Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
File: 9b9MGPes3uTH81jdS65egAmF5ww.mft (raw, json)
Hash identifier: GuOSlUjpyr9Q4Uu3UWj2y6qoQyN7FkBTk53gp+LG8KA=
Subject key identifier: B9:1E:BB:DE:D0:CD:E1:50:76:80:89:EE:A8:73:57:7D:32:0A:46:F4
Authority key identifier: F5:BF:4C:18:F7:AC:DE:E4:C7:F3:58:DD:4B:AE:5E:80:09:85:E7:0C
Certificate issuer: /CN=f5bf4c18f7acdee4c7f358dd4bae5e800985e70c
Certificate serial: 01965914E24D59C625B9C6E7D3D133AC6C9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9b9MGPes3uTH81jdS65egAmF5ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
Manifest number: 0567
Signing time: Mon 21 Apr 2025 16:01:02 +0000
Manifest this update: Mon 21 Apr 2025 16:01:02 +0000
Manifest next update: Tue 22 Apr 2025 16:01:02 +0000
Files and hashes: 1: 9b9MGPes3uTH81jdS65egAmF5ww.crl (hash: 62mGQVq66Rf4hC5fAQSpNHReDITvDyXqxUKSnxiwEz0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
rsync://rpki.ripe.net/repository/DEFAULT/9b9MGPes3uTH81jdS65egAmF5ww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:14:e2:4d:59:c6:25:b9:c6:e7:d3:d1:33:ac:6c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5bf4c18f7acdee4c7f358dd4bae5e800985e70c
Validity
Not Before: Apr 21 16:01:02 2025 GMT
Not After : Apr 22 16:01:02 2025 GMT
Subject: CN=b91ebbded0cde150768089eea873577d320a46f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5a:5e:2b:f1:92:f6:77:7f:87:c9:f8:b1:94:
8a:09:de:9c:19:40:d1:f8:38:aa:af:30:22:9f:04:
92:1c:95:48:f8:e9:4e:93:77:11:9f:f9:07:f1:51:
69:1a:d5:c1:74:00:a8:52:18:80:ff:3b:c7:e0:8b:
b4:ba:23:2a:f9:f7:5c:20:d1:88:ba:95:5c:79:24:
03:e9:50:51:de:10:96:15:3f:7f:36:ff:a4:82:a6:
44:62:36:34:1b:ae:56:cc:9f:78:fd:3a:61:d8:f8:
f5:62:9a:bf:0a:6f:ea:29:29:e1:fd:41:4c:0a:b4:
ea:f6:5b:0c:fc:65:31:0f:95:0c:25:8f:99:c6:c6:
ce:bf:05:d4:28:5d:8c:5b:c7:17:98:59:56:00:a2:
a6:ba:e8:6a:15:16:63:ab:52:73:ef:d2:7a:bf:28:
6c:a3:a4:e9:fe:5b:25:41:28:b5:36:db:0e:3c:30:
39:31:76:5c:b3:fd:b6:71:57:6e:42:d3:80:a4:81:
8c:1d:5d:ba:5b:70:1a:4e:4a:0c:ac:de:ee:9b:5a:
c9:4e:f8:7f:43:09:71:5d:f6:24:bc:d7:20:38:ca:
c3:16:93:5b:fd:6c:09:1a:01:9b:93:d5:66:53:00:
f0:8f:54:c7:16:c9:dc:ed:4f:3a:ef:c4:53:25:80:
eb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1E:BB:DE:D0:CD:E1:50:76:80:89:EE:A8:73:57:7D:32:0A:46:F4
X509v3 Authority Key Identifier:
keyid:F5:BF:4C:18:F7:AC:DE:E4:C7:F3:58:DD:4B:AE:5E:80:09:85:E7:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b9MGPes3uTH81jdS65egAmF5ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/f0350a-5d66-4970-9a4c-d2abd3a91c90/1/9b9MGPes3uTH81jdS65egAmF5ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:a2:b8:c0:b8:4b:c5:38:e4:f6:55:06:dd:47:2e:1a:fa:b6:
c5:e3:ef:f5:3d:b7:98:3e:6f:de:b7:8c:95:4b:ae:f3:fb:54:
9f:86:2b:82:14:21:b5:c9:a2:bc:35:51:1c:dd:83:a5:89:52:
cd:42:24:fa:b3:2d:af:49:99:59:5f:24:51:48:cc:fe:a3:bc:
6a:f2:09:8f:37:ca:12:b2:47:70:40:8f:c1:c3:d7:a9:18:33:
65:d4:50:19:5e:74:16:6b:92:bc:49:89:cf:71:50:d1:77:78:
8b:14:2d:57:6b:03:d2:1d:dd:50:7b:a0:99:a8:1a:12:51:95:
5d:0c:b7:bd:a4:65:45:fd:20:d8:d0:b1:61:a8:41:85:b4:2f:
61:1d:bd:01:0e:91:c7:8d:b8:5e:f9:f4:78:73:2d:7b:81:b6:
83:f2:74:29:41:c8:2e:03:c3:bc:13:2c:52:9c:02:b9:31:fd:
d7:6b:c4:4d:6a:e6:d8:1d:ce:fc:24:f2:ad:ff:5a:9b:b3:63:
7e:ea:ed:9d:64:3d:5b:e4:91:8d:45:fb:cc:98:ce:f5:be:6d:
76:84:39:a1:05:c5:e6:1b:75:1f:ed:9b:0f:35:fc:c2:bc:f8:
a4:9a:1f:8b:7a:ea:7f:cb:40:d7:40:42:f9:f8:c7:6b:9b:21:
b9:61:27:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFOJNWcYlucbn09EzrGyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YmY0YzE4ZjdhY2RlZTRjN2YzNThkZDRiYWU1ZTgwMDk4
NWU3MGMwHhcNMjUwNDIxMTYwMTAyWhcNMjUwNDIyMTYwMTAyWjAzMTEwLwYDVQQD
EyhiOTFlYmJkZWQwY2RlMTUwNzY4MDg5ZWVhODczNTc3ZDMyMGE0NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFpeK/GS9nd/h8n4sZSKCd6cGUDR
+DiqrzAinwSSHJVI+OlOk3cRn/kH8VFpGtXBdACoUhiA/zvH4Iu0uiMq+fdcINGI
upVceSQD6VBR3hCWFT9/Nv+kgqZEYjY0G65WzJ94/Tph2Pj1Ypq/Cm/qKSnh/UFM
CrTq9lsM/GUxD5UMJY+ZxsbOvwXUKF2MW8cXmFlWAKKmuuhqFRZjq1Jz79J6vyhs
o6Tp/lslQSi1NtsOPDA5MXZcs/22cVduQtOApIGMHV26W3AaTkoMrN7um1rJTvh/
QwlxXfYkvNcgOMrDFpNb/WwJGgGbk9VmUwDwj1THFsnc7U8678RTJYDrYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkeu97QzeFQdoCJ7qhzV30yCkb0MB8GA1UdIwQY
MBaAFPW/TBj3rN7kx/NY3UuuXoAJhecMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWI5TUdQZXMzdVRIODFqZFM2NWVnQW1GNXd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9mMDM1MGEtNWQ2Ni00OTcwLTlhNGMt
ZDJhYmQzYTkxYzkwLzEvOWI5TUdQZXMzdVRIODFqZFM2NWVnQW1GNXd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9mMDM1MGEtNWQ2Ni00OTcwLTlhNGMtZDJhYmQzYTkxYzkw
LzEvOWI5TUdQZXMzdVRIODFqZFM2NWVnQW1GNXd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp6K4wLhL
xTjk9lUG3UcuGvq2xePv9T23mD5v3reMlUuu8/tUn4YrghQhtcmivDVRHN2DpYlS
zUIk+rMtr0mZWV8kUUjM/qO8avIJjzfKErJHcECPwcPXqRgzZdRQGV50FmuSvEmJ
z3FQ0Xd4ixQtV2sD0h3dUHugmagaElGVXQy3vaRlRf0g2NCxYahBhbQvYR29AQ6R
x424Xvn0eHMte4G2g/J0KUHILgPDvBMsUpwCuTH912vETWrm2B3O/CTyrf9am7Nj
furtnWQ9W+SRjUX7zJjO9b5tdoQ5oQXF5ht1H+2bDzX8wrz4pJofi3rqf8tA10BC
+fjHa5shuWEnCQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:02:05 2025 by rpki-client