Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: WLA0xVGqvajAg/s+yruQsvd1Dsc2ZC57a3AXeOq5XN8=
Subject key identifier: 36:B3:74:9F:4A:D7:7B:2A:A6:DB:0D:40:62:DF:01:8A:28:FA:B8:00
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 0196439F8D433D6284B7854865C547D2C6B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 02FA
Signing time: Thu 17 Apr 2025 12:00:51 +0000
Manifest this update: Thu 17 Apr 2025 12:00:51 +0000
Manifest next update: Fri 18 Apr 2025 12:00:51 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: XjUs+olVVR+nhBG0ql9hxTlbSfIavVP/ui+mNCjfEzs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 12:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:9f:8d:43:3d:62:84:b7:85:48:65:c5:47:d2:c6:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Apr 17 12:00:51 2025 GMT
Not After : Apr 18 12:00:51 2025 GMT
Subject: CN=36b3749f4ad77b2aa6db0d4062df018a28fab800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:10:49:cc:ca:76:ee:91:5c:a6:64:0b:a2:17:
1c:ed:57:c8:56:e6:2a:bd:9f:6f:8b:2d:45:25:9e:
6d:76:0a:36:d3:24:77:b7:1b:cc:80:44:8e:bd:fe:
86:04:8c:ff:9b:9a:0d:cc:6f:8d:97:19:a1:af:43:
07:67:bd:1a:f8:2b:b2:0c:21:81:71:f0:c1:37:2b:
65:1b:2a:50:d3:c5:2e:d4:2f:59:3d:80:42:b1:bb:
9f:67:fa:83:24:6c:44:75:c9:b4:45:fa:51:3b:39:
e6:97:e1:a4:90:54:08:9c:6d:b4:cb:2c:e8:81:cb:
7e:53:7b:3e:f8:9d:9b:52:28:09:8d:db:3d:9b:45:
72:a8:fe:87:7a:28:0d:21:3d:36:84:8d:cf:fe:bd:
53:4b:ca:ca:8c:c3:74:ce:4c:3a:04:41:76:ad:4c:
2d:24:bc:63:68:0f:f8:b0:b5:78:78:06:39:47:ef:
c6:68:94:6f:24:c9:88:d0:a5:b1:60:5b:cd:5b:b2:
74:6b:72:a2:2a:27:62:52:a0:d6:47:60:73:1c:7a:
3d:b2:c7:3b:ff:46:c1:89:60:56:85:eb:8a:ad:42:
22:e3:f1:59:13:11:bd:ad:75:b5:d7:af:5b:08:93:
86:f6:2a:7e:d2:ec:44:43:76:c0:2b:fc:f8:ad:8d:
04:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B3:74:9F:4A:D7:7B:2A:A6:DB:0D:40:62:DF:01:8A:28:FA:B8:00
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:75:e5:d4:f4:a7:38:4a:56:a1:32:53:a8:1e:c6:d6:ca:44:
e4:f5:1f:27:16:2a:94:d5:2f:32:f2:c0:e7:fd:7b:08:1a:06:
4d:0e:4a:39:1e:12:0e:57:d9:f5:4e:5c:63:e4:9d:79:c6:0b:
ca:f7:1f:aa:e3:a3:12:16:8a:af:fc:dc:b0:6e:87:9e:60:41:
8f:3e:db:94:7b:30:ef:30:45:72:b7:7a:af:65:e0:bd:59:ea:
0f:c4:7c:05:db:53:b3:c1:fc:28:2a:ba:22:3f:f4:fb:b8:14:
57:6e:ba:03:9c:a3:72:f1:07:70:dc:f8:6f:d7:47:73:a7:00:
11:36:93:3e:08:72:e7:b2:de:f0:60:8a:a8:32:ab:14:38:7f:
f2:4d:8c:49:c2:a9:03:0d:84:35:8f:9c:48:0a:32:c4:28:e5:
61:86:d7:2a:1a:3d:62:ac:a0:0f:5d:25:0c:2f:72:aa:0e:02:
47:93:1f:f5:7d:d2:6c:d8:27:c4:d4:16:5b:51:11:52:c1:eb:
6e:a1:eb:5f:ab:8e:12:53:b8:94:65:4e:5d:bf:22:bd:23:cb:
ae:63:1f:65:5d:80:00:ff:32:64:b2:aa:a4:ee:17:d5:a6:3d:
15:5f:2a:b0:ba:9e:fa:32:a2:53:35:a4:46:19:83:ff:44:5e:
8d:f5:50:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZDn41DPWKEt4VIZcVH0saxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUwNDE3MTIwMDUxWhcNMjUwNDE4MTIwMDUxWjAzMTEwLwYDVQQD
EygzNmIzNzQ5ZjRhZDc3YjJhYTZkYjBkNDA2MmRmMDE4YTI4ZmFiODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hBJzMp27pFcpmQLohcc7VfIVuYq
vZ9viy1FJZ5tdgo20yR3txvMgESOvf6GBIz/m5oNzG+Nlxmhr0MHZ70a+CuyDCGB
cfDBNytlGypQ08Uu1C9ZPYBCsbufZ/qDJGxEdcm0RfpROznml+GkkFQInG20yyzo
gct+U3s++J2bUigJjds9m0VyqP6HeigNIT02hI3P/r1TS8rKjMN0zkw6BEF2rUwt
JLxjaA/4sLV4eAY5R+/GaJRvJMmI0KWxYFvNW7J0a3KiKidiUqDWR2BzHHo9ssc7
/0bBiWBWheuKrUIi4/FZExG9rXW1169bCJOG9ip+0uxEQ3bAK/z4rY0E9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDazdJ9K13sqptsNQGLfAYoo+rgAMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ3Xl1PSn
OEpWoTJTqB7G1spE5PUfJxYqlNUvMvLA5/17CBoGTQ5KOR4SDlfZ9U5cY+SdecYL
yvcfquOjEhaKr/zcsG6HnmBBjz7blHsw7zBFcrd6r2XgvVnqD8R8BdtTs8H8KCq6
Ij/0+7gUV266A5yjcvEHcNz4b9dHc6cAETaTPghy57Le8GCKqDKrFDh/8k2MScKp
Aw2ENY+cSAoyxCjlYYbXKho9YqygD10lDC9yqg4CR5Mf9X3SbNgnxNQWW1ERUsHr
bqHrX6uOElO4lGVOXb8ivSPLrmMfZV2AAP8yZLKqpO4X1aY9FV8qsLqe+jKiUzWk
RhmD/0RejfVQgg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:21:21 2025 by rpki-client