Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
File: M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft (raw, json)
Hash identifier: 8n15pEJNmsUf7dPDCkoKY1cYaPbVWtnuvwqxmW9laj0=
Subject key identifier: AF:95:E7:6C:9C:8A:CD:97:B0:95:F1:FD:33:ED:76:67:E9:60:62:8A
Authority key identifier: 33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99
Certificate issuer: /CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
Certificate serial: 0196534A41C99274DF5E28D7FA4A86A5C8B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
Manifest number: 10E2
Signing time: Sun 20 Apr 2025 13:01:37 +0000
Manifest this update: Sun 20 Apr 2025 13:01:37 +0000
Manifest next update: Mon 21 Apr 2025 13:01:37 +0000
Files and hashes: 1: M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl (hash: PkASwUe79k9wXKkCuPm7ZVOqIKOt6IYBDzdQTrheYTo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:4a:41:c9:92:74:df:5e:28:d7:fa:4a:86:a5:c8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
Validity
Not Before: Apr 20 13:01:37 2025 GMT
Not After : Apr 21 13:01:37 2025 GMT
Subject: CN=af95e76c9c8acd97b095f1fd33ed7667e960628a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:66:35:7b:89:de:2d:8e:dd:56:28:50:8f:4a:
b8:3d:ed:1f:98:72:99:0c:9e:a3:d9:bd:9a:57:3a:
65:52:e3:8a:52:d2:42:76:a8:01:44:df:f0:b5:36:
00:c6:84:c6:58:97:ff:54:9a:b4:d6:12:58:04:0d:
b7:62:c7:11:0e:e0:12:d0:c8:e6:0d:ca:1b:82:eb:
8d:be:2e:dd:fe:14:b9:9d:f5:72:dc:19:40:98:72:
50:88:16:43:18:e4:6b:f9:a6:e9:de:fe:eb:65:fe:
e5:94:17:e9:b9:b1:2e:dc:1c:35:74:85:c2:f2:fa:
5a:64:c4:42:5e:f5:69:28:74:b0:99:5d:5a:e0:76:
81:3b:c6:a9:f4:0b:a4:ac:0d:b2:95:fb:5e:32:b1:
9f:a1:f2:20:40:77:ae:64:eb:be:3e:24:c3:9d:73:
d5:46:50:25:20:d7:4a:a0:a0:cd:fc:fe:b9:42:a9:
1f:5c:8b:98:81:80:82:99:8d:c2:40:37:40:1f:d1:
39:7c:07:b0:73:a3:53:c0:d1:75:c4:0f:98:8f:9c:
99:4c:6c:05:e2:26:54:47:53:ce:67:82:5f:41:d1:
38:0b:80:49:b1:f8:ad:e3:d6:b0:76:a1:9c:f7:b9:
08:65:a5:58:f2:ff:6f:ce:f0:b0:7c:ef:ed:1c:82:
41:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:95:E7:6C:9C:8A:CD:97:B0:95:F1:FD:33:ED:76:67:E9:60:62:8A
X509v3 Authority Key Identifier:
keyid:33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:b4:08:72:11:cb:a3:51:a2:00:26:33:dd:93:a1:e0:b5:4e:
99:75:72:31:d3:24:c9:aa:a3:c2:aa:f6:a0:29:2f:7a:c5:78:
29:62:27:f2:6e:f6:9c:c3:b4:48:d1:f4:d4:d6:9d:d6:3f:f1:
1b:28:20:92:98:34:5a:22:5d:ea:03:3e:ce:e7:05:8b:ee:b6:
35:63:72:34:fa:a6:9e:34:e9:fd:85:89:6f:4f:1a:e1:a5:ca:
74:21:5c:4e:13:d4:dc:7d:47:79:26:54:43:c3:07:36:30:ff:
30:f8:f3:ac:5c:d8:e7:50:8b:87:e9:b2:6f:9e:d0:18:73:80:
e4:f5:2c:63:88:22:66:fc:bc:7f:58:ed:2b:04:3f:4b:8d:8e:
90:9c:67:38:95:72:17:34:bf:43:b2:ed:51:8a:e5:4f:74:61:
49:38:27:41:9f:48:48:57:99:05:d7:36:ec:5f:be:af:3f:a4:
d2:ff:e2:12:15:f2:2d:14:c4:40:93:f4:e7:8a:54:8d:00:f9:
bd:2c:e7:22:75:f3:55:5c:a9:6b:d9:d0:20:ff:3d:d3:dd:f8:
52:21:31:a3:49:f7:91:08:5c:48:45:be:51:c8:be:a5:28:c4:
2f:84:c0:0f:d2:a3:4e:0a:14:59:eb:9d:a1:e1:f3:18:b7:78:
b6:87:a9:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSkHJknTfXijX+kqGpci2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjNkNzJjZGQ5M2FiMDJmZTNmNzg4ZDYyMWQ3MTVkOWVm
ZDc2OTkwHhcNMjUwNDIwMTMwMTM3WhcNMjUwNDIxMTMwMTM3WjAzMTEwLwYDVQQD
EyhhZjk1ZTc2YzljOGFjZDk3YjA5NWYxZmQzM2VkNzY2N2U5NjA2MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mY1e4neLY7dVihQj0q4Pe0fmHKZ
DJ6j2b2aVzplUuOKUtJCdqgBRN/wtTYAxoTGWJf/VJq01hJYBA23YscRDuAS0Mjm
DcobguuNvi7d/hS5nfVy3BlAmHJQiBZDGORr+abp3v7rZf7llBfpubEu3Bw1dIXC
8vpaZMRCXvVpKHSwmV1a4HaBO8ap9AukrA2ylfteMrGfofIgQHeuZOu+PiTDnXPV
RlAlINdKoKDN/P65QqkfXIuYgYCCmY3CQDdAH9E5fAewc6NTwNF1xA+Yj5yZTGwF
4iZUR1POZ4JfQdE4C4BJsfit49awdqGc97kIZaVY8v9vzvCwfO/tHIJBeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+V52ycis2XsJXx/TPtdmfpYGKKMB8GA1UdIwQY
MBaAFDNj1yzdk6sC/j94jWIdcV2e/XaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgt
NDM0ZjllMGQ3NTBjLzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgtNDM0ZjllMGQ3NTBj
LzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLQIchHL
o1GiACYz3ZOh4LVOmXVyMdMkyaqjwqr2oCkvesV4KWIn8m72nMO0SNH01Nad1j/x
Gyggkpg0WiJd6gM+zucFi+62NWNyNPqmnjTp/YWJb08a4aXKdCFcThPU3H1HeSZU
Q8MHNjD/MPjzrFzY51CLh+myb57QGHOA5PUsY4giZvy8f1jtKwQ/S42OkJxnOJVy
FzS/Q7LtUYrlT3RhSTgnQZ9ISFeZBdc27F++rz+k0v/iEhXyLRTEQJP054pUjQD5
vSznInXzVVypa9nQIP890934UiExo0n3kQhcSEW+Uci+pSjEL4TAD9KjTgoUWeud
oeHzGLd4toepUA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:29 2025 by rpki-client