Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
File: MKNPnR29IKqH-w9ivStsXjDGFKI.mft (raw, json)
Hash identifier: jNI29SspfOWUKjh8A2o1VHo6Cf0ftUUPTq6oRqaWu6o=
Subject key identifier: 3E:5B:EB:89:DC:90:09:0E:53:2E:E1:A1:60:00:EB:70:0F:AA:12:03
Authority key identifier: 30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2
Certificate issuer: /CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
Certificate serial: 019635AD64914819BE28E52ECE25C1317B92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
Manifest number: 05A1
Signing time: Mon 14 Apr 2025 19:01:17 +0000
Manifest this update: Mon 14 Apr 2025 19:01:17 +0000
Manifest next update: Tue 15 Apr 2025 19:01:17 +0000
Files and hashes: 1: MKNPnR29IKqH-w9ivStsXjDGFKI.crl (hash: prcOxZ+y0CTVMLf8+zn9O6ZlHCS50ZmFj7SAg8vVfyw=)
2: lblIM2FJQ_WVf-a4mFWu5Otgr-A.roa (hash: dTACe68AOYRTGOWM2bf2NFYllivUWP/q40LE4fNKxno=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 19:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:35:ad:64:91:48:19:be:28:e5:2e:ce:25:c1:31:7b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
Validity
Not Before: Apr 14 19:01:17 2025 GMT
Not After : Apr 15 19:01:17 2025 GMT
Subject: CN=3e5beb89dc90090e532ee1a16000eb700faa1203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:d7:d5:74:bd:ed:a2:3d:e5:98:bf:f4:8b:
bf:9c:ee:ed:4f:8a:9c:57:7f:e7:37:6a:96:f7:e5:
2f:5d:28:e9:95:a8:9c:e8:00:4f:85:c5:cf:5c:96:
4d:b0:56:b1:25:fa:77:a1:6e:f8:58:b4:14:56:b0:
05:cd:c9:1c:1c:ce:59:a4:97:a4:1a:01:94:fa:2e:
d5:e4:ca:7a:48:13:6f:47:a6:1a:5d:60:35:d3:70:
b8:75:42:49:3e:00:d3:48:36:46:85:ff:a0:e5:97:
e8:68:c8:99:09:79:9d:22:bc:ff:7a:52:8f:1e:40:
27:f6:47:6a:37:9f:ac:3a:92:25:1d:f6:a8:7a:87:
3b:62:f4:b8:a9:80:42:78:bd:44:b4:5e:ac:c7:96:
40:ee:c0:fa:95:dc:a4:bb:46:62:2e:c5:84:07:b3:
58:57:65:3a:97:ab:00:a4:7e:84:49:b4:d0:0a:40:
11:d4:ae:dc:cd:43:04:a9:5b:a9:2b:1f:48:86:04:
e1:fd:e5:e2:bb:29:88:9a:e1:54:b5:96:8a:a0:b8:
1e:76:a1:4c:d0:c7:9d:c2:fc:c8:69:6c:83:ae:c1:
ae:8e:4a:c6:8d:6c:2a:84:33:dd:12:77:5e:ec:33:
11:14:5e:b9:0d:02:4c:dc:41:cc:73:12:a4:16:f4:
89:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5B:EB:89:DC:90:09:0E:53:2E:E1:A1:60:00:EB:70:0F:AA:12:03
X509v3 Authority Key Identifier:
keyid:30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:8b:0e:b2:ca:3a:de:52:da:e0:fc:21:1e:d3:fa:f9:5e:8b:
4a:05:61:1c:13:48:24:06:3c:e3:b1:d3:46:60:f2:07:d3:4a:
f9:a4:cc:42:6f:35:37:81:5a:7e:89:68:d2:83:cc:a4:d8:47:
4c:d9:a0:93:f5:5f:e2:92:fa:13:3e:40:1f:03:da:a5:47:c6:
04:13:e5:bd:f5:9e:35:98:76:7f:63:6a:23:bc:e7:4e:bf:ee:
e7:99:46:f8:0c:47:76:ac:44:70:62:d9:66:d7:0b:0e:32:8a:
c4:db:44:87:19:b5:61:db:96:c4:7e:f8:7b:ab:0f:67:f4:0b:
2b:79:ab:07:26:35:10:62:e8:c1:53:da:3b:93:3c:b2:eb:58:
94:34:c9:db:20:31:40:28:88:de:d0:89:e8:f0:32:79:ab:25:
57:b8:31:d7:ee:1c:e4:13:65:b1:56:41:bd:ec:a0:d3:9f:27:
11:17:f4:f1:93:41:74:94:93:f5:26:bc:28:af:3f:e8:61:7c:
3a:e4:86:69:b8:58:20:8a:9a:fd:ca:4a:d0:95:96:b3:40:09:
55:1a:22:29:d0:cb:dd:bf:df:43:e4:9e:e1:1e:b9:aa:7f:33:
51:fc:e2:29:68:1a:94:08:7b:7c:b4:6c:a6:c9:f6:05:97:61:
56:59:d7:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY1rWSRSBm+KOUuziXBMXuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTM0ZjlkMWRiZDIwYWE4N2ZiMGY2MmJkMmI2YzVlMzBj
NjE0YTIwHhcNMjUwNDE0MTkwMTE3WhcNMjUwNDE1MTkwMTE3WjAzMTEwLwYDVQQD
EygzZTViZWI4OWRjOTAwOTBlNTMyZWUxYTE2MDAwZWI3MDBmYWExMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk/X1XS97aI95Zi/9Iu/nO7tT4qc
V3/nN2qW9+UvXSjplaic6ABPhcXPXJZNsFaxJfp3oW74WLQUVrAFzckcHM5ZpJek
GgGU+i7V5Mp6SBNvR6YaXWA103C4dUJJPgDTSDZGhf+g5ZfoaMiZCXmdIrz/elKP
HkAn9kdqN5+sOpIlHfaoeoc7YvS4qYBCeL1EtF6sx5ZA7sD6ldyku0ZiLsWEB7NY
V2U6l6sApH6ESbTQCkAR1K7czUMEqVupKx9IhgTh/eXiuymImuFUtZaKoLgedqFM
0MedwvzIaWyDrsGujkrGjWwqhDPdEnde7DMRFF65DQJM3EHMcxKkFvSJBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5b64nckAkOUy7hoWAA63APqhIDMB8GA1UdIwQY
MBaAFDCjT50dvSCqh/sPYr0rbF4wxhSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEt
ZWI2NTNkMzYyMmJiLzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEtZWI2NTNkMzYyMmJi
LzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeosOsso6
3lLa4PwhHtP6+V6LSgVhHBNIJAY847HTRmDyB9NK+aTMQm81N4Fafolo0oPMpNhH
TNmgk/Vf4pL6Ez5AHwPapUfGBBPlvfWeNZh2f2NqI7znTr/u55lG+AxHdqxEcGLZ
ZtcLDjKKxNtEhxm1YduWxH74e6sPZ/QLK3mrByY1EGLowVPaO5M8sutYlDTJ2yAx
QCiI3tCJ6PAyeaslV7gx1+4c5BNlsVZBveyg058nERf08ZNBdJST9Sa8KK8/6GF8
OuSGabhYIIqa/cpK0JWWs0AJVRoiKdDL3b/fQ+Se4R65qn8zUfziKWgalAh7fLRs
psn2BZdhVlnXkA==
-----END CERTIFICATE-----
Generated at Tue Apr 15 01:18:45 2025 by rpki-client