Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
File: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft (raw, json)
Hash identifier: XEfO8uwq6B4bQImUWl04yTzD1lc0xg9EwdqOJbQMYXo=
Subject key identifier: CF:4A:F4:57:46:D2:14:06:D9:42:CB:55:3B:91:81:11:F9:22:13:8E
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 019658A69C1ED4512C4BF00C43296A73C1A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
Manifest number: 14FE
Signing time: Mon 21 Apr 2025 14:00:35 +0000
Manifest this update: Mon 21 Apr 2025 14:00:35 +0000
Manifest next update: Tue 22 Apr 2025 14:00:35 +0000
Files and hashes: 1: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl (hash: ptdGEvAQjBG1ebjrIoCpfO/PjlJ+z5MTmgS5fDD7Nyc=)
2: uFIkyOKWSzQfZzP96vWM093yaBY.roa (hash: TWsqJU2I8/yV3h8FtJmMbNc3AlR1EJP1BU5hPExE0mk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:a6:9c:1e:d4:51:2c:4b:f0:0c:43:29:6a:73:c1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Apr 21 14:00:35 2025 GMT
Not After : Apr 22 14:00:35 2025 GMT
Subject: CN=cf4af45746d21406d942cb553b918111f922138e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:99:bb:5d:10:59:88:06:ce:a6:b2:b5:dc:cf:
d0:fb:da:fb:96:8a:34:02:3e:4a:d7:96:6e:e9:d7:
71:30:90:25:a4:36:bb:17:4f:21:b5:76:f8:a7:00:
71:11:df:8a:f7:80:f6:da:70:56:5b:b2:20:1d:63:
de:25:cd:d9:d7:4f:80:2d:a1:ec:33:4d:5c:51:c7:
95:d2:24:98:32:5d:e3:e8:e6:fa:0c:c9:e1:f5:8e:
31:c5:65:8b:0c:99:d4:e8:84:ab:79:bf:0d:dc:bd:
b2:bc:98:c0:1a:c2:49:c0:98:37:0d:1d:ae:4d:da:
bd:50:14:20:1f:2a:53:e2:04:91:d4:8a:4e:c7:ba:
45:ff:55:19:a3:28:72:fa:3b:13:f2:8a:11:00:6c:
09:01:3c:40:db:20:ad:45:ee:88:d7:83:59:f0:40:
a9:d1:c0:ad:24:bd:11:f5:95:26:27:48:42:7a:cd:
1d:95:34:d8:6d:b4:56:f0:7c:66:68:77:61:aa:48:
a3:c3:01:69:77:73:cb:96:c0:bf:35:91:9a:4c:c7:
aa:93:69:f9:36:d5:17:8f:fa:a1:cb:f6:44:25:0b:
d5:d3:7a:4a:b4:ca:b3:b8:2c:ea:a1:b7:c8:ce:70:
52:16:25:4b:6e:7a:19:31:23:c2:fd:a0:5c:54:c6:
91:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:F4:57:46:D2:14:06:D9:42:CB:55:3B:91:81:11:F9:22:13:8E
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bf:43:4e:43:f3:ce:24:69:40:7b:d7:90:a0:41:80:23:05:60:
3c:a1:d1:33:11:a1:e3:38:6c:7f:b7:4f:94:5d:bf:97:20:54:
58:8a:a0:4e:49:61:8e:50:f5:15:3c:6d:1d:1c:25:d1:64:71:
3f:46:c1:76:96:5f:52:2a:f0:92:f9:cb:92:27:d9:46:18:7b:
7a:42:4a:6e:dd:b6:4e:19:2c:dc:61:ac:00:7d:9d:b1:10:41:
ff:51:42:08:40:29:6e:cc:61:48:79:9f:5a:0d:42:5e:25:ea:
67:f1:7f:fb:c6:b3:2d:71:58:80:36:28:73:95:3b:36:1a:a1:
a1:2c:76:2f:e2:5d:fb:b9:e8:6e:0d:61:0b:0f:e5:cc:cf:c6:
97:6c:eb:74:6b:76:dd:cb:4c:ba:43:91:05:00:3a:d5:6d:8e:
20:58:b5:f1:dc:50:89:34:c3:f0:fa:44:bd:e6:96:ea:46:7d:
2e:11:3c:f5:52:11:44:45:97:b8:18:4a:15:7b:69:ff:5d:69:
2a:ce:d3:a6:b1:dd:68:93:bb:e4:6b:37:49:61:23:fa:3f:49:
65:20:46:b9:59:9a:ee:1e:d2:11:c3:82:fc:2b:1c:8d:e3:62:
c0:33:22:c9:7d:e7:b0:82:b8:f1:ce:3a:54:b2:a1:33:c7:45:
0d:28:d0:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYppwe1FEsS/AMQylqc8GlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjUwNDIxMTQwMDM1WhcNMjUwNDIyMTQwMDM1WjAzMTEwLwYDVQQD
EyhjZjRhZjQ1NzQ2ZDIxNDA2ZDk0MmNiNTUzYjkxODExMWY5MjIxMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJm7XRBZiAbOprK13M/Q+9r7loo0
Aj5K15Zu6ddxMJAlpDa7F08htXb4pwBxEd+K94D22nBWW7IgHWPeJc3Z10+ALaHs
M01cUceV0iSYMl3j6Ob6DMnh9Y4xxWWLDJnU6ISreb8N3L2yvJjAGsJJwJg3DR2u
Tdq9UBQgHypT4gSR1IpOx7pF/1UZoyhy+jsT8ooRAGwJATxA2yCtRe6I14NZ8ECp
0cCtJL0R9ZUmJ0hCes0dlTTYbbRW8HxmaHdhqkijwwFpd3PLlsC/NZGaTMeqk2n5
NtUXj/qhy/ZEJQvV03pKtMqzuCzqobfIznBSFiVLbnoZMSPC/aBcVMaRRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9K9FdG0hQG2ULLVTuRgRH5IhOOMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv0NOQ/PO
JGlAe9eQoEGAIwVgPKHRMxGh4zhsf7dPlF2/lyBUWIqgTklhjlD1FTxtHRwl0WRx
P0bBdpZfUirwkvnLkifZRhh7ekJKbt22Thks3GGsAH2dsRBB/1FCCEApbsxhSHmf
Wg1CXiXqZ/F/+8azLXFYgDYoc5U7NhqhoSx2L+Jd+7nobg1hCw/lzM/Gl2zrdGt2
3ctMukORBQA61W2OIFi18dxQiTTD8PpEveaW6kZ9LhE89VIRREWXuBhKFXtp/11p
Ks7TprHdaJO75Gs3SWEj+j9JZSBGuVma7h7SEcOC/CscjeNiwDMiyX3nsIK48c46
VLKhM8dFDSjQ/w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:10:42 2025 by rpki-client