Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.mft
File: nFK2oFFHG-xR23TXJW56MKVezxo.mft (raw, json)
Hash identifier: EAYB+e/ekTvYS0XwSBViANct2sKQeFHmZl+sRu+EXv8=
Subject key identifier: 9B:99:9C:DC:CB:30:30:1F:EB:90:3F:5C:35:98:C8:5D:89:E3:44:34
Authority key identifier: 9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
Certificate issuer: /CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Certificate serial: 019658019FAAF4B747FE00DD29355D463844
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.mft
Manifest number: 1500
Signing time: Mon 21 Apr 2025 11:00:23 +0000
Manifest this update: Mon 21 Apr 2025 11:00:23 +0000
Manifest next update: Tue 22 Apr 2025 11:00:23 +0000
Files and hashes: 1: CpF6aVcFa4aSib91gY7r_oRg7yk.roa (hash: g98Tlf03Q7mP804tnDVA4hODWWDgDXRhH7RoV+ttI2w=)
2: nFK2oFFHG-xR23TXJW56MKVezxo.crl (hash: masp4+piGvpFN7BMXbG3IdnruVNVR0aVjuLKbJMXB58=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:01:9f:aa:f4:b7:47:fe:00:dd:29:35:5d:46:38:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Validity
Not Before: Apr 21 11:00:23 2025 GMT
Not After : Apr 22 11:00:23 2025 GMT
Subject: CN=9b999cdccb30301feb903f5c3598c85d89e34434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3c:bc:e3:42:fe:72:f3:c0:d8:ee:e5:3c:81:
c2:c6:0a:cd:0b:6d:6a:0f:a9:e4:ac:77:ae:86:42:
8b:19:92:79:32:77:90:ce:fc:e9:bd:4c:ef:99:e2:
55:c2:b6:10:b5:b7:8f:8f:93:07:03:94:17:f6:a8:
81:10:6d:81:56:ea:ad:81:ed:7e:e0:4c:16:b7:4f:
86:ec:9f:73:36:d8:28:a2:0f:13:6f:eb:d3:29:38:
35:24:1c:c8:c4:ea:72:93:af:1e:87:23:1b:90:4f:
94:15:e7:45:60:01:91:c7:8b:97:0d:28:c2:d9:84:
dd:b7:f5:64:e0:15:b2:b8:6b:07:bf:bd:0a:cf:48:
ba:51:b6:1b:8c:69:9c:c5:d8:47:31:92:f9:74:f1:
f6:1e:cc:31:18:3c:76:85:f9:6d:40:7a:90:8b:92:
5a:7f:55:84:44:bf:d0:23:c9:92:95:fc:fc:b5:1b:
f3:85:86:c0:0b:22:79:64:b1:36:26:83:06:b5:49:
a0:b4:b9:71:16:47:4c:ca:f5:2a:6f:a0:0c:16:df:
f6:6f:87:69:6e:68:fc:5c:91:48:d3:8b:79:91:52:
0e:74:4b:cd:bf:cd:4f:8c:e4:d0:38:14:7c:10:df:
0f:a4:e1:57:63:a5:bc:0e:11:fe:7e:e8:5e:d6:62:
bd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:99:9C:DC:CB:30:30:1F:EB:90:3F:5C:35:98:C8:5D:89:E3:44:34
X509v3 Authority Key Identifier:
keyid:9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:16:90:c3:56:00:95:79:df:3b:90:11:2c:46:b9:77:81:69:
c9:62:c4:d9:e5:53:94:14:c6:bb:70:98:da:79:9d:5b:25:48:
1e:62:0f:a2:e3:cf:a2:f6:b1:fe:d6:08:eb:99:dd:ae:cf:ab:
5d:60:75:39:f9:6f:1f:90:45:37:9b:6d:f9:d5:58:a1:8e:77:
ee:67:97:03:e8:f0:50:d4:ba:43:8a:67:c4:4e:0b:19:5d:2b:
07:7c:a7:00:e5:71:87:47:f0:21:40:d7:2b:4f:ab:d9:30:0e:
24:67:9c:97:64:d6:c1:3f:c1:85:ef:e5:68:bd:d0:e4:69:c7:
c7:5c:85:12:d7:bc:94:42:fd:b9:55:92:88:f4:f1:82:f3:49:
11:df:41:6d:77:5f:95:4f:db:f5:ee:ad:a1:ac:76:8e:c2:bd:
cf:76:e4:7b:b2:f8:44:ed:03:0a:f8:13:06:7d:bb:03:51:7e:
1f:81:ca:a6:ea:c4:9c:0f:13:32:78:7b:7c:1f:12:b6:09:6e:
46:52:0c:88:15:fe:8d:ee:46:07:c0:01:a1:1d:e9:be:be:17:
40:43:e7:4a:3c:0b:14:05:9c:ae:37:57:ee:98:e8:ef:39:17:
96:e0:1b:97:4e:34:31:26:90:fb:1e:71:09:c0:99:f4:cd:56:
ba:8f:16:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYAZ+q9LdH/gDdKTVdRjhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTJiNmEwNTE0NzFiZWM1MWRiNzRkNzI1NmU3YTMwYTU1
ZWNmMWEwHhcNMjUwNDIxMTEwMDIzWhcNMjUwNDIyMTEwMDIzWjAzMTEwLwYDVQQD
Eyg5Yjk5OWNkY2NiMzAzMDFmZWI5MDNmNWMzNTk4Yzg1ZDg5ZTM0NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTy840L+cvPA2O7lPIHCxgrNC21q
D6nkrHeuhkKLGZJ5MneQzvzpvUzvmeJVwrYQtbePj5MHA5QX9qiBEG2BVuqtge1+
4EwWt0+G7J9zNtgoog8Tb+vTKTg1JBzIxOpyk68ehyMbkE+UFedFYAGRx4uXDSjC
2YTdt/Vk4BWyuGsHv70Kz0i6UbYbjGmcxdhHMZL5dPH2HswxGDx2hfltQHqQi5Ja
f1WERL/QI8mSlfz8tRvzhYbACyJ5ZLE2JoMGtUmgtLlxFkdMyvUqb6AMFt/2b4dp
bmj8XJFI04t5kVIOdEvNv81PjOTQOBR8EN8PpOFXY6W8DhH+fuhe1mK9mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuZnNzLMDAf65A/XDWYyF2J40Q0MB8GA1UdIwQY
MBaAFJxStqBRRxvsUdt01yVuejClXs8aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZLMm9GRkhHLXhSMjNUWEpXNTZNS1ZlenhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mODQzNGMtMDIzMC00YWRmLWJkMDAt
MjgyOWFhM2RmMjU4LzEvbkZLMm9GRkhHLXhSMjNUWEpXNTZNS1ZlenhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mODQzNGMtMDIzMC00YWRmLWJkMDAtMjgyOWFhM2RmMjU4
LzEvbkZLMm9GRkhHLXhSMjNUWEpXNTZNS1ZlenhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBaQw1YA
lXnfO5ARLEa5d4FpyWLE2eVTlBTGu3CY2nmdWyVIHmIPouPPovax/tYI65ndrs+r
XWB1OflvH5BFN5tt+dVYoY537meXA+jwUNS6Q4pnxE4LGV0rB3ynAOVxh0fwIUDX
K0+r2TAOJGecl2TWwT/Bhe/laL3Q5GnHx1yFEte8lEL9uVWSiPTxgvNJEd9BbXdf
lU/b9e6toax2jsK9z3bke7L4RO0DCvgTBn27A1F+H4HKpurEnA8TMnh7fB8Stglu
RlIMiBX+je5GB8ABoR3pvr4XQEPnSjwLFAWcrjdX7pjo7zkXluAbl040MSaQ+x5x
CcCZ9M1Wuo8WLw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:05 2025 by rpki-client