Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
File: DT66aHPFtQdbPEOff-61SvHxDak.mft (raw, json)
Hash identifier: CIByLozuQcFwvb0mfsRJFKFM9p94xISaP/vTIzqw7Dc=
Subject key identifier: 0D:38:D7:1F:C7:2C:7B:D9:B2:0A:49:94:6C:0B:58:E4:F9:09:62:63
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 01965D5F24D1F4B15BF35408B9A1757E5F71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
Manifest number: 1509
Signing time: Tue 22 Apr 2025 12:00:38 +0000
Manifest this update: Tue 22 Apr 2025 12:00:38 +0000
Manifest next update: Wed 23 Apr 2025 12:00:38 +0000
Files and hashes: 1: DT66aHPFtQdbPEOff-61SvHxDak.crl (hash: 9BFw5S1/+TduCtyfevTa0jTylvNaJpF6Ye3VO6Omdkw=)
2: bJFxuWRTLDK11fnMj6JzG9bfGJc.roa (hash: GJmoaYMZlK46RmoyjMRGd4Icb8shLixbmKsjvQhxyu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:5f:24:d1:f4:b1:5b:f3:54:08:b9:a1:75:7e:5f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Apr 22 12:00:38 2025 GMT
Not After : Apr 23 12:00:38 2025 GMT
Subject: CN=0d38d71fc72c7bd9b20a49946c0b58e4f9096263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0c:3b:4f:23:19:e4:83:87:e5:cb:3f:95:f3:
da:97:6e:96:46:36:6a:0c:ab:91:3f:52:f5:65:f6:
38:66:5b:b7:1e:91:1b:bd:43:2c:7d:72:47:f5:38:
36:e7:eb:af:32:3d:ce:df:80:73:dd:93:bb:51:2d:
4a:04:65:68:ee:4d:9a:16:6f:43:41:18:e9:ec:13:
da:17:ed:90:63:35:1c:ee:d0:9e:7d:16:20:68:56:
42:c0:cf:17:8e:4e:ce:91:c4:32:d9:5b:30:a6:62:
30:ca:ef:a1:55:33:ed:69:8b:3d:b7:96:64:4d:bd:
00:c6:6d:95:d0:b1:1e:67:41:97:5e:04:0f:06:05:
6f:ac:56:d4:5d:27:e1:c2:a5:19:4d:a3:2e:ee:a9:
c2:42:2c:5f:88:e3:14:6e:d4:82:12:8e:9d:51:dc:
24:46:95:a2:fd:e7:bd:67:40:e8:09:b2:c2:9d:1e:
0b:d8:2e:1f:88:a2:00:39:97:0f:14:e2:c3:ef:31:
9c:a9:72:6e:53:8b:0a:4f:5a:9f:76:06:ae:0d:1a:
9c:47:3c:01:b2:aa:5c:94:3e:c9:41:c8:49:ff:ad:
de:4d:87:df:7a:6e:b4:07:26:17:82:54:b2:e6:60:
dc:34:aa:b0:bb:67:f0:81:9c:65:52:37:48:f8:11:
59:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:38:D7:1F:C7:2C:7B:D9:B2:0A:49:94:6C:0B:58:E4:F9:09:62:63
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:55:d7:fd:52:34:69:a5:38:cc:0d:07:07:bc:41:cc:3d:af:
92:18:60:4f:10:66:78:a3:0f:9e:87:f9:be:7e:7c:91:a7:3c:
e2:c0:6d:3f:2d:cb:3f:25:d2:5b:ef:7f:91:e6:dc:18:84:ca:
60:b5:46:c5:be:27:25:62:22:61:8c:ff:b6:7c:81:ea:fd:85:
79:b9:db:9c:68:f5:38:18:2d:c6:60:d1:31:79:ea:fe:48:69:
4c:a4:62:cf:13:7d:ae:3d:a7:74:ec:ee:45:80:86:26:ff:68:
42:c7:b0:75:c7:62:83:aa:0a:2d:b1:d4:82:70:1e:18:b4:81:
a8:1e:b3:5d:40:a2:14:26:99:5c:bb:7c:9e:21:55:08:ff:f5:
dd:25:d0:66:64:64:49:92:de:5a:f7:4f:6e:97:4d:3b:bc:b1:
3c:94:da:7a:8d:2f:c8:15:50:f3:c5:8d:b8:50:85:08:57:1f:
c0:8e:12:46:03:b3:21:4c:c2:39:9e:a3:bc:e2:59:78:97:19:
12:3d:b5:1c:ad:8b:21:84:06:d7:48:90:ef:7c:78:66:e7:28:
0b:3f:4e:d1:7a:9b:75:f4:d1:6e:40:ca:c8:f1:4a:49:1c:60:
60:b6:8f:79:60:02:81:f1:45:f7:b6:0a:d1:11:8f:ae:d7:48:
9c:37:f0:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdXyTR9LFb81QIuaF1fl9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjUwNDIyMTIwMDM4WhcNMjUwNDIzMTIwMDM4WjAzMTEwLwYDVQQD
EygwZDM4ZDcxZmM3MmM3YmQ5YjIwYTQ5OTQ2YzBiNThlNGY5MDk2MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgw7TyMZ5IOH5cs/lfPal26WRjZq
DKuRP1L1ZfY4Zlu3HpEbvUMsfXJH9Tg25+uvMj3O34Bz3ZO7US1KBGVo7k2aFm9D
QRjp7BPaF+2QYzUc7tCefRYgaFZCwM8Xjk7OkcQy2VswpmIwyu+hVTPtaYs9t5Zk
Tb0Axm2V0LEeZ0GXXgQPBgVvrFbUXSfhwqUZTaMu7qnCQixfiOMUbtSCEo6dUdwk
RpWi/ee9Z0DoCbLCnR4L2C4fiKIAOZcPFOLD7zGcqXJuU4sKT1qfdgauDRqcRzwB
sqpclD7JQchJ/63eTYffem60ByYXglSy5mDcNKqwu2fwgZxlUjdI+BFZ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA041x/HLHvZsgpJlGwLWOT5CWJjMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmVXX/VI0
aaU4zA0HB7xBzD2vkhhgTxBmeKMPnof5vn58kac84sBtPy3LPyXSW+9/kebcGITK
YLVGxb4nJWIiYYz/tnyB6v2FebnbnGj1OBgtxmDRMXnq/khpTKRizxN9rj2ndOzu
RYCGJv9oQsewdcdig6oKLbHUgnAeGLSBqB6zXUCiFCaZXLt8niFVCP/13SXQZmRk
SZLeWvdPbpdNO7yxPJTaeo0vyBVQ88WNuFCFCFcfwI4SRgOzIUzCOZ6jvOJZeJcZ
Ej21HK2LIYQG10iQ73x4ZucoCz9O0XqbdfTRbkDKyPFKSRxgYLaPeWACgfFF97YK
0RGPrtdInDfw9Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:59:09 2025 by rpki-client