Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
File: i70nOhRTYWFVEmDYSNdvomRGzUY.mft (raw, json)
Hash identifier: DQPjS7ZPD04FILO3v76tN0ibWvPC0xkeCAdsMO109hI=
Subject key identifier: EC:F0:57:E9:7D:34:BC:83:17:20:23:E3:2C:FE:70:35:AD:08:31:E9
Authority key identifier: 8B:BD:27:3A:14:53:61:61:55:12:60:D8:48:D7:6F:A2:64:46:CD:46
Certificate issuer: /CN=8bbd273a14536161551260d848d76fa26446cd46
Certificate serial: 0196594B2E118E67D49841DB69A3EA0DAE2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i70nOhRTYWFVEmDYSNdvomRGzUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
Manifest number: D8
Signing time: Mon 21 Apr 2025 17:00:21 +0000
Manifest this update: Mon 21 Apr 2025 17:00:21 +0000
Manifest next update: Tue 22 Apr 2025 17:00:21 +0000
Files and hashes: 1: i70nOhRTYWFVEmDYSNdvomRGzUY.crl (hash: XwIQ8vpAEF6fxFhej2FkUVJmAKfmLlXppIBxGJG9Y18=)
2: iW3M8w8EnOfRKmq5UL0Jzk_nXrc.roa (hash: vQxUQ/gQ4diOyDGNSgt4mcIRpvqTprh0PY77byZ05KY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/i70nOhRTYWFVEmDYSNdvomRGzUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:4b:2e:11:8e:67:d4:98:41:db:69:a3:ea:0d:ae:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bbd273a14536161551260d848d76fa26446cd46
Validity
Not Before: Apr 21 17:00:21 2025 GMT
Not After : Apr 22 17:00:21 2025 GMT
Subject: CN=ecf057e97d34bc83172023e32cfe7035ad0831e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:25:0c:c6:9a:38:ad:3d:8b:56:ba:18:3c:81:
dc:04:c6:77:44:fc:5e:b7:bb:c0:85:9f:9e:96:5d:
31:60:be:2b:d0:a2:c4:86:5f:81:3d:2a:b2:c1:cc:
0e:4f:11:9a:3f:dd:b4:6d:85:98:c9:44:f3:4c:b6:
1c:c4:55:f4:60:76:53:b8:db:62:ca:6c:e3:81:fe:
c3:ff:23:2c:fc:03:c7:8b:40:94:c6:ea:92:79:49:
be:bc:b3:b8:98:8b:53:51:38:a5:9f:bf:19:8c:39:
4c:16:c0:74:57:0f:6b:4c:89:07:35:43:fa:d9:e4:
06:65:5d:04:2f:80:36:65:9e:94:f4:12:d3:5d:ea:
e7:9d:a6:36:b5:7a:e7:d2:27:84:04:41:40:77:bb:
bb:72:dc:65:b4:10:1b:4a:90:b7:38:81:b9:6b:46:
8e:d7:bb:b3:94:d6:2a:ed:f6:4f:6e:6e:47:7b:ae:
96:a2:0a:af:ce:c5:d5:2d:38:d5:dc:61:0f:38:bd:
7f:ac:74:00:7c:1d:83:45:15:47:fe:d0:6a:2f:13:
68:76:42:29:d3:73:eb:f2:90:dd:d4:76:af:6d:52:
2c:a6:84:b4:86:62:a5:61:c2:20:a3:23:9f:06:ce:
51:09:73:6b:e8:06:b8:b8:ce:47:6d:9f:1f:cf:1d:
22:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F0:57:E9:7D:34:BC:83:17:20:23:E3:2C:FE:70:35:AD:08:31:E9
X509v3 Authority Key Identifier:
keyid:8B:BD:27:3A:14:53:61:61:55:12:60:D8:48:D7:6F:A2:64:46:CD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i70nOhRTYWFVEmDYSNdvomRGzUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a733f6-09ad-4f1a-a357-e162203296bb/1/i70nOhRTYWFVEmDYSNdvomRGzUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:62:df:19:f9:d8:e9:e2:0b:9b:18:fa:c8:4d:61:97:17:3f:
f7:e8:f3:54:2a:1c:f0:21:a3:9c:b0:7b:84:7d:40:0b:16:24:
ff:78:cd:8d:2d:e9:b1:41:c1:08:c7:da:c6:00:db:4a:e8:d7:
ff:24:af:03:2d:60:5c:5c:96:ab:11:53:a1:b2:ae:69:c7:a2:
48:d4:74:a3:1c:af:d8:aa:bf:72:c5:cf:9d:8d:1f:e2:68:76:
f6:f8:50:d2:9a:e7:fc:24:af:b5:f0:c7:fe:6b:11:07:78:3c:
55:f0:b8:02:f4:fa:ed:84:aa:f2:d9:57:11:73:53:a6:2e:cc:
ec:fb:0a:56:67:0b:b7:27:6b:e7:d4:ee:66:73:17:24:13:64:
91:2d:7e:c9:6c:12:9b:30:9f:99:e9:fb:d4:a3:f4:bc:3e:d4:
73:e3:b0:f8:89:54:42:ce:ff:08:4c:c9:32:78:3c:74:5b:16:
3c:80:23:59:10:2c:5a:25:7e:81:5d:a9:b4:b4:ea:28:33:f5:
2a:63:f8:62:d8:f5:38:1f:f9:ff:8c:d3:14:6d:03:2e:b8:ce:
6f:1f:b3:e3:44:71:97:8b:7f:05:3b:78:28:e5:c1:52:63:47:
2d:ee:48:88:50:50:84:6a:ab:be:fa:c3:6e:01:f9:27:0b:e2:
09:c9:70:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZSy4RjmfUmEHbaaPqDa4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYmQyNzNhMTQ1MzYxNjE1NTEyNjBkODQ4ZDc2ZmEyNjQ0
NmNkNDYwHhcNMjUwNDIxMTcwMDIxWhcNMjUwNDIyMTcwMDIxWjAzMTEwLwYDVQQD
EyhlY2YwNTdlOTdkMzRiYzgzMTcyMDIzZTMyY2ZlNzAzNWFkMDgzMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviUMxpo4rT2LVroYPIHcBMZ3RPxe
t7vAhZ+ell0xYL4r0KLEhl+BPSqywcwOTxGaP920bYWYyUTzTLYcxFX0YHZTuNti
ymzjgf7D/yMs/APHi0CUxuqSeUm+vLO4mItTUTiln78ZjDlMFsB0Vw9rTIkHNUP6
2eQGZV0EL4A2ZZ6U9BLTXernnaY2tXrn0ieEBEFAd7u7ctxltBAbSpC3OIG5a0aO
17uzlNYq7fZPbm5He66WogqvzsXVLTjV3GEPOL1/rHQAfB2DRRVH/tBqLxNodkIp
03Pr8pDd1HavbVIspoS0hmKlYcIgoyOfBs5RCXNr6Aa4uM5HbZ8fzx0i+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzwV+l9NLyDFyAj4yz+cDWtCDHpMB8GA1UdIwQY
MBaAFIu9JzoUU2FhVRJg2EjXb6JkRs1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTcwbk9oUlRZV0ZWRW1EWVNOZHZvbVJHelVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hNzMzZjYtMDlhZC00ZjFhLWEzNTct
ZTE2MjIwMzI5NmJiLzEvaTcwbk9oUlRZV0ZWRW1EWVNOZHZvbVJHelVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hNzMzZjYtMDlhZC00ZjFhLWEzNTctZTE2MjIwMzI5NmJi
LzEvaTcwbk9oUlRZV0ZWRW1EWVNOZHZvbVJHelVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemLfGfnY
6eILmxj6yE1hlxc/9+jzVCoc8CGjnLB7hH1ACxYk/3jNjS3psUHBCMfaxgDbSujX
/ySvAy1gXFyWqxFTobKuaceiSNR0oxyv2Kq/csXPnY0f4mh29vhQ0prn/CSvtfDH
/msRB3g8VfC4AvT67YSq8tlXEXNTpi7M7PsKVmcLtydr59TuZnMXJBNkkS1+yWwS
mzCfmen71KP0vD7Uc+Ow+IlUQs7/CEzJMng8dFsWPIAjWRAsWiV+gV2ptLTqKDP1
KmP4Ytj1OB/5/4zTFG0DLrjObx+z40Rxl4t/BTt4KOXBUmNHLe5IiFBQhGqrvvrD
bgH5JwviCclwLA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:05:01 2025 by rpki-client