Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: bJDQrlMI+xMnWQFAVr0xSadhhco1EvOPg+jBxSwZ8Z4=
Subject key identifier: 74:36:54:49:0B:F6:36:C1:C0:1E:95:72:AC:F5:F0:5B:13:FB:2B:B0
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 019658A6A950AA4D5E88CB4EAE9C4F1268D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 1153
Signing time: Mon 21 Apr 2025 14:00:39 +0000
Manifest this update: Mon 21 Apr 2025 14:00:39 +0000
Manifest next update: Tue 22 Apr 2025 14:00:39 +0000
Files and hashes: 1: SALrx8y5x39WJ8efwGiimpmg788.roa (hash: CtpmQiaYAVz0sehGOLMPmKtW82021GvqOFqhQ5ojIPI=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: eYCXaKzGrp7UppZstzdtNl1A3o+bnE+0MmlO069WX3Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:a6:a9:50:aa:4d:5e:88:cb:4e:ae:9c:4f:12:68:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Apr 21 14:00:39 2025 GMT
Not After : Apr 22 14:00:39 2025 GMT
Subject: CN=743654490bf636c1c01e9572acf5f05b13fb2bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:53:72:ea:5d:44:f9:9b:ce:37:85:db:52:fe:
88:bd:1d:29:58:a0:2f:fc:8e:4d:7c:49:a6:f5:0e:
7d:fb:36:a3:8a:36:9d:91:7d:bb:d7:b8:db:30:02:
50:32:56:04:ab:f4:47:8a:f5:9a:62:d3:27:93:3f:
f5:24:a1:03:64:c9:a9:82:04:54:da:27:65:31:ca:
85:2d:b7:9a:0f:fb:cc:92:0a:7d:61:a9:21:36:00:
93:26:05:a3:76:31:6a:a4:08:34:67:a7:5b:d8:5f:
ba:78:7a:05:61:96:3e:2f:e7:d0:78:cf:ff:c4:97:
b2:c4:97:79:31:39:b0:28:29:48:4d:a2:d8:b8:e5:
79:bf:ee:02:12:32:4d:98:a4:d9:ca:98:c8:86:4c:
30:0e:2e:ce:02:6c:50:e5:93:f8:bd:8a:ea:b6:7d:
79:a0:5a:5c:83:30:6e:af:66:3e:f4:68:91:19:58:
7a:40:1b:eb:a0:22:6d:1f:84:6b:57:a4:5d:3a:48:
89:9e:21:c4:eb:8b:fa:cc:b6:0c:31:40:2e:71:d3:
dc:ce:87:38:fe:69:89:80:f3:c6:b6:dc:ec:60:50:
13:4c:04:45:57:6e:f3:3d:21:7c:d3:a9:fc:68:51:
eb:49:24:5e:f2:4d:fd:6f:9b:af:7e:8f:e6:ee:da:
64:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:36:54:49:0B:F6:36:C1:C0:1E:95:72:AC:F5:F0:5B:13:FB:2B:B0
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:89:0e:67:18:4f:3e:e8:fb:13:30:ff:d3:7b:e7:c8:6c:fa:
cb:f0:5e:ae:6c:a0:8d:4c:bd:6d:9e:da:39:15:1c:13:44:fb:
45:a6:1c:35:b8:01:d8:a1:f7:49:16:8d:31:c5:c3:9b:57:54:
9d:72:41:51:b7:9d:69:72:c9:ff:54:8e:bb:ce:00:57:00:ef:
36:7e:b9:5f:31:d7:c7:00:66:1f:37:a3:8e:55:35:9d:68:0d:
db:1b:60:3c:cd:c2:97:c5:85:f7:ae:fb:80:68:6a:e1:19:37:
eb:0c:c1:b0:4f:cf:c9:4c:e6:af:a1:2b:29:09:02:4e:1f:0f:
d8:9e:46:bd:ac:fe:0f:f4:d6:d4:76:e1:56:ce:21:b0:b2:b7:
dc:65:3c:e4:95:4a:0c:c3:6f:65:67:90:b2:81:f7:8c:39:da:
16:6b:16:70:20:c7:07:00:c0:23:b1:e1:4c:21:b1:01:ad:ac:
f6:5a:1e:4f:88:39:83:41:f4:d9:93:28:20:03:1b:8b:a0:5c:
e8:40:2b:c6:f8:58:8c:57:3b:1c:e5:55:fe:8a:9e:dc:2d:19:
a6:bd:7b:cf:2b:b8:1a:a8:0f:d2:b8:dc:3d:d8:4a:ce:e2:52:
c5:83:64:a2:ac:77:a9:2a:42:79:b4:fc:a6:c3:a2:4b:9c:eb:
05:75:23:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYpqlQqk1eiMtOrpxPEmjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjUwNDIxMTQwMDM5WhcNMjUwNDIyMTQwMDM5WjAzMTEwLwYDVQQD
Eyg3NDM2NTQ0OTBiZjYzNmMxYzAxZTk1NzJhY2Y1ZjA1YjEzZmIyYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VNy6l1E+ZvON4XbUv6IvR0pWKAv
/I5NfEmm9Q59+zajijadkX2717jbMAJQMlYEq/RHivWaYtMnkz/1JKEDZMmpggRU
2idlMcqFLbeaD/vMkgp9YakhNgCTJgWjdjFqpAg0Z6db2F+6eHoFYZY+L+fQeM//
xJeyxJd5MTmwKClITaLYuOV5v+4CEjJNmKTZypjIhkwwDi7OAmxQ5ZP4vYrqtn15
oFpcgzBur2Y+9GiRGVh6QBvroCJtH4RrV6RdOkiJniHE64v6zLYMMUAucdPczoc4
/mmJgPPGttzsYFATTARFV27zPSF806n8aFHrSSRe8k39b5uvfo/m7tpklQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQ2VEkL9jbBwB6Vcqz18FsT+yuwMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd4kOZxhP
Puj7EzD/03vnyGz6y/BermygjUy9bZ7aORUcE0T7RaYcNbgB2KH3SRaNMcXDm1dU
nXJBUbedaXLJ/1SOu84AVwDvNn65XzHXxwBmHzejjlU1nWgN2xtgPM3Cl8WF9677
gGhq4Rk36wzBsE/PyUzmr6ErKQkCTh8P2J5Gvaz+D/TW1HbhVs4hsLK33GU85JVK
DMNvZWeQsoH3jDnaFmsWcCDHBwDAI7HhTCGxAa2s9loeT4g5g0H02ZMoIAMbi6Bc
6EArxvhYjFc7HOVV/oqe3C0Zpr17zyu4GqgP0rjcPdhKzuJSxYNkoqx3qSpCebT8
psOiS5zrBXUj8g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:07 2025 by rpki-client