Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
File: ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft (raw, json)
Hash identifier: CPT0OghDdSvu3gtM+0Ox9jCOsNQP0VZwgSnCu13KwzM=
Subject key identifier: 36:D4:00:71:1F:7B:6C:5B:A0:E3:6B:6D:5D:45:28:06:6B:BA:CA:20
Authority key identifier: 64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
Certificate issuer: /CN=64daba15d1d366cb53095412d06490e23498e170
Certificate serial: 01965726306152D19376F48543465F747D37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
Manifest number: 14FD
Signing time: Mon 21 Apr 2025 07:00:42 +0000
Manifest this update: Mon 21 Apr 2025 07:00:42 +0000
Manifest next update: Tue 22 Apr 2025 07:00:42 +0000
Files and hashes: 1: 7vdGx51ck_YIgYpkt1SPNVfsVKE.roa (hash: Nw+uAqY1I65YKmQSbXqROB23bDhd2atga2x/5hREPHM=)
2: ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl (hash: lAbN6AwiZnJHbhcBOQe7Fod+3Ja++7WPFozMz1XlCI4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:26:30:61:52:d1:93:76:f4:85:43:46:5f:74:7d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64daba15d1d366cb53095412d06490e23498e170
Validity
Not Before: Apr 21 07:00:42 2025 GMT
Not After : Apr 22 07:00:42 2025 GMT
Subject: CN=36d400711f7b6c5ba0e36b6d5d4528066bbaca20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d9:9b:ff:f3:7c:89:d7:2d:8b:9e:c1:95:3d:
ac:57:21:7e:f4:69:ef:af:51:30:8c:69:c4:4b:52:
a2:af:a9:24:96:53:e9:94:c0:4a:3c:65:92:76:cc:
09:07:6c:89:dc:d5:5c:ea:70:47:28:6a:a0:d7:d2:
29:5c:7c:83:50:53:d0:e6:9a:0b:f1:39:f9:5c:48:
50:d1:38:13:dd:3c:e5:99:ea:74:d7:a6:a6:90:90:
f6:1c:a6:b1:af:b2:f0:28:39:7a:91:f3:91:f3:a9:
7f:e5:82:30:19:63:7d:fe:ef:46:d5:df:b7:d4:f4:
7d:b3:c8:97:c2:c4:ef:3d:5e:50:36:01:1b:0f:25:
ba:8a:d5:3a:64:91:12:be:cf:06:be:8b:76:24:aa:
1a:b2:d6:4c:38:af:f2:84:d2:aa:a1:a3:a7:90:40:
57:fe:ab:53:12:c7:89:b6:8d:78:e4:0f:43:87:3e:
71:a9:11:93:2a:70:3c:de:19:50:b7:b7:62:a9:f9:
3b:a6:65:92:16:60:73:b3:1c:dc:df:d6:58:84:4b:
64:1f:f0:e4:30:c3:79:b7:8c:55:37:96:a2:a9:97:
04:c0:e0:81:00:14:9e:55:75:f9:73:ec:b7:9c:c2:
1d:0d:8d:88:c4:29:65:84:9e:3f:a0:8c:72:bc:28:
8e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D4:00:71:1F:7B:6C:5B:A0:E3:6B:6D:5D:45:28:06:6B:BA:CA:20
X509v3 Authority Key Identifier:
keyid:64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:c6:00:fc:72:27:4e:85:3f:d7:8b:68:48:fb:b6:7a:6a:57:
23:8e:6a:8d:34:ee:32:b1:71:47:8f:d3:5e:0d:2f:ae:04:03:
71:af:ae:43:d4:aa:64:57:cf:f5:3c:92:2e:c0:5e:44:b5:9b:
9f:2f:e3:84:bc:19:8e:ea:18:32:ff:a6:5b:5e:60:78:d7:7c:
da:bd:1b:73:be:10:82:e8:4a:bd:be:7f:47:68:f4:2a:f3:05:
83:4d:51:fb:38:39:04:1e:ad:45:d0:de:dc:6f:7b:5e:5d:bc:
4d:ad:4d:30:ff:45:40:1c:30:c6:3c:9f:85:37:3a:e7:95:f7:
99:4a:fb:7b:99:05:b6:79:ef:a8:bb:6d:20:8d:cc:b5:dc:4b:
ae:58:d4:b7:5d:22:d3:c2:fd:6e:e5:cc:86:0c:bc:ec:41:e6:
79:86:e1:3b:f7:d8:29:61:0e:df:b7:fe:fe:5e:d2:1a:a1:e2:
60:96:42:10:d7:2f:bb:28:0a:c1:3b:98:40:4b:2b:a7:93:f9:
00:9b:0a:d6:2b:6c:46:f9:8c:a6:e4:dd:31:af:52:ca:58:82:
2b:df:8b:9e:36:8b:83:fb:aa:fb:6e:f9:94:94:97:79:31:84:
73:dd:cb:1e:3e:e5:b5:a5:ae:32:f0:c7:c6:84:67:10:d5:16:
de:fb:ff:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJjBhUtGTdvSFQ0ZfdH03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFiYTE1ZDFkMzY2Y2I1MzA5NTQxMmQwNjQ5MGUyMzQ5
OGUxNzAwHhcNMjUwNDIxMDcwMDQyWhcNMjUwNDIyMDcwMDQyWjAzMTEwLwYDVQQD
EygzNmQ0MDA3MTFmN2I2YzViYTBlMzZiNmQ1ZDQ1MjgwNjZiYmFjYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNmb//N8idcti57BlT2sVyF+9Gnv
r1EwjGnES1Kir6kkllPplMBKPGWSdswJB2yJ3NVc6nBHKGqg19IpXHyDUFPQ5poL
8Tn5XEhQ0TgT3Tzlmep016amkJD2HKaxr7LwKDl6kfOR86l/5YIwGWN9/u9G1d+3
1PR9s8iXwsTvPV5QNgEbDyW6itU6ZJESvs8Gvot2JKoastZMOK/yhNKqoaOnkEBX
/qtTEseJto145A9Dhz5xqRGTKnA83hlQt7diqfk7pmWSFmBzsxzc39ZYhEtkH/Dk
MMN5t4xVN5aiqZcEwOCBABSeVXX5c+y3nMIdDY2IxCllhJ4/oIxyvCiOQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbUAHEfe2xboONrbV1FKAZrusogMB8GA1UdIwQY
MBaAFGTauhXR02bLUwlUEtBkkOI0mOFwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2Et
YTk0ZGQ4Y2NhZjlmLzEvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2EtYTk0ZGQ4Y2NhZjlm
LzEvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQcYA/HIn
ToU/14toSPu2empXI45qjTTuMrFxR4/TXg0vrgQDca+uQ9SqZFfP9TySLsBeRLWb
ny/jhLwZjuoYMv+mW15geNd82r0bc74QguhKvb5/R2j0KvMFg01R+zg5BB6tRdDe
3G97Xl28Ta1NMP9FQBwwxjyfhTc655X3mUr7e5kFtnnvqLttII3MtdxLrljUt10i
08L9buXMhgy87EHmeYbhO/fYKWEO37f+/l7SGqHiYJZCENcvuygKwTuYQEsrp5P5
AJsK1itsRvmMpuTdMa9SyliCK9+LnjaLg/uq+275lJSXeTGEc93LHj7ltaWuMvDH
xoRnENUW3vv/9w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:37:54 2025 by rpki-client