Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
File: ZKDbECcDCCx8pVSrtbInYAGNVj8.mft (raw, json)
Hash identifier: XPugAzDN3b7GrB2P5aXSOw4gLEH71G+IKpMIPSH+M0Y=
Subject key identifier: 32:A4:06:90:70:C5:E8:15:4B:C3:E8:AD:0C:46:E5:73:00:57:3D:37
Authority key identifier: 64:A0:DB:10:27:03:08:2C:7C:A5:54:AB:B5:B2:27:60:01:8D:56:3F
Certificate issuer: /CN=64a0db102703082c7ca554abb5b22760018d563f
Certificate serial: 01964BC6C8B35F66F2BBBC9DCD3CD9E1DEF4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
Manifest number: 14FA
Signing time: Sat 19 Apr 2025 02:00:40 +0000
Manifest this update: Sat 19 Apr 2025 02:00:40 +0000
Manifest next update: Sun 20 Apr 2025 02:00:40 +0000
Files and hashes: 1: ZKDbECcDCCx8pVSrtbInYAGNVj8.crl (hash: YzfHwUD7GOWMWotrrRYepbIy4uWxt8XnxSDdcr53Cy8=)
2: tClIzpB8AXYvJfeCisA8HxpOd74.roa (hash: sXbqNinLjTETFbK42QOaktsLVCyYHDlotZvPtCRaxBU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 02:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4b:c6:c8:b3:5f:66:f2:bb:bc:9d:cd:3c:d9:e1:de:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a0db102703082c7ca554abb5b22760018d563f
Validity
Not Before: Apr 19 02:00:40 2025 GMT
Not After : Apr 20 02:00:40 2025 GMT
Subject: CN=32a4069070c5e8154bc3e8ad0c46e57300573d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:10:b5:a8:00:e4:03:70:3c:5b:9a:44:30:a9:
a6:2f:f8:60:f1:83:e1:17:8d:0e:62:f0:6e:ec:0f:
3d:0a:cd:d3:77:ee:4b:4d:25:96:68:b5:ac:a8:1e:
87:79:4c:40:38:4c:69:0f:b7:36:b7:c5:d6:72:e3:
3b:ec:85:ee:91:c1:ea:bf:27:97:25:df:96:6d:91:
00:7e:c7:a9:31:c0:37:7f:70:41:50:9e:7d:aa:76:
f7:2a:04:e2:8b:4e:ca:81:3d:4a:d0:2a:06:30:08:
4f:dd:db:d5:f4:9c:ca:c0:d9:9d:28:47:e1:f6:a9:
30:46:c6:62:44:d2:c0:fa:23:d3:8d:a4:71:26:7c:
d4:a9:94:3f:ca:53:99:c6:44:00:e3:44:80:ad:c5:
ac:bb:3c:94:30:bb:c6:b4:c7:22:1c:ce:93:83:ed:
c9:04:af:ff:28:21:c6:43:3b:ae:31:20:8a:d7:19:
45:35:1c:af:d7:1d:c2:8b:ba:f7:d4:0e:7c:0e:cd:
f3:48:89:49:d4:95:b2:30:c1:cb:46:f7:cb:d2:70:
0f:7f:39:91:d1:d0:a5:f1:67:67:ca:2e:97:30:3d:
26:9f:96:e1:25:e0:a5:d5:c9:79:17:18:4f:46:68:
c7:91:be:20:7f:c4:14:04:a6:ea:e8:ee:f7:36:43:
f6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A4:06:90:70:C5:E8:15:4B:C3:E8:AD:0C:46:E5:73:00:57:3D:37
X509v3 Authority Key Identifier:
keyid:64:A0:DB:10:27:03:08:2C:7C:A5:54:AB:B5:B2:27:60:01:8D:56:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:02:90:a4:71:a6:b6:39:8f:20:26:81:ae:17:81:ee:69:35:
51:7f:44:0e:60:01:29:08:a9:95:ea:66:5f:1a:e8:8a:e7:d6:
d2:b0:ad:65:6d:cf:ea:c3:84:bd:7b:46:13:37:ba:5e:27:d1:
37:be:e5:ff:aa:3e:8f:44:49:80:fe:de:42:31:2c:52:e2:1f:
55:82:48:5a:24:43:97:49:75:5b:36:03:a8:69:78:a0:1b:a8:
09:db:8b:9e:f8:aa:ff:5e:b3:34:97:06:8d:a2:de:32:1c:d4:
05:cb:7f:13:a9:b8:ec:cb:25:66:4b:cc:a9:ad:fd:b8:3a:0f:
92:42:7d:be:63:ca:93:de:b2:19:60:ff:ce:a1:ab:56:b2:47:
66:3a:01:08:04:b2:02:d6:c2:eb:2c:ea:fa:1b:1a:75:73:1b:
05:2e:db:30:53:08:82:c7:1e:24:c6:e6:06:b3:2a:33:e2:45:
b7:e3:fe:35:68:4f:46:1f:f3:13:de:b5:3b:08:c9:91:2b:97:
f8:35:cf:75:94:62:7b:6c:ec:fb:58:21:0a:26:2a:1e:ac:41:
3d:02:10:4c:d3:10:f6:96:b1:ec:e8:78:1f:80:90:26:63:6d:
09:d3:31:4b:f3:ec:3d:0c:c0:3c:76:40:be:2b:54:8d:a5:78:
c1:3e:8b:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLxsizX2byu7ydzTzZ4d70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTBkYjEwMjcwMzA4MmM3Y2E1NTRhYmI1YjIyNzYwMDE4
ZDU2M2YwHhcNMjUwNDE5MDIwMDQwWhcNMjUwNDIwMDIwMDQwWjAzMTEwLwYDVQQD
EygzMmE0MDY5MDcwYzVlODE1NGJjM2U4YWQwYzQ2ZTU3MzAwNTczZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRC1qADkA3A8W5pEMKmmL/hg8YPh
F40OYvBu7A89Cs3Td+5LTSWWaLWsqB6HeUxAOExpD7c2t8XWcuM77IXukcHqvyeX
Jd+WbZEAfsepMcA3f3BBUJ59qnb3KgTii07KgT1K0CoGMAhP3dvV9JzKwNmdKEfh
9qkwRsZiRNLA+iPTjaRxJnzUqZQ/ylOZxkQA40SArcWsuzyUMLvGtMciHM6Tg+3J
BK//KCHGQzuuMSCK1xlFNRyv1x3Ci7r31A58Ds3zSIlJ1JWyMMHLRvfL0nAPfzmR
0dCl8Wdnyi6XMD0mn5bhJeCl1cl5FxhPRmjHkb4gf8QUBKbq6O73NkP2UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKkBpBwxegVS8PorQxG5XMAVz03MB8GA1UdIwQY
MBaAFGSg2xAnAwgsfKVUq7WyJ2ABjVY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mOWEwMGEtODRlZS00N2EwLTllYTEt
ZjE3OWRiNWYwNGI2LzEvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mOWEwMGEtODRlZS00N2EwLTllYTEtZjE3OWRiNWYwNGI2
LzEvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArwKQpHGm
tjmPICaBrheB7mk1UX9EDmABKQiplepmXxroiufW0rCtZW3P6sOEvXtGEze6XifR
N77l/6o+j0RJgP7eQjEsUuIfVYJIWiRDl0l1WzYDqGl4oBuoCduLnviq/16zNJcG
jaLeMhzUBct/E6m47MslZkvMqa39uDoPkkJ9vmPKk96yGWD/zqGrVrJHZjoBCASy
AtbC6yzq+hsadXMbBS7bMFMIgsceJMbmBrMqM+JFt+P+NWhPRh/zE961OwjJkSuX
+DXPdZRie2zs+1ghCiYqHqxBPQIQTNMQ9pax7Oh4H4CQJmNtCdMxS/PsPQzAPHZA
vitUjaV4wT6LOw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:15:13 2025 by rpki-client