Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json)
Hash identifier: iDAmX8KeeKgqa3L1PAqqw1AMt1LWTk5oE9GdWzItjZI=
Subject key identifier: 98:B7:E6:AC:BA:3A:53:BF:3D:F7:4B:BD:FF:03:70:BC:32:0A:43:C4
Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc
Certificate serial: 0196575D2831193B47201BF304AE5C8916FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
Manifest number: 0F99
Signing time: Mon 21 Apr 2025 08:00:44 +0000
Manifest this update: Mon 21 Apr 2025 08:00:44 +0000
Manifest next update: Tue 22 Apr 2025 08:00:44 +0000
Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: 8I9nslzPgpRh2jiQFqiJ7f0dZNxkMViA6rctVYsqAGM=)
2: V06h50tDruiBUg9uiKF_DSq52w8.roa (hash: A6FA8GQqXA3RMWxT5r25HFVTJrUQ2PZEYKc6YcmeWfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:5d:28:31:19:3b:47:20:1b:f3:04:ae:5c:89:16:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc
Validity
Not Before: Apr 21 08:00:44 2025 GMT
Not After : Apr 22 08:00:44 2025 GMT
Subject: CN=98b7e6acba3a53bf3df74bbdff0370bc320a43c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5e:13:b6:58:a8:46:39:8b:7f:b8:53:94:20:
3b:1c:a8:92:3e:29:73:2c:7b:2b:c6:7a:d0:98:2b:
9f:4b:c8:4b:b3:12:c9:e4:f2:54:b6:b4:79:8c:e9:
79:ad:76:98:85:f7:94:f6:d0:6b:98:a8:bc:7f:d8:
e8:42:c0:a1:5b:79:4c:97:f2:af:ab:d8:43:a0:32:
14:94:e5:50:6d:f5:f2:97:cc:21:d9:0e:a8:3b:a1:
8b:ed:b6:49:bf:ff:4b:ee:81:82:3c:a3:41:f7:11:
18:96:f8:77:46:a8:14:ef:4b:61:6b:fa:be:19:29:
23:c7:7b:f7:6c:26:41:e0:c2:f0:05:9b:e5:1e:2f:
d3:57:2b:16:1b:c5:32:ea:c0:1c:65:4e:83:fe:ac:
59:34:95:de:3e:c8:40:c0:c3:ea:c5:88:ee:58:96:
f3:f1:03:02:a3:12:c6:78:30:86:ca:1c:b0:aa:c7:
88:52:4e:69:ac:c0:bd:e8:03:30:ab:9a:d8:53:0a:
c2:e7:a5:53:73:c2:f9:ef:2c:c6:b2:f4:12:23:27:
8a:11:18:fb:c8:bf:d8:19:2b:00:9c:d8:85:3e:e8:
fc:d1:09:00:ea:c7:a8:6f:9a:4f:22:81:07:f8:fb:
ce:e0:3d:ac:31:89:e1:27:fe:70:a9:77:3d:4d:92:
f6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B7:E6:AC:BA:3A:53:BF:3D:F7:4B:BD:FF:03:70:BC:32:0A:43:C4
X509v3 Authority Key Identifier:
keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:a4:4d:f3:8d:e4:91:a8:f8:1b:02:b8:95:bf:6a:89:61:d7:
d4:95:1b:4f:46:70:f6:d2:f1:14:91:e6:6f:c9:3a:c5:38:c8:
44:b2:1a:b1:0f:4c:6a:b9:02:6c:e3:8f:e6:5a:f6:e8:b8:73:
16:28:37:0a:c3:c6:43:d6:db:f1:b8:da:b2:1a:97:e2:fc:b1:
3a:31:f0:ae:64:da:0c:a6:18:53:22:cf:44:35:24:e6:32:b1:
96:81:9c:19:cb:d3:7b:65:34:f6:b8:48:7e:03:de:f8:f9:25:
b2:d1:10:f8:96:a1:4d:b3:eb:ab:3b:25:c8:90:b7:9c:ea:65:
81:c7:41:99:72:1d:a5:a8:55:46:72:0e:45:8a:52:45:89:6f:
88:f9:4d:d2:b1:13:97:39:09:66:ce:4c:83:d2:4c:2f:e9:cd:
25:d0:4e:15:39:33:ea:c8:c0:89:9a:d3:35:35:78:40:84:19:
66:a6:c8:03:fc:63:eb:49:3e:13:39:da:ab:e3:4a:0c:fe:c8:
33:dd:32:a5:81:40:08:51:c8:1f:f8:d7:9b:01:a8:80:96:c5:
29:9e:d1:1d:ff:eb:69:a7:5a:d0:0d:c7:74:af:2f:54:3a:36:
2b:65:70:19:56:8f:d0:46:ac:71:9d:a7:3d:f4:6c:e1:ab:a1:
32:7d:1d:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXXSgxGTtHIBvzBK5ciRb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm
NDhhZGMwHhcNMjUwNDIxMDgwMDQ0WhcNMjUwNDIyMDgwMDQ0WjAzMTEwLwYDVQQD
Eyg5OGI3ZTZhY2JhM2E1M2JmM2RmNzRiYmRmZjAzNzBiYzMyMGE0M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA514TtlioRjmLf7hTlCA7HKiSPilz
LHsrxnrQmCufS8hLsxLJ5PJUtrR5jOl5rXaYhfeU9tBrmKi8f9joQsChW3lMl/Kv
q9hDoDIUlOVQbfXyl8wh2Q6oO6GL7bZJv/9L7oGCPKNB9xEYlvh3RqgU70tha/q+
GSkjx3v3bCZB4MLwBZvlHi/TVysWG8Uy6sAcZU6D/qxZNJXePshAwMPqxYjuWJbz
8QMCoxLGeDCGyhywqseIUk5prMC96AMwq5rYUwrC56VTc8L57yzGsvQSIyeKERj7
yL/YGSsAnNiFPuj80QkA6seob5pPIoEH+PvO4D2sMYnhJ/5wqXc9TZL2oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJi35qy6OlO/PfdLvf8DcLwyCkPEMB8GA1UdIwQY
MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt
NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk
LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqRN843k
kaj4GwK4lb9qiWHX1JUbT0Zw9tLxFJHmb8k6xTjIRLIasQ9MarkCbOOP5lr26Lhz
Fig3CsPGQ9bb8bjashqX4vyxOjHwrmTaDKYYUyLPRDUk5jKxloGcGcvTe2U09rhI
fgPe+PklstEQ+JahTbPrqzslyJC3nOplgcdBmXIdpahVRnIORYpSRYlviPlN0rET
lzkJZs5Mg9JML+nNJdBOFTkz6sjAiZrTNTV4QIQZZqbIA/xj60k+Eznaq+NKDP7I
M90ypYFACFHIH/jXmwGogJbFKZ7RHf/raada0A3HdK8vVDo2K2VwGVaP0EascZ2n
PfRs4auhMn0dYg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:38:13 2025 by rpki-client