Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
File: l2aFR6QzND3em7NllbyQO08UlgQ.mft (raw, json)
Hash identifier: LCtXxCXyZ6e5ePh9uN5i/k90Qc3m6JAx/5+CPcXf+DA=
Subject key identifier: F8:C1:BB:2E:46:3C:0C:EC:F9:1D:80:BB:69:64:65:A6:CC:01:D0:DE
Authority key identifier: 97:66:85:47:A4:33:34:3D:DE:9B:B3:65:95:BC:90:3B:4F:14:96:04
Certificate issuer: /CN=97668547a433343dde9bb36595bc903b4f149604
Certificate serial: 019644B25B3928BB0FED1CC9F20E8E436722
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
Manifest number: 14FA
Signing time: Thu 17 Apr 2025 17:01:01 +0000
Manifest this update: Thu 17 Apr 2025 17:01:01 +0000
Manifest next update: Fri 18 Apr 2025 17:01:01 +0000
Files and hashes: 1: 4iS4euTiQtItVR9HBATrZ2d1jzs.roa (hash: Nz/wJMhE4IZvQI592qdr0LdN9YN/43igAFLk6lhCh5w=)
2: l2aFR6QzND3em7NllbyQO08UlgQ.crl (hash: TeF1cEH/vOyKYPC+ULTEVM91PXh6dQek4XzJgm925DI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:b2:5b:39:28:bb:0f:ed:1c:c9:f2:0e:8e:43:67:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97668547a433343dde9bb36595bc903b4f149604
Validity
Not Before: Apr 17 17:01:01 2025 GMT
Not After : Apr 18 17:01:01 2025 GMT
Subject: CN=f8c1bb2e463c0cecf91d80bb696465a6cc01d0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ff:8c:1d:3c:ac:7f:e0:d9:f1:9c:38:f3:32:
5b:13:52:4b:8f:9d:3c:b9:a2:c2:a0:23:8a:bc:e7:
ce:ff:09:44:df:8b:e3:6d:23:9e:db:d4:32:2c:8d:
7a:e4:2e:58:f0:18:94:a6:63:b3:6f:22:b5:5a:36:
11:2f:75:bb:91:4b:d7:24:98:79:87:12:2f:97:4f:
7a:89:98:58:3e:b2:e6:19:c8:cc:53:4b:72:2e:c8:
1b:98:c4:a6:95:e8:88:6d:fe:25:db:1f:9f:ff:a1:
ae:8a:f6:1c:68:38:30:f3:07:76:3e:a3:70:fd:08:
6a:b7:31:8d:c1:b9:c4:ae:62:87:97:b9:b1:25:bf:
f2:ff:14:f2:eb:04:48:f8:da:84:e1:31:9d:61:01:
3d:ad:81:c3:9a:54:97:68:64:4c:1b:1e:39:c3:74:
a1:d4:2d:6b:fe:bc:4d:03:5a:5a:43:a8:31:79:7e:
fd:fd:4a:0c:dd:01:79:ad:f3:0b:12:ca:1f:93:aa:
c0:00:f4:42:59:c4:5c:65:7c:71:2a:54:25:c8:96:
4c:7c:13:fe:d8:26:fd:c8:7f:1f:2b:6d:22:58:7b:
4b:0a:f3:84:f1:3b:b4:7a:b2:f1:9a:e0:b8:de:ec:
df:0e:be:52:06:cf:07:72:63:ed:d1:98:89:6e:73:
62:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C1:BB:2E:46:3C:0C:EC:F9:1D:80:BB:69:64:65:A6:CC:01:D0:DE
X509v3 Authority Key Identifier:
keyid:97:66:85:47:A4:33:34:3D:DE:9B:B3:65:95:BC:90:3B:4F:14:96:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:ea:3c:ed:ad:98:d9:64:71:fa:3a:cc:6d:6c:a3:24:f6:bb:
f0:0c:31:a4:91:b5:14:09:5e:61:59:64:22:34:31:e9:16:36:
28:1b:4c:b9:c7:84:b9:48:ed:f1:3b:24:20:d5:0b:7b:e5:d9:
d7:60:b6:03:f2:c2:fa:cf:d0:d1:af:5d:b0:2e:61:3a:94:33:
81:05:dd:81:f6:7c:70:51:57:23:a4:9a:69:8e:8f:ad:b7:eb:
b2:86:85:19:a5:a4:63:e2:d1:ba:b6:e1:bc:26:fe:a5:be:41:
ac:21:40:1e:d4:bd:49:75:2b:81:f7:c1:a1:9b:5e:9f:20:0a:
46:61:4a:93:a4:fd:88:e1:96:ea:8a:9f:40:5e:1d:75:cb:9c:
96:8c:7c:ae:7c:20:93:0a:18:fa:e5:69:69:0d:c9:34:70:fb:
3e:58:87:72:b2:9f:4e:a9:49:fa:38:c0:80:6b:53:fa:53:09:
5e:a6:fb:e3:19:ba:dd:16:cd:e8:bc:2d:6e:cb:cd:b6:fb:09:
63:d6:9b:68:95:34:f6:40:a2:56:84:4c:8e:50:4a:47:db:9f:
88:94:46:bf:a1:17:84:e1:c6:65:0a:88:35:7d:13:ab:74:a7:
d2:1b:2c:bf:c8:16:01:89:63:c7:3b:a7:62:05:93:ee:fd:d3:
7f:93:17:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEsls5KLsP7RzJ8g6OQ2ciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NjY4NTQ3YTQzMzM0M2RkZTliYjM2NTk1YmM5MDNiNGYx
NDk2MDQwHhcNMjUwNDE3MTcwMTAxWhcNMjUwNDE4MTcwMTAxWjAzMTEwLwYDVQQD
EyhmOGMxYmIyZTQ2M2MwY2VjZjkxZDgwYmI2OTY0NjVhNmNjMDFkMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv+MHTysf+DZ8Zw48zJbE1JLj508
uaLCoCOKvOfO/wlE34vjbSOe29QyLI165C5Y8BiUpmOzbyK1WjYRL3W7kUvXJJh5
hxIvl096iZhYPrLmGcjMU0tyLsgbmMSmleiIbf4l2x+f/6GuivYcaDgw8wd2PqNw
/QhqtzGNwbnErmKHl7mxJb/y/xTy6wRI+NqE4TGdYQE9rYHDmlSXaGRMGx45w3Sh
1C1r/rxNA1paQ6gxeX79/UoM3QF5rfMLEsofk6rAAPRCWcRcZXxxKlQlyJZMfBP+
2Cb9yH8fK20iWHtLCvOE8Tu0erLxmuC43uzfDr5SBs8HcmPt0ZiJbnNiXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjBuy5GPAzs+R2Au2lkZabMAdDeMB8GA1UdIwQY
MBaAFJdmhUekMzQ93puzZZW8kDtPFJYEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS85NzhjMmUtMWI3Ni00OGIwLWE2MDMt
NjRjMWMyNzljY2MwLzEvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS85NzhjMmUtMWI3Ni00OGIwLWE2MDMtNjRjMWMyNzljY2Mw
LzEvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOeo87a2Y
2WRx+jrMbWyjJPa78AwxpJG1FAleYVlkIjQx6RY2KBtMuceEuUjt8TskINULe+XZ
12C2A/LC+s/Q0a9dsC5hOpQzgQXdgfZ8cFFXI6SaaY6PrbfrsoaFGaWkY+LRurbh
vCb+pb5BrCFAHtS9SXUrgffBoZtenyAKRmFKk6T9iOGW6oqfQF4ddcuclox8rnwg
kwoY+uVpaQ3JNHD7PliHcrKfTqlJ+jjAgGtT+lMJXqb74xm63RbN6LwtbsvNtvsJ
Y9abaJU09kCiVoRMjlBKR9ufiJRGv6EXhOHGZQqINX0Tq3Sn0hssv8gWAYljxzun
YgWT7v3Tf5MXpA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:32 2025 by rpki-client