Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.mft
File: IJGnf3xCTpEnOYRzv6OiuXJ-u0U.mft (raw, json)
Hash identifier: /oB+3OKkv8Ce3hnAfKFAJZC3yUG5crwXi3SDv2qys0Y=
Subject key identifier: 42:4F:05:1D:C4:4A:5B:F3:08:F6:20:60:2C:29:D7:BC:E6:EA:F2:65
Authority key identifier: 20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
Certificate issuer: /CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Certificate serial: 01965A26D9AAE3AD5E3C02B8A02DFCD5C138
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.mft
Manifest number: 0821
Signing time: Mon 21 Apr 2025 21:00:17 +0000
Manifest this update: Mon 21 Apr 2025 21:00:17 +0000
Manifest next update: Tue 22 Apr 2025 21:00:17 +0000
Files and hashes: 1: GE_VINn07eeSJYTvZIuo88WEV3U.roa (hash: 7RURCigC0zQY7NED6IrTycMVsCozhn/RUtlNFgdIpNw=)
2: IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl (hash: P/KD2LxvQQPBzn6P0+IfGcU4B9NuXeBpU9iYfFPCvTE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:26:d9:aa:e3:ad:5e:3c:02:b8:a0:2d:fc:d5:c1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Validity
Not Before: Apr 21 21:00:17 2025 GMT
Not After : Apr 22 21:00:17 2025 GMT
Subject: CN=424f051dc44a5bf308f620602c29d7bce6eaf265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:33:2b:64:87:e2:69:b6:28:8b:cf:fd:04:8d:
79:ae:68:9e:81:b1:94:a4:6d:b4:6b:74:55:76:51:
59:6a:77:92:0c:72:a8:b0:d6:88:4d:a1:90:df:69:
88:e7:2d:84:55:6b:15:de:e8:32:f7:0e:28:cb:11:
ec:bc:f3:55:4e:0f:45:5d:cf:82:95:a1:9e:4b:bd:
6b:e1:f8:4c:34:17:ec:8f:81:44:2b:c3:fc:96:cc:
af:7b:59:be:71:e7:6b:11:5a:f8:49:f5:40:77:14:
54:ce:14:23:4c:82:8a:d9:44:42:90:3f:fe:41:a7:
2c:19:a1:1d:ce:e0:3a:11:e9:ea:e5:d8:47:4b:a0:
4c:b2:e7:21:75:9d:6e:ad:cb:92:08:c8:42:a5:a6:
93:02:ee:65:09:2d:3d:54:0e:e3:e2:81:9a:82:1f:
c2:cd:3c:f0:82:f8:72:11:66:c6:5f:ab:45:bd:5e:
3d:0b:8d:c8:8c:20:6a:ae:65:3f:bb:69:e7:9e:98:
c8:92:b4:f8:58:88:f3:1c:62:fa:8b:1a:0c:15:31:
fc:aa:ca:e5:26:9d:4d:61:ac:bc:fd:81:3e:e6:27:
e4:15:e3:30:ae:4d:ff:d8:83:64:a2:7a:99:ba:52:
04:43:f4:df:77:b2:38:97:8d:07:b6:4d:ba:7a:1d:
ff:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4F:05:1D:C4:4A:5B:F3:08:F6:20:60:2C:29:D7:BC:E6:EA:F2:65
X509v3 Authority Key Identifier:
keyid:20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:10:0c:07:9d:74:de:32:a6:b8:a3:3e:4f:23:65:04:92:cc:
9d:00:21:5b:a4:f8:14:7a:4f:92:6f:0b:aa:a1:51:14:ad:e6:
a2:88:12:b3:db:e6:bb:54:53:4a:d5:09:8e:eb:c7:5f:34:71:
fc:da:bd:11:b6:04:a4:56:43:d7:15:81:89:ab:12:09:08:cc:
1a:c5:56:c0:88:03:70:6d:5b:bf:9a:aa:75:f1:8e:34:59:d0:
99:1c:45:1d:17:60:90:4c:3d:cf:76:54:ad:c5:de:67:7d:cf:
ae:23:cf:89:ae:8d:21:fb:f3:47:f4:59:ac:f0:db:a4:3c:5f:
94:80:7a:bf:17:ee:b8:6f:fa:43:a3:65:17:a5:2a:d0:b4:00:
a8:b0:c1:d3:7e:fa:cc:c5:51:21:51:56:a1:13:b8:4f:29:3d:
92:b6:ed:bb:f4:6c:7a:52:06:47:f6:26:5d:52:92:18:4d:93:
3e:59:8c:3c:4a:84:bc:78:2e:8a:2e:9f:7c:e9:07:b9:36:07:
d7:6e:d6:e0:98:77:01:d3:a6:8c:8a:6e:26:25:0d:06:38:5c:
4f:b0:af:10:16:49:f8:6e:13:28:a8:2f:74:4f:17:57:4d:3b:
1c:91:a8:06:8b:db:eb:0d:65:18:ef:29:37:cd:38:d1:b1:0c:
41:a1:22:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZaJtmq461ePAK4oC381cE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOTFhNzdmN2M0MjRlOTEyNzM5ODQ3M2JmYTNhMmI5NzI3
ZWJiNDUwHhcNMjUwNDIxMjEwMDE3WhcNMjUwNDIyMjEwMDE3WjAzMTEwLwYDVQQD
Eyg0MjRmMDUxZGM0NGE1YmYzMDhmNjIwNjAyYzI5ZDdiY2U2ZWFmMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jMrZIfiabYoi8/9BI15rmiegbGU
pG20a3RVdlFZaneSDHKosNaITaGQ32mI5y2EVWsV3ugy9w4oyxHsvPNVTg9FXc+C
laGeS71r4fhMNBfsj4FEK8P8lsyve1m+cedrEVr4SfVAdxRUzhQjTIKK2URCkD/+
QacsGaEdzuA6Eenq5dhHS6BMsuchdZ1urcuSCMhCpaaTAu5lCS09VA7j4oGagh/C
zTzwgvhyEWbGX6tFvV49C43IjCBqrmU/u2nnnpjIkrT4WIjzHGL6ixoMFTH8qsrl
Jp1NYay8/YE+5ifkFeMwrk3/2INkonqZulIEQ/Tfd7I4l40Htk26eh3/NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJPBR3ESlvzCPYgYCwp17zm6vJlMB8GA1UdIwQY
MBaAFCCRp398Qk6RJzmEc7+jorlyfrtFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMt
OWEyMjk3ODBlMGJlLzEvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMtOWEyMjk3ODBlMGJl
LzEvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbBAMB510
3jKmuKM+TyNlBJLMnQAhW6T4FHpPkm8LqqFRFK3moogSs9vmu1RTStUJjuvHXzRx
/Nq9EbYEpFZD1xWBiasSCQjMGsVWwIgDcG1bv5qqdfGONFnQmRxFHRdgkEw9z3ZU
rcXeZ33PriPPia6NIfvzR/RZrPDbpDxflIB6vxfuuG/6Q6NlF6Uq0LQAqLDB0376
zMVRIVFWoRO4Tyk9krbtu/RselIGR/YmXVKSGE2TPlmMPEqEvHguii6ffOkHuTYH
127W4Jh3AdOmjIpuJiUNBjhcT7CvEBZJ+G4TKKgvdE8XV007HJGoBovb6w1lGO8p
N8040bEMQaEiGQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:15:21 2025 by rpki-client