Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
File: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft (raw, json)
Hash identifier: hMfyS3keWahFY3dTI5sBwR0a6T4HcuremFEv3Xp1Xlo=
Subject key identifier: 52:4B:28:FE:C9:81:5A:6C:95:A1:E7:5F:6C:FC:F9:BD:E1:FA:4D:14
Authority key identifier: 30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
Certificate issuer: /CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Certificate serial: 01964D4770CBED9CF2923FD1EC23790608B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
Manifest number: 14FA
Signing time: Sat 19 Apr 2025 09:00:49 +0000
Manifest this update: Sat 19 Apr 2025 09:00:49 +0000
Manifest next update: Sun 20 Apr 2025 09:00:49 +0000
Files and hashes: 1: 9iuKUiRNNk0yJqP9x1MG2I_7d9s.roa (hash: OJC+CIaFp/mpbSmO0wI1lGEv8Ek7U6QE2MP4Wm3PDaM=)
2: MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl (hash: Cv3S33DC6bfQo4gSJRtD59qzq7xQ0Z9K1itbQilXdAg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:47:70:cb:ed:9c:f2:92:3f:d1:ec:23:79:06:08:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f90d2520ad619ac3060b39fbd2c204e29a2a14
Validity
Not Before: Apr 19 09:00:49 2025 GMT
Not After : Apr 20 09:00:49 2025 GMT
Subject: CN=524b28fec9815a6c95a1e75f6cfcf9bde1fa4d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e9:1b:86:fd:fa:8f:52:ce:99:71:1c:12:9c:
ff:ed:d2:69:ac:4b:ca:25:ef:0a:e0:5e:17:24:10:
c2:e1:84:e3:d4:77:51:81:b9:fc:80:91:dc:04:a7:
db:dc:7e:10:dc:58:18:1b:e4:f1:f3:34:3f:0d:5d:
e4:d7:e4:ab:ca:d5:01:1f:13:b3:62:07:98:03:fb:
9a:b4:23:49:31:37:54:d0:e8:38:0a:d9:a8:a1:fe:
db:58:7f:e6:98:41:7a:64:0f:9f:3a:96:bc:b0:8b:
bf:fc:a2:2a:47:60:86:bc:16:97:f1:67:53:a0:77:
93:ef:1b:6e:1b:0b:ee:10:d5:10:87:68:fb:5b:05:
01:4d:4a:8e:2a:69:5a:d3:34:21:fb:7f:a7:5d:7c:
25:48:b6:10:e0:0e:ef:bf:55:f6:66:ab:c2:34:54:
7f:d5:2a:b1:f9:34:cc:04:1e:9d:77:1c:06:e3:34:
00:32:25:a2:fa:0c:a5:fc:fc:f2:40:06:6a:d6:eb:
9d:f7:16:ba:4f:2a:56:c5:2a:a8:9e:e0:8b:f5:3e:
05:66:81:0a:1b:07:a9:17:e6:09:17:3b:6e:13:61:
7b:fe:cc:36:07:bd:db:77:1b:6a:46:bc:4d:c6:fc:
b5:c4:b0:4d:50:66:02:59:80:a0:82:c4:f9:70:10:
18:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4B:28:FE:C9:81:5A:6C:95:A1:E7:5F:6C:FC:F9:BD:E1:FA:4D:14
X509v3 Authority Key Identifier:
keyid:30:F9:0D:25:20:AD:61:9A:C3:06:0B:39:FB:D2:C2:04:E2:9A:2A:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/db5101-015c-40c5-905b-657b3a7d9676/1/MPkNJSCtYZrDBgs5-9LCBOKaKhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:0b:67:18:15:7f:d9:68:32:06:73:e0:2c:d3:06:6b:e2:5d:
89:4f:c5:7d:29:17:10:51:62:2b:6e:dd:e3:e2:a3:f1:fb:8b:
5a:cd:d6:3c:4f:03:ab:28:94:2a:83:ed:50:87:7f:3e:72:16:
a1:a3:11:57:ab:60:c3:77:b2:99:0c:0f:bd:0a:5a:f4:6f:60:
2d:c6:db:3a:14:13:6a:94:ba:cc:f8:aa:fe:bf:5b:45:ba:d9:
5b:a0:83:5a:34:4a:eb:71:3f:7a:c8:ad:13:e4:4e:3b:3d:22:
e4:d6:ff:7b:fd:dc:c0:e5:b9:9c:3b:a4:4b:05:3b:b7:cb:d7:
87:c8:fd:de:7d:14:80:48:28:b0:44:98:c1:9c:64:2d:f2:bc:
25:85:e9:be:c0:b5:6e:d4:b8:39:88:1d:99:d7:e2:6b:8f:aa:
73:13:ec:7f:2b:ac:55:c4:1d:0b:80:dd:8d:65:cb:61:92:fb:
73:80:17:48:64:9a:47:f7:23:00:ff:41:8f:5e:dc:0c:05:b8:
18:e5:b8:b7:2d:79:44:fc:44:60:b3:57:00:2f:ed:4c:0d:b2:
ad:16:ed:c4:f7:cc:74:fc:36:30:b5:6c:5a:02:fa:4b:e5:6b:
83:32:37:99:5c:c2:d6:07:5a:fd:d2:60:f9:67:ae:1d:5d:49:
70:18:56:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNR3DL7Zzykj/R7CN5Bgi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjkwZDI1MjBhZDYxOWFjMzA2MGIzOWZiZDJjMjA0ZTI5
YTJhMTQwHhcNMjUwNDE5MDkwMDQ5WhcNMjUwNDIwMDkwMDQ5WjAzMTEwLwYDVQQD
Eyg1MjRiMjhmZWM5ODE1YTZjOTVhMWU3NWY2Y2ZjZjliZGUxZmE0ZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+kbhv36j1LOmXEcEpz/7dJprEvK
Je8K4F4XJBDC4YTj1HdRgbn8gJHcBKfb3H4Q3FgYG+Tx8zQ/DV3k1+SrytUBHxOz
YgeYA/uatCNJMTdU0Og4Ctmoof7bWH/mmEF6ZA+fOpa8sIu//KIqR2CGvBaX8WdT
oHeT7xtuGwvuENUQh2j7WwUBTUqOKmla0zQh+3+nXXwlSLYQ4A7vv1X2ZqvCNFR/
1Sqx+TTMBB6ddxwG4zQAMiWi+gyl/PzyQAZq1uud9xa6TypWxSqonuCL9T4FZoEK
GwepF+YJFztuE2F7/sw2B73bdxtqRrxNxvy1xLBNUGYCWYCggsT5cBAYEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJLKP7JgVpslaHnX2z8+b3h+k0UMB8GA1UdIwQY
MBaAFDD5DSUgrWGawwYLOfvSwgTimioUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWIt
NjU3YjNhN2Q5Njc2LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kYjUxMDEtMDE1Yy00MGM1LTkwNWItNjU3YjNhN2Q5Njc2
LzEvTVBrTkpTQ3RZWnJEQmdzNS05TENCT0thS2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALwtnGBV/
2WgyBnPgLNMGa+JdiU/FfSkXEFFiK27d4+Kj8fuLWs3WPE8DqyiUKoPtUId/PnIW
oaMRV6tgw3eymQwPvQpa9G9gLcbbOhQTapS6zPiq/r9bRbrZW6CDWjRK63E/esit
E+ROOz0i5Nb/e/3cwOW5nDukSwU7t8vXh8j93n0UgEgosESYwZxkLfK8JYXpvsC1
btS4OYgdmdfia4+qcxPsfyusVcQdC4DdjWXLYZL7c4AXSGSaR/cjAP9Bj17cDAW4
GOW4ty15RPxEYLNXAC/tTA2yrRbtxPfMdPw2MLVsWgL6S+VrgzI3mVzC1gda/dJg
+WeuHV1JcBhWkw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:21:37 2025 by rpki-client