Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
File: qMbzkzUMd1mMEhrNPJL3BIV274k.mft (raw, json)
Hash identifier: leJ5mHTYb8G7jywe7c1CX2RExKJvrrX5HvlkGdqp0rM=
Subject key identifier: 24:18:18:4F:97:A0:1E:64:A6:53:B2:91:EA:05:56:DE:8A:D2:98:B2
Authority key identifier: A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
Certificate issuer: /CN=a8c6f393350c77598c121acd3c92f7048576ef89
Certificate serial: 019655378D1DF4A7FDEEB790BFF752CD13AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
Manifest number: 0C34
Signing time: Sun 20 Apr 2025 22:00:26 +0000
Manifest this update: Sun 20 Apr 2025 22:00:26 +0000
Manifest next update: Mon 21 Apr 2025 22:00:26 +0000
Files and hashes: 1: eOh7otVHHrYHGXBG7XugLjFkG3I.roa (hash: jBij6Zpdi8PdzGdFEr+QptijCvWCfUOl+3jki1c2vMs=)
2: lCDqNprGOb5vTF01oJ8hwQqZCRE.roa (hash: mFZkrlVA4mVLiefirb6z2hXCAJmumM9YtxbYwU/yy10=)
3: qMbzkzUMd1mMEhrNPJL3BIV274k.crl (hash: ZUBmdSICexVvX090uavursMRXh0iyYJzejRKcpa1IjA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 22:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:37:8d:1d:f4:a7:fd:ee:b7:90:bf:f7:52:cd:13:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8c6f393350c77598c121acd3c92f7048576ef89
Validity
Not Before: Apr 20 22:00:26 2025 GMT
Not After : Apr 21 22:00:26 2025 GMT
Subject: CN=2418184f97a01e64a653b291ea0556de8ad298b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cb:9d:65:e0:82:8f:cb:d8:6d:45:17:a6:fb:
66:59:26:f1:46:9c:08:f0:32:7f:3a:73:2e:fd:8b:
48:5e:43:7c:6c:9e:9e:26:47:06:d0:3d:43:79:76:
30:78:49:14:c8:ab:58:5c:45:04:ca:91:c1:62:a1:
dc:f5:46:62:63:47:9e:2e:c4:3a:e8:6f:f2:88:f7:
1d:59:df:fe:b8:e9:3e:5d:b5:77:d4:37:48:ea:dd:
1d:a2:71:12:3e:eb:bd:91:52:ea:19:13:4e:b2:7c:
1e:85:86:f7:3b:e5:fa:5d:85:4f:36:40:96:23:3a:
86:90:1d:c0:56:fd:5b:c2:12:e3:74:04:4a:a4:37:
9d:a1:ef:be:e9:52:3c:60:5a:5a:66:b7:7a:42:0c:
55:7d:30:c9:45:99:5a:da:d8:76:4c:47:f6:42:d0:
b5:ca:10:22:f3:b2:34:83:8e:8e:e1:4d:a8:6f:a2:
0a:93:ce:66:18:a4:0a:a6:9b:02:5a:68:b1:49:37:
11:3a:1d:d9:0a:4e:20:04:ed:52:0b:cd:a6:9c:4c:
53:ea:99:d2:41:a8:77:ef:6d:95:ba:cc:07:e0:d1:
66:28:fb:0e:8b:fd:45:c5:c8:28:1f:30:b3:bf:01:
13:ba:0e:b0:3c:96:8b:d6:a0:37:60:6b:1d:61:ea:
70:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:18:18:4F:97:A0:1E:64:A6:53:B2:91:EA:05:56:DE:8A:D2:98:B2
X509v3 Authority Key Identifier:
keyid:A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:6d:e7:71:f1:da:df:e4:1d:e8:02:ca:e2:bc:6e:6b:68:92:
93:81:55:7c:2f:e8:fe:8a:87:7b:a9:e3:e5:4b:5b:95:3b:59:
ef:47:06:0a:0b:af:5f:6a:d7:de:ee:08:fd:be:50:1b:ac:ca:
39:3c:a0:1e:3c:e8:5a:28:a3:4d:9c:f7:ea:90:b2:18:86:a6:
60:e2:39:b5:c4:b2:78:71:5f:a3:90:f6:24:0d:ff:90:a2:56:
36:9e:5d:a7:21:c6:14:6e:e9:d4:2a:6a:d0:e6:f2:c9:32:27:
8a:97:dc:ea:c7:2b:23:39:7a:59:0a:66:08:70:7c:54:05:22:
7b:3e:77:b2:2e:00:97:d6:cb:08:fa:dd:7a:86:e4:00:7c:19:
d9:db:66:59:66:c8:8a:68:f9:ed:09:32:1f:38:40:21:4d:fe:
bb:b0:6f:2b:b8:81:23:14:dc:46:22:f9:e4:8f:c1:7b:af:ce:
61:81:95:d3:90:1d:c3:c1:96:4c:c9:6c:2e:bd:c3:71:11:fd:
b5:0a:93:55:41:72:39:67:90:1c:7f:d6:02:cb:55:ba:d7:1e:
38:78:55:74:81:e9:7e:7e:f8:2b:13:85:dd:52:0f:69:c3:61:
cf:b1:17:86:e9:c3:09:c2:72:cf:58:7e:9d:80:e7:52:02:37:
d4:e1:7f:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN40d9Kf97reQv/dSzROuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YzZmMzkzMzUwYzc3NTk4YzEyMWFjZDNjOTJmNzA0ODU3
NmVmODkwHhcNMjUwNDIwMjIwMDI2WhcNMjUwNDIxMjIwMDI2WjAzMTEwLwYDVQQD
EygyNDE4MTg0Zjk3YTAxZTY0YTY1M2IyOTFlYTA1NTZkZThhZDI5OGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sudZeCCj8vYbUUXpvtmWSbxRpwI
8DJ/OnMu/YtIXkN8bJ6eJkcG0D1DeXYweEkUyKtYXEUEypHBYqHc9UZiY0eeLsQ6
6G/yiPcdWd/+uOk+XbV31DdI6t0donESPuu9kVLqGRNOsnwehYb3O+X6XYVPNkCW
IzqGkB3AVv1bwhLjdARKpDedoe++6VI8YFpaZrd6QgxVfTDJRZla2th2TEf2QtC1
yhAi87I0g46O4U2ob6IKk85mGKQKppsCWmixSTcROh3ZCk4gBO1SC82mnExT6pnS
Qah3722VuswH4NFmKPsOi/1FxcgoHzCzvwETug6wPJaL1qA3YGsdYepw0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQYGE+XoB5kplOykeoFVt6K0piyMB8GA1UdIwQY
MBaAFKjG85M1DHdZjBIazTyS9wSFdu+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3Nzct
YzZiY2EwMWIyZmY4LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4
LzEvcU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh23ncfHa
3+Qd6ALK4rxua2iSk4FVfC/o/oqHe6nj5UtblTtZ70cGCguvX2rX3u4I/b5QG6zK
OTygHjzoWiijTZz36pCyGIamYOI5tcSyeHFfo5D2JA3/kKJWNp5dpyHGFG7p1Cpq
0ObyyTInipfc6scrIzl6WQpmCHB8VAUiez53si4Al9bLCPrdeobkAHwZ2dtmWWbI
imj57QkyHzhAIU3+u7BvK7iBIxTcRiL55I/Be6/OYYGV05Adw8GWTMlsLr3DcRH9
tQqTVUFyOWeQHH/WAstVutceOHhVdIHpfn74KxOF3VIPacNhz7EXhunDCcJyz1h+
nYDnUgI31OF/kQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:07 2025 by rpki-client