Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: zcf5DtjbhLLHbvWFpEOBoB5w2d58PLt5tKJ5k5s+x8Q=
Subject key identifier: 85:C3:88:68:70:0F:5C:EF:0C:EA:7A:B6:B2:EB:21:BA:DE:36:AC:E8
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 0196507F565E078FD8B99CBB668ECE6761E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 0142
Signing time: Sun 20 Apr 2025 00:00:44 +0000
Manifest this update: Sun 20 Apr 2025 00:00:44 +0000
Manifest next update: Mon 21 Apr 2025 00:00:44 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: +HP2aM+3XauOEGvPDANsI5P1CN6b4qPAqMQvwMshG2o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:50:7f:56:5e:07:8f:d8:b9:9c:bb:66:8e:ce:67:61:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Apr 20 00:00:44 2025 GMT
Not After : Apr 21 00:00:44 2025 GMT
Subject: CN=85c38868700f5cef0cea7ab6b2eb21bade36ace8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:33:09:93:5c:21:87:7d:92:81:0a:e5:c6:04:
67:53:80:b5:b9:57:62:02:1e:4d:d9:f7:a1:3b:c8:
6f:32:ac:f6:cc:e5:c5:36:8d:e7:ce:0e:64:71:d2:
a9:af:d8:0b:19:b5:22:5e:43:0f:68:70:ff:0a:73:
e2:a2:cd:49:db:ec:f7:32:c2:eb:6b:00:6b:94:57:
05:1b:9f:97:45:a8:f3:2b:6e:a9:98:99:01:3a:42:
5b:08:44:14:fe:7c:17:c4:18:16:1e:2e:7b:b1:31:
8c:70:c5:4e:5f:03:1d:9b:6d:7e:a8:d2:b0:65:0d:
75:91:e3:02:4d:9a:d7:14:57:e3:aa:5e:5f:38:ec:
b3:19:01:a7:c0:be:b6:ea:52:f1:cd:f2:98:ff:e4:
ce:6a:63:3f:a2:d6:05:b4:05:84:82:c8:d8:9c:4f:
0f:34:d3:41:1a:62:eb:fa:da:15:99:9c:ff:60:e7:
4f:4d:dc:30:3b:e4:0f:7a:3f:1f:c1:e0:f4:10:a1:
7d:99:0d:85:35:7d:29:02:1e:cc:37:2f:7f:e1:f7:
b1:cc:46:50:87:50:8b:4d:0f:74:1d:fe:ac:c1:21:
d3:b6:cd:a5:b5:82:d7:8e:f7:5b:38:29:ce:19:0e:
c2:49:22:ac:9e:e5:55:03:f6:61:37:75:ec:f1:b5:
cc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C3:88:68:70:0F:5C:EF:0C:EA:7A:B6:B2:EB:21:BA:DE:36:AC:E8
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:f9:e9:6e:60:34:f6:f7:64:1a:5a:3a:52:64:14:75:af:58:
b2:a3:ae:a5:d4:3e:7d:73:8f:9a:9f:4a:00:4b:9b:76:c2:ca:
cf:15:c0:1a:1c:2c:91:d4:c0:90:72:0c:a5:ae:96:1d:90:af:
ce:9c:d3:d4:dc:54:60:02:95:e2:8e:a1:ab:02:99:13:a0:0f:
82:45:10:a0:12:08:09:6b:2b:32:c7:74:e1:f5:87:1e:b6:65:
7c:a8:ee:dc:f9:75:d0:ad:b1:98:c7:7c:80:14:35:52:e5:41:
d4:dd:c8:8f:1c:89:78:dc:75:47:c9:80:02:f2:f0:57:db:22:
75:5b:16:6f:b3:40:93:d2:01:8b:79:1d:fa:97:3e:52:14:41:
f0:a6:e9:87:0a:fb:00:ab:05:57:95:e1:b0:00:07:44:cc:03:
e5:62:33:b2:39:50:f0:bd:ea:f2:d6:74:7a:e5:23:dd:3e:0a:
83:ba:31:49:da:09:01:e3:83:e8:54:d0:fc:36:06:46:42:29:
f7:eb:7c:7e:0b:14:e6:dc:f2:ba:13:f0:c5:04:1e:f7:ca:8f:
3f:53:e0:bb:c8:1a:04:d9:e2:ef:fe:44:85:9a:94:90:00:7e:
f5:7c:d3:fb:75:0a:82:85:e5:05:38:06:63:1e:47:84:44:67:
bf:42:ef:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQf1ZeB4/YuZy7Zo7OZ2HnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUwNDIwMDAwMDQ0WhcNMjUwNDIxMDAwMDQ0WjAzMTEwLwYDVQQD
Eyg4NWMzODg2ODcwMGY1Y2VmMGNlYTdhYjZiMmViMjFiYWRlMzZhY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TMJk1whh32SgQrlxgRnU4C1uVdi
Ah5N2fehO8hvMqz2zOXFNo3nzg5kcdKpr9gLGbUiXkMPaHD/CnPios1J2+z3MsLr
awBrlFcFG5+XRajzK26pmJkBOkJbCEQU/nwXxBgWHi57sTGMcMVOXwMdm21+qNKw
ZQ11keMCTZrXFFfjql5fOOyzGQGnwL626lLxzfKY/+TOamM/otYFtAWEgsjYnE8P
NNNBGmLr+toVmZz/YOdPTdwwO+QPej8fweD0EKF9mQ2FNX0pAh7MNy9/4fexzEZQ
h1CLTQ90Hf6swSHTts2ltYLXjvdbOCnOGQ7CSSKsnuVVA/ZhN3Xs8bXMTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXDiGhwD1zvDOp6trLrIbreNqzoMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArPnpbmA0
9vdkGlo6UmQUda9YsqOupdQ+fXOPmp9KAEubdsLKzxXAGhwskdTAkHIMpa6WHZCv
zpzT1NxUYAKV4o6hqwKZE6APgkUQoBIICWsrMsd04fWHHrZlfKju3Pl10K2xmMd8
gBQ1UuVB1N3IjxyJeNx1R8mAAvLwV9sidVsWb7NAk9IBi3kd+pc+UhRB8Kbphwr7
AKsFV5XhsAAHRMwD5WIzsjlQ8L3q8tZ0euUj3T4Kg7oxSdoJAeOD6FTQ/DYGRkIp
9+t8fgsU5tzyuhPwxQQe98qPP1Pgu8gaBNni7/5EhZqUkAB+9XzT+3UKgoXlBTgG
Yx5HhERnv0Lv2Q==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:33 2025 by rpki-client