Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json)
Hash identifier: g4kh97pYCVJzCTTNTSkobSJjJVMj2oKXl0jMe/nw7po=
Subject key identifier: AE:DD:D6:0C:0F:66:B2:BE:8E:DB:05:0D:AC:32:E0:55:EA:63:2C:99
Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451
Certificate serial: 0196414354F325BC9CF3EBDBD3D52AC3A384
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
Manifest number: 06FF
Signing time: Thu 17 Apr 2025 01:00:53 +0000
Manifest this update: Thu 17 Apr 2025 01:00:53 +0000
Manifest next update: Fri 18 Apr 2025 01:00:53 +0000
Files and hashes: 1: ExEAGmrTaGZYkgcoaaGfFiacDZM.roa (hash: vfQhBpcBjSjG95UQaSsBC3edgr1xXnN4hhJBHCKa+Vc=)
2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: x8EXdZcvEC+fOFQ/9uKrikey+AvQEfv134HbLv8F2MI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:41:43:54:f3:25:bc:9c:f3:eb:db:d3:d5:2a:c3:a3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451
Validity
Not Before: Apr 17 01:00:53 2025 GMT
Not After : Apr 18 01:00:53 2025 GMT
Subject: CN=aeddd60c0f66b2be8edb050dac32e055ea632c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:11:eb:b3:b4:1b:4d:76:a5:e9:dc:7f:10:8b:
96:c7:a2:e2:9e:05:f1:a1:27:3b:fb:f3:6e:81:93:
5f:2e:d7:6b:6c:12:d1:8c:75:3a:fc:7b:b8:38:74:
0e:42:98:58:12:59:e1:3c:fa:db:90:25:4c:7b:fe:
8e:87:0e:76:a8:e1:4b:91:1a:bb:75:09:d3:5f:ba:
05:99:87:e4:c6:fb:2b:f6:0c:7e:e7:e9:e0:8f:c2:
eb:a9:a0:47:fa:13:0b:50:e6:73:0d:2b:c3:cd:45:
72:a5:40:68:d1:77:7c:b3:b4:b9:22:43:15:5e:eb:
a2:f0:b5:d5:84:ac:e2:89:0d:57:20:c5:a0:da:ad:
53:92:8a:bb:50:ad:52:d5:51:86:d2:f4:0f:65:21:
9b:b0:53:52:86:2d:d6:24:99:ed:4b:6a:8f:8f:dd:
ca:6a:eb:26:67:2e:e3:a1:18:ad:52:07:6f:b9:a9:
1b:b5:e0:49:31:b0:81:b3:ee:f8:d6:7a:82:d1:c1:
bf:ec:d8:67:81:24:e9:99:da:ac:f9:18:4f:30:3c:
7e:86:a3:9c:2f:0d:4f:0c:af:73:62:8d:f6:91:ac:
75:eb:8c:fa:74:84:49:ae:0a:07:8b:33:0b:b0:d0:
46:7a:e9:c6:f6:4a:05:0c:4f:cb:84:b1:f3:fe:65:
a1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DD:D6:0C:0F:66:B2:BE:8E:DB:05:0D:AC:32:E0:55:EA:63:2C:99
X509v3 Authority Key Identifier:
keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:cd:c3:88:21:c6:70:f9:7d:b5:be:ae:e0:d5:96:e8:38:b6:
5c:57:43:b9:45:a6:0a:2b:c8:60:e7:29:6a:98:9b:d4:a4:4f:
5f:bf:f6:a8:ce:cf:08:96:51:80:87:87:89:7a:44:dc:4f:f0:
c6:c2:38:cb:02:61:dd:d6:27:61:c7:fe:92:cd:ac:a9:26:0b:
88:3a:0c:56:4f:59:a2:c3:82:ce:95:8c:d4:54:72:7f:4c:cd:
64:fc:b4:a0:61:da:60:f8:4d:30:17:20:3e:83:47:00:06:52:
52:91:3c:68:6f:35:54:1a:e6:68:d4:9b:2e:42:44:ea:e7:f5:
87:51:31:71:01:a6:de:b6:8f:17:10:d3:97:a3:ad:68:5d:84:
41:05:63:76:6e:e7:ec:a5:3b:2b:1a:ca:1c:0d:53:68:0e:75:
1a:6d:43:ad:eb:14:b1:22:cd:9c:68:fa:95:63:c1:82:79:af:
a2:33:94:f4:83:a1:ed:fc:32:c1:ec:cf:77:31:36:5a:9c:e7:
4e:59:fa:86:88:55:aa:34:36:41:38:7e:8e:30:ae:86:3d:34:
9c:50:8a:42:d8:c9:c9:d6:ad:f6:7d:e8:40:a9:44:7c:92:bc:
92:3a:85:7a:c9:7e:ef:8c:e4:e5:2b:41:31:37:bc:6f:5f:21:
e6:37:c9:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZBQ1TzJbyc8+vb09Uqw6OEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3
Yjk0NTEwHhcNMjUwNDE3MDEwMDUzWhcNMjUwNDE4MDEwMDUzWjAzMTEwLwYDVQQD
EyhhZWRkZDYwYzBmNjZiMmJlOGVkYjA1MGRhYzMyZTA1NWVhNjMyYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphHrs7QbTXal6dx/EIuWx6LingXx
oSc7+/NugZNfLtdrbBLRjHU6/Hu4OHQOQphYElnhPPrbkCVMe/6Ohw52qOFLkRq7
dQnTX7oFmYfkxvsr9gx+5+ngj8LrqaBH+hMLUOZzDSvDzUVypUBo0Xd8s7S5IkMV
Xuui8LXVhKziiQ1XIMWg2q1Tkoq7UK1S1VGG0vQPZSGbsFNShi3WJJntS2qPj93K
ausmZy7joRitUgdvuakbteBJMbCBs+741nqC0cG/7NhngSTpmdqs+RhPMDx+hqOc
Lw1PDK9zYo32kax164z6dIRJrgoHizMLsNBGeunG9koFDE/LhLHz/mWhMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7d1gwPZrK+jtsFDawy4FXqYyyZMB8GA1UdIwQY
MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct
MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4
LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcM3DiCHG
cPl9tb6u4NWW6Di2XFdDuUWmCivIYOcpapib1KRPX7/2qM7PCJZRgIeHiXpE3E/w
xsI4ywJh3dYnYcf+ks2sqSYLiDoMVk9ZosOCzpWM1FRyf0zNZPy0oGHaYPhNMBcg
PoNHAAZSUpE8aG81VBrmaNSbLkJE6uf1h1ExcQGm3raPFxDTl6OtaF2EQQVjdm7n
7KU7KxrKHA1TaA51Gm1DresUsSLNnGj6lWPBgnmvojOU9IOh7fwywezPdzE2Wpzn
Tln6hohVqjQ2QTh+jjCuhj00nFCKQtjJydat9n3oQKlEfJK8kjqFesl+74zk5StB
MTe8b18h5jfJaw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:43:21 2025 by rpki-client