Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
File: CEIhaO2oQjBU2C6wGMOD4tvor98.mft (raw, json)
Hash identifier: /O+qIPlT1Rh1cibckYNtfZR7UBnbVp/nutdkhIMGvUM=
Subject key identifier: 4A:F4:36:2A:E2:D2:0F:91:81:5C:52:75:99:0C:C8:3C:8C:35:F8:F4
Authority key identifier: 08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
Certificate issuer: /CN=08422168eda8423054d82eb018c383e2dbe8afdf
Certificate serial: 0196583883D398607B86CE2BBC73584C1797
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
Manifest number: 1229
Signing time: Mon 21 Apr 2025 12:00:20 +0000
Manifest this update: Mon 21 Apr 2025 12:00:20 +0000
Manifest next update: Tue 22 Apr 2025 12:00:20 +0000
Files and hashes: 1: CEIhaO2oQjBU2C6wGMOD4tvor98.crl (hash: KEInROzcLiQK+xLxI7xzTgAYj7JMAonFYJLQX81qk5Y=)
2: ESQpVAiSLlfE8UMM75aY_vsPDNc.roa (hash: ubyXNF+odFgCxSHtSbasAdaDvs7x7Wh5p2HTa/QrZgQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:38:83:d3:98:60:7b:86:ce:2b:bc:73:58:4c:17:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08422168eda8423054d82eb018c383e2dbe8afdf
Validity
Not Before: Apr 21 12:00:20 2025 GMT
Not After : Apr 22 12:00:20 2025 GMT
Subject: CN=4af4362ae2d20f91815c5275990cc83c8c35f8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:4b:07:cb:6d:98:76:82:9a:56:f3:d1:af:
d3:18:b3:9b:db:a9:c2:7c:2a:84:e2:1e:42:14:e8:
93:40:44:2d:c8:ec:ca:c5:23:30:b8:23:ec:11:b7:
97:a9:48:f1:81:ac:a2:ef:70:12:13:ea:ac:ea:b9:
ab:9d:1f:d6:5a:44:d7:62:c5:52:1b:b0:25:86:01:
09:4b:21:20:2a:30:d1:5a:06:ad:a2:e1:32:b2:d5:
62:c0:55:75:f2:e2:82:5b:46:51:72:c1:ed:aa:d1:
1f:45:5b:23:64:eb:d9:f0:1a:93:8d:23:d0:4f:7d:
52:36:cf:c0:e9:5a:75:6e:f5:a3:c5:b4:5d:2a:cc:
09:53:b7:c5:60:ab:e4:ee:58:7b:5f:05:51:8c:6d:
f6:8c:d2:2a:73:2f:f9:5d:52:8a:f2:ea:89:2c:bf:
c2:52:b1:24:dd:31:e6:cf:be:ab:d4:c1:f2:b5:6e:
9e:eb:1f:fb:a7:7b:7d:8e:77:fd:32:c4:c6:90:2c:
e2:22:44:f2:eb:d8:a2:43:82:47:e9:82:68:1b:47:
61:b2:13:4a:41:f0:2a:f6:70:0d:88:21:5e:37:6f:
05:dd:12:40:3b:d6:66:52:c0:e6:13:76:c6:89:a2:
f5:ff:bd:62:75:64:fe:f1:2e:05:5e:f6:1c:71:c1:
9c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F4:36:2A:E2:D2:0F:91:81:5C:52:75:99:0C:C8:3C:8C:35:F8:F4
X509v3 Authority Key Identifier:
keyid:08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:77:40:d8:9b:78:80:ad:2c:b9:88:53:06:df:bd:0f:71:3c:
b8:e8:a4:31:c0:99:aa:c3:38:81:47:5b:9c:e8:94:ea:d2:7f:
25:1f:98:1b:c3:fa:f1:8c:57:02:8c:87:f0:2b:b0:60:1e:7a:
89:c6:ca:9c:93:ed:c4:fc:eb:f4:9a:9e:69:f3:10:2f:9f:75:
d8:18:80:e4:b5:94:6d:fe:8a:38:eb:d6:88:2d:d5:8f:89:6c:
8e:13:94:44:5d:8c:db:e7:20:ce:33:8a:81:bd:ba:82:fe:3f:
f8:61:82:3a:0b:60:03:5e:cb:ee:6e:84:22:87:d2:01:eb:9e:
10:84:c6:86:b5:a7:9d:c4:3a:68:7c:1e:25:4b:c9:b0:ed:38:
75:f5:5c:21:25:ad:a5:54:29:d7:7b:bd:9a:e0:8f:cc:a6:f9:
b4:0b:64:ce:f1:99:77:5a:41:8c:d8:ef:14:86:8a:1b:1b:e4:
e0:dc:da:6b:2e:14:83:d8:10:97:0c:7c:3c:07:90:26:74:bd:
e2:01:8e:e3:53:2c:dc:c4:59:b0:89:57:23:ba:f8:c9:6e:99:
24:aa:3f:62:79:07:b5:23:09:de:77:70:99:30:5a:a4:f8:70:
18:fb:9b:28:16:b1:e7:6b:85:de:e1:6a:f6:e8:99:c9:c6:0b:
3c:a0:20:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYOIPTmGB7hs4rvHNYTBeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDIyMTY4ZWRhODQyMzA1NGQ4MmViMDE4YzM4M2UyZGJl
OGFmZGYwHhcNMjUwNDIxMTIwMDIwWhcNMjUwNDIyMTIwMDIwWjAzMTEwLwYDVQQD
Eyg0YWY0MzYyYWUyZDIwZjkxODE1YzUyNzU5OTBjYzgzYzhjMzVmOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuZLB8ttmHaCmlbz0a/TGLOb26nC
fCqE4h5CFOiTQEQtyOzKxSMwuCPsEbeXqUjxgayi73ASE+qs6rmrnR/WWkTXYsVS
G7AlhgEJSyEgKjDRWgatouEystViwFV18uKCW0ZRcsHtqtEfRVsjZOvZ8BqTjSPQ
T31SNs/A6Vp1bvWjxbRdKswJU7fFYKvk7lh7XwVRjG32jNIqcy/5XVKK8uqJLL/C
UrEk3THmz76r1MHytW6e6x/7p3t9jnf9MsTGkCziIkTy69iiQ4JH6YJoG0dhshNK
QfAq9nANiCFeN28F3RJAO9ZmUsDmE3bGiaL1/71idWT+8S4FXvYcccGcCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEr0Niri0g+RgVxSdZkMyDyMNfj0MB8GA1UdIwQY
MBaAFAhCIWjtqEIwVNgusBjDg+Lb6K/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEt
NmUxOWY2NzlhNjIzLzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEtNmUxOWY2NzlhNjIz
LzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXdA2Jt4
gK0suYhTBt+9D3E8uOikMcCZqsM4gUdbnOiU6tJ/JR+YG8P68YxXAoyH8CuwYB56
icbKnJPtxPzr9JqeafMQL5912BiA5LWUbf6KOOvWiC3Vj4lsjhOURF2M2+cgzjOK
gb26gv4/+GGCOgtgA17L7m6EIofSAeueEITGhrWnncQ6aHweJUvJsO04dfVcISWt
pVQp13u9muCPzKb5tAtkzvGZd1pBjNjvFIaKGxvk4Nzaay4Ug9gQlwx8PAeQJnS9
4gGO41Ms3MRZsIlXI7r4yW6ZJKo/YnkHtSMJ3ndwmTBapPhwGPubKBax52uF3uFq
9uiZycYLPKAg9A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:43:53 2025 by rpki-client