Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.mft
File: iKeAc4uFOs_7q9sjkUxQ42Qh93M.mft (raw, json)
Hash identifier: 7rTlxzOH/QCqzOHxP91PyBO0h+DKau8GFbI43jIJNsw=
Subject key identifier: 8C:80:CD:42:02:42:78:D7:13:40:65:E3:58:20:24:0E:2E:C0:5D:DD
Authority key identifier: 88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
Certificate issuer: /CN=88a780738b853acffbabdb23914c50e36421f773
Certificate serial: 01965236E2F648CDCB6BCF064E5F0458774F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.mft
Manifest number: 14FE
Signing time: Sun 20 Apr 2025 08:00:50 +0000
Manifest this update: Sun 20 Apr 2025 08:00:50 +0000
Manifest next update: Mon 21 Apr 2025 08:00:50 +0000
Files and hashes: 1: 0JBSKBByojNYZjOoZlphUB11hQs.roa (hash: 9bDpXvSUlNPWWMoYaJSQ0SO0EuZKnPkwfl5l8GKFytk=)
2: aKf7cpyzNQSyfw8b7-Pr38WCYnc.roa (hash: oRGD5ClevpyjAOYjV/aBq4YhQP42jPwVRjMhzooXQlg=)
3: iKeAc4uFOs_7q9sjkUxQ42Qh93M.crl (hash: M2vbHnxmlyElIV2kMYm+y9TwhRs4cW6ahO0PAm6dSpA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.mft
rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:36:e2:f6:48:cd:cb:6b:cf:06:4e:5f:04:58:77:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a780738b853acffbabdb23914c50e36421f773
Validity
Not Before: Apr 20 08:00:50 2025 GMT
Not After : Apr 21 08:00:50 2025 GMT
Subject: CN=8c80cd42024278d7134065e35820240e2ec05ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:38:48:76:34:ff:aa:94:61:ec:21:c8:06:31:
cf:20:de:f8:86:5d:7f:29:10:e5:ac:de:11:26:1a:
64:0e:8b:f7:41:7d:c9:52:07:4f:0e:ed:4d:45:0c:
c4:dd:79:d1:1c:4c:df:c5:6f:6f:2d:fd:c8:3f:90:
df:70:fd:24:c5:cc:84:f0:c1:b5:f4:79:72:1d:8e:
42:be:e8:f3:01:b2:3d:57:78:66:e5:4e:97:5a:80:
c7:3d:af:51:f6:ce:18:99:49:b7:94:21:10:0e:b7:
04:8c:56:c6:2a:8f:5b:bf:e6:42:ad:1f:16:ba:9d:
6f:7f:5b:ce:6b:fc:e1:2c:2a:77:78:47:c7:7a:d3:
0c:cd:df:99:77:5d:4a:ea:0f:73:b1:62:8b:4a:4e:
6d:a2:b0:ed:62:bd:07:2d:4c:94:7e:bf:1e:5a:10:
1c:5c:8e:95:b5:11:03:ee:fa:31:cb:77:c7:7c:38:
67:24:8b:8e:a2:de:72:6d:80:33:e9:d9:09:f3:ce:
8c:a2:7b:7e:76:03:5c:02:9f:b4:2e:41:f5:58:f1:
f0:c5:27:a0:27:ee:c9:a1:17:31:ee:9a:b2:9c:14:
58:16:35:ff:5d:50:01:e7:6d:31:94:79:eb:c7:cc:
f8:0a:3a:35:31:d9:6d:86:02:26:f5:bd:05:48:b5:
cf:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:80:CD:42:02:42:78:D7:13:40:65:E3:58:20:24:0E:2E:C0:5D:DD
X509v3 Authority Key Identifier:
keyid:88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:59:d2:17:e0:3a:74:49:bb:f4:27:db:05:5a:2e:16:f6:93:
a3:d2:c7:99:b9:82:2a:f5:03:b3:20:4e:47:8d:3d:a2:24:8a:
cf:86:40:97:29:86:76:a0:2c:28:b3:f1:89:84:92:e5:9b:bd:
27:e6:4d:ba:e5:dd:e4:72:35:18:18:c7:db:0a:c9:b0:f3:55:
ef:b0:05:19:11:33:78:61:86:f0:f2:59:a6:1b:fd:2e:ae:af:
14:0e:7e:0a:bd:8d:2e:c3:ff:bb:f3:8e:1e:e8:e6:37:42:e7:
c2:fa:b6:93:01:f5:2a:77:09:37:34:e8:a4:00:f3:6f:9e:d9:
2f:69:bc:25:4a:b8:6e:34:05:a3:63:25:11:78:c7:58:49:7e:
9b:ed:ab:46:93:38:c7:81:cf:3e:ee:4e:69:db:39:ac:b4:ca:
0a:19:2d:94:01:2f:4b:24:c0:ab:3e:81:9d:d7:dd:8b:f8:d5:
08:d5:11:d8:9c:3a:fc:1e:90:52:58:22:21:63:1c:22:ba:5a:
56:b4:62:79:12:fc:04:44:ac:ee:c5:b5:bc:62:9f:d7:b9:c9:
16:0a:9f:1d:98:d4:15:e2:17:32:24:6d:c2:e8:7b:ee:37:1a:
80:89:ea:6e:95:0c:a8:8e:08:0c:4c:a5:ce:32:fb:ff:9f:be:
a2:60:c1:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSNuL2SM3La88GTl8EWHdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTc4MDczOGI4NTNhY2ZmYmFiZGIyMzkxNGM1MGUzNjQy
MWY3NzMwHhcNMjUwNDIwMDgwMDUwWhcNMjUwNDIxMDgwMDUwWjAzMTEwLwYDVQQD
Eyg4YzgwY2Q0MjAyNDI3OGQ3MTM0MDY1ZTM1ODIwMjQwZTJlYzA1ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzhIdjT/qpRh7CHIBjHPIN74hl1/
KRDlrN4RJhpkDov3QX3JUgdPDu1NRQzE3XnRHEzfxW9vLf3IP5DfcP0kxcyE8MG1
9HlyHY5CvujzAbI9V3hm5U6XWoDHPa9R9s4YmUm3lCEQDrcEjFbGKo9bv+ZCrR8W
up1vf1vOa/zhLCp3eEfHetMMzd+Zd11K6g9zsWKLSk5torDtYr0HLUyUfr8eWhAc
XI6VtRED7voxy3fHfDhnJIuOot5ybYAz6dkJ886Mont+dgNcAp+0LkH1WPHwxSeg
J+7JoRcx7pqynBRYFjX/XVAB520xlHnrx8z4Cjo1MdlthgIm9b0FSLXPewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyAzUICQnjXE0Bl41ggJA4uwF3dMB8GA1UdIwQY
MBaAFIingHOLhTrP+6vbI5FMUONkIfdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtlQWM0dUZPc183cTlzamtVeFE0MlFoOTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iODk3MDQtNGZkMi00ZTA3LWEwMzkt
NjZmNTZlZjljZTI2LzEvaUtlQWM0dUZPc183cTlzamtVeFE0MlFoOTNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iODk3MDQtNGZkMi00ZTA3LWEwMzktNjZmNTZlZjljZTI2
LzEvaUtlQWM0dUZPc183cTlzamtVeFE0MlFoOTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQFnSF+A6
dEm79CfbBVouFvaTo9LHmbmCKvUDsyBOR409oiSKz4ZAlymGdqAsKLPxiYSS5Zu9
J+ZNuuXd5HI1GBjH2wrJsPNV77AFGREzeGGG8PJZphv9Lq6vFA5+Cr2NLsP/u/OO
HujmN0Lnwvq2kwH1KncJNzTopADzb57ZL2m8JUq4bjQFo2MlEXjHWEl+m+2rRpM4
x4HPPu5Oads5rLTKChktlAEvSyTAqz6Bndfdi/jVCNUR2Jw6/B6QUlgiIWMcIrpa
VrRieRL8BESs7sW1vGKf17nJFgqfHZjUFeIXMiRtwuh77jcagInqbpUMqI4IDEyl
zjL7/5++omDBIQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:08 2025 by rpki-client