyjwsEw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:06:37 2025 by rpki-client