Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
File: aDCZAOZItlowenhgECv3ixb1XXU.mft (raw, json)
Hash identifier: poUcGptNI7gvJgAzVHChBU5aaD6T7Deqd7vkTDMGX24=
Subject key identifier: 40:F4:9C:26:B8:A0:0B:90:27:2E:62:5B:90:61:40:4F:BF:64:8E:4F
Authority key identifier: 68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
Certificate issuer: /CN=68309900e648b65a307a7860102bf78b16f55d75
Certificate serial: 01965793B70FCC1C34033EAEBE742FB25886
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
Manifest number: 015D
Signing time: Mon 21 Apr 2025 09:00:20 +0000
Manifest this update: Mon 21 Apr 2025 09:00:20 +0000
Manifest next update: Tue 22 Apr 2025 09:00:20 +0000
Files and hashes: 1: MyHgwE9JQ37sKu_CcRwNe642FMI.roa (hash: UWTUq6zuuwDHpYw/C8xNP37TF6tAxhLymuOUDHs6DJk=)
2: aDCZAOZItlowenhgECv3ixb1XXU.crl (hash: 2qfqxcRBh5ZejgVW15laUoK1IKNE6zlj2acFhUrAAfU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:93:b7:0f:cc:1c:34:03:3e:ae:be:74:2f:b2:58:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68309900e648b65a307a7860102bf78b16f55d75
Validity
Not Before: Apr 21 09:00:20 2025 GMT
Not After : Apr 22 09:00:20 2025 GMT
Subject: CN=40f49c26b8a00b90272e625b9061404fbf648e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:ed:fc:5d:f4:35:bc:95:f3:e9:dd:4c:00:
0b:b0:79:12:1c:4f:21:a8:b5:46:65:e6:d6:3d:d8:
a3:04:37:06:79:f1:44:a6:81:10:1f:5c:f2:4d:64:
c1:8a:2e:c0:aa:0e:df:ae:50:45:b4:d8:35:ba:2e:
0c:2e:18:da:1d:04:d5:b0:1f:9e:05:ee:a4:06:3b:
25:4f:89:d1:25:13:53:bb:6b:a7:51:9e:6c:3e:21:
1a:3e:ee:73:e1:68:f0:3c:8b:a4:98:d5:27:8e:0e:
ba:61:13:7f:7e:7d:1f:e6:ac:8f:7e:80:56:5e:51:
fd:04:80:26:62:24:65:df:a4:89:f2:63:ab:e0:0f:
55:ff:4c:d9:42:f2:60:84:39:dd:d3:58:79:9b:ff:
1b:99:cd:e8:52:a0:a8:23:58:3c:f8:e2:66:e4:ea:
42:cd:72:b5:26:d1:16:4c:3d:d6:ac:b1:08:69:a7:
1d:68:95:33:a1:24:ff:36:cf:3a:ac:de:63:d4:36:
a9:20:22:35:1c:19:b8:1c:e3:e4:bb:af:91:93:0e:
e7:43:2d:ae:10:26:76:4b:22:45:6b:78:81:3f:b1:
a6:23:0d:c0:9b:8e:6e:89:5c:35:86:5f:5b:ef:dc:
ae:4d:5e:4e:b3:09:85:94:36:2a:d4:08:ac:b9:e6:
5a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F4:9C:26:B8:A0:0B:90:27:2E:62:5B:90:61:40:4F:BF:64:8E:4F
X509v3 Authority Key Identifier:
keyid:68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:f2:aa:49:84:9e:5b:49:6f:74:de:bd:7c:bf:d9:f9:72:9e:
e5:1c:05:e6:47:e1:ac:12:0d:89:03:80:44:a2:a0:04:fc:a6:
f4:42:65:c4:41:5e:e1:a5:2b:1f:f2:36:09:37:68:74:dc:b6:
89:44:1a:49:9e:d1:60:6f:1b:15:d2:ea:68:47:f9:b3:45:9e:
ac:a8:63:09:10:31:6b:6b:dc:d5:6c:ef:f0:3d:32:fd:bd:2b:
ef:e1:fa:78:9e:43:65:68:fc:a5:f1:e8:ed:64:1b:c3:5b:2a:
45:a5:5b:97:6b:db:ac:70:b3:1b:85:e3:70:73:85:32:0e:67:
b5:43:09:a3:78:2c:cd:55:ae:9c:2e:44:f8:19:a7:e9:e2:69:
e9:21:85:7f:13:39:09:b2:54:82:4f:3c:e1:d3:ff:2d:ce:dc:
10:b3:1d:11:d8:bc:61:c0:d0:68:a8:ed:6b:53:4a:8f:f8:e4:
90:61:97:21:37:01:73:f1:29:fa:69:a2:7c:bd:b5:84:b0:e6:
ed:ca:fd:bf:d6:69:95:13:03:61:cd:5d:a5:2c:a6:20:cc:0a:
2e:6f:80:ed:28:86:7e:c4:04:65:d2:02:b0:f2:ac:f5:6d:97:
8a:dd:7d:f7:8d:7f:47:e7:72:a9:7e:1c:cb:c7:3d:1b:e4:72:
61:ba:2e:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk7cPzBw0Az6uvnQvsliGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzA5OTAwZTY0OGI2NWEzMDdhNzg2MDEwMmJmNzhiMTZm
NTVkNzUwHhcNMjUwNDIxMDkwMDIwWhcNMjUwNDIyMDkwMDIwWjAzMTEwLwYDVQQD
Eyg0MGY0OWMyNmI4YTAwYjkwMjcyZTYyNWI5MDYxNDA0ZmJmNjQ4ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkrt/F30NbyV8+ndTAALsHkSHE8h
qLVGZebWPdijBDcGefFEpoEQH1zyTWTBii7Aqg7frlBFtNg1ui4MLhjaHQTVsB+e
Be6kBjslT4nRJRNTu2unUZ5sPiEaPu5z4WjwPIukmNUnjg66YRN/fn0f5qyPfoBW
XlH9BIAmYiRl36SJ8mOr4A9V/0zZQvJghDnd01h5m/8bmc3oUqCoI1g8+OJm5OpC
zXK1JtEWTD3WrLEIaacdaJUzoST/Ns86rN5j1DapICI1HBm4HOPku6+Rkw7nQy2u
ECZ2SyJFa3iBP7GmIw3Am45uiVw1hl9b79yuTV5OswmFlDYq1AisueZaHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFED0nCa4oAuQJy5iW5BhQE+/ZI5PMB8GA1UdIwQY
MBaAFGgwmQDmSLZaMHp4YBAr94sW9V11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYt
OWZhNzgwNzUzMzBiLzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYtOWZhNzgwNzUzMzBi
LzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhPKqSYSe
W0lvdN69fL/Z+XKe5RwF5kfhrBINiQOARKKgBPym9EJlxEFe4aUrH/I2CTdodNy2
iUQaSZ7RYG8bFdLqaEf5s0WerKhjCRAxa2vc1Wzv8D0y/b0r7+H6eJ5DZWj8pfHo
7WQbw1sqRaVbl2vbrHCzG4XjcHOFMg5ntUMJo3gszVWunC5E+Bmn6eJp6SGFfxM5
CbJUgk884dP/Lc7cELMdEdi8YcDQaKjta1NKj/jkkGGXITcBc/Ep+mmifL21hLDm
7cr9v9ZplRMDYc1dpSymIMwKLm+A7SiGfsQEZdICsPKs9W2Xit19941/R+dyqX4c
y8c9G+RyYbou5w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:43:17 2025 by rpki-client