Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json)
Hash identifier: Ea/o4khmUMo1kdP4ZeHsRMHhPnocXV32Z/0+FWcevOc=
Subject key identifier: 85:97:7B:E0:65:9F:2D:17:BF:60:AC:DD:55:60:B0:B2:D4:CD:D6:9E
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 01958EF387FDDCF52C08B5B08AD54F503870
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
Manifest number: 0BA1
Signing time: Thu 13 Mar 2025 10:01:19 +0000
Manifest this update: Thu 13 Mar 2025 10:01:19 +0000
Manifest next update: Fri 14 Mar 2025 10:01:19 +0000
Files and hashes: 1: ArfVzV_ad27WSg6MSNAJVOVO4Jk.roa (hash: 7YOwLzYn+04mEiM6zjtu45GNMFpON/tmtRVeglwvQWQ=)
2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: QQgvL3RWkE5Fo9BswOpLZXM00UjWdSDO3oBd36kcrUY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:f3:87:fd:dc:f5:2c:08:b5:b0:8a:d5:4f:50:38:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Mar 13 10:01:19 2025 GMT
Not After : Mar 14 10:01:19 2025 GMT
Subject: CN=85977be0659f2d17bf60acdd5560b0b2d4cdd69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6e:0b:9b:00:3a:a5:ae:71:e0:c0:d1:7a:7e:
99:30:a5:54:5d:97:e6:91:ef:51:8c:72:62:6c:55:
20:7b:ed:20:25:6c:c5:aa:3c:b4:e7:61:fd:ce:af:
c6:eb:1e:44:00:47:86:f3:44:dd:5f:43:16:02:3a:
9f:d8:e6:ca:7d:72:f4:e7:b8:90:bd:fa:9f:60:4e:
29:90:c8:fc:b3:df:a3:4e:90:45:50:d1:44:db:32:
6a:af:cb:24:30:92:3a:a9:b8:19:16:30:e7:ab:b0:
d4:bb:29:17:fa:e1:db:cb:97:37:14:57:64:a6:f7:
67:bc:b5:e0:9e:0f:cc:5c:f9:23:37:6f:89:43:73:
8b:67:e4:15:dc:06:7c:0d:9e:d0:66:60:d9:43:d8:
39:55:e3:47:62:96:f2:5a:e0:df:ea:3c:ee:af:8a:
e3:de:53:8a:9e:fc:47:0a:49:d7:cb:74:2f:ed:17:
ff:7f:9f:6a:f8:6a:3e:a3:52:21:9c:aa:08:f6:f3:
7c:ff:02:8c:b0:d1:96:e6:cf:52:71:1c:13:9c:31:
1d:6f:ad:51:0d:46:36:14:a3:ea:c6:0f:9b:d9:22:
2d:32:2b:db:8b:7b:01:52:75:8a:2c:f5:d8:a8:d3:
8d:d4:cc:07:70:87:2c:50:b1:c1:ea:33:5f:0b:97:
c0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:97:7B:E0:65:9F:2D:17:BF:60:AC:DD:55:60:B0:B2:D4:CD:D6:9E
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:a8:45:97:d3:29:b8:78:a2:50:cb:7a:ee:f2:25:e7:e8:1b:
4b:8d:08:b9:22:e1:ae:33:6f:79:fc:e6:b4:2f:08:e3:ab:ba:
e2:c4:1f:bd:75:c9:0f:a3:2e:83:88:f9:38:93:4c:32:0c:5a:
3e:f8:12:07:72:4e:da:98:7b:fc:6f:a7:7f:fe:43:5c:0f:c0:
de:ed:4a:4e:7e:46:5d:6f:ee:d2:a8:86:78:d1:5f:64:81:3e:
af:41:d6:3b:6f:27:c2:6d:e2:95:b0:41:ec:22:a0:f3:1e:37:
cc:f4:8a:6b:2e:74:42:62:a0:ed:3f:54:3c:67:92:55:d4:82:
c3:93:19:19:c7:73:dd:81:05:e9:28:d3:1f:ce:04:d1:34:0d:
7c:6e:8e:53:51:22:02:cc:f5:70:9f:6d:df:98:16:0a:9c:cc:
f2:52:9f:d5:9e:71:65:80:2a:f1:f8:8b:39:b6:87:f2:c9:3d:
0e:24:52:90:ab:68:26:fd:cc:46:c5:c3:46:65:7f:34:73:a4:
b9:09:a3:4d:8a:7e:80:fa:5e:48:df:84:f8:12:e3:bb:7c:28:
de:83:55:7c:4b:f3:7f:41:49:28:00:27:a3:bf:02:19:b1:b0:
f2:93:fa:f3:bd:d3:eb:e9:c0:1e:d2:c0:2c:eb:2c:ff:2c:51:
00:d4:1c:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWO84f93PUsCLWwitVPUDhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjUwMzEzMTAwMTE5WhcNMjUwMzE0MTAwMTE5WjAzMTEwLwYDVQQD
Eyg4NTk3N2JlMDY1OWYyZDE3YmY2MGFjZGQ1NTYwYjBiMmQ0Y2RkNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW4LmwA6pa5x4MDRen6ZMKVUXZfm
ke9RjHJibFUge+0gJWzFqjy052H9zq/G6x5EAEeG80TdX0MWAjqf2ObKfXL057iQ
vfqfYE4pkMj8s9+jTpBFUNFE2zJqr8skMJI6qbgZFjDnq7DUuykX+uHby5c3FFdk
pvdnvLXgng/MXPkjN2+JQ3OLZ+QV3AZ8DZ7QZmDZQ9g5VeNHYpbyWuDf6jzur4rj
3lOKnvxHCknXy3Qv7Rf/f59q+Go+o1IhnKoI9vN8/wKMsNGW5s9ScRwTnDEdb61R
DUY2FKPqxg+b2SItMivbi3sBUnWKLPXYqNON1MwHcIcsULHB6jNfC5fATwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWXe+Blny0Xv2Cs3VVgsLLUzdaeMB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKhFl9Mp
uHiiUMt67vIl5+gbS40IuSLhrjNvefzmtC8I46u64sQfvXXJD6Mug4j5OJNMMgxa
PvgSB3JO2ph7/G+nf/5DXA/A3u1KTn5GXW/u0qiGeNFfZIE+r0HWO28nwm3ilbBB
7CKg8x43zPSKay50QmKg7T9UPGeSVdSCw5MZGcdz3YEF6SjTH84E0TQNfG6OU1Ei
Asz1cJ9t35gWCpzM8lKf1Z5xZYAq8fiLObaH8sk9DiRSkKtoJv3MRsXDRmV/NHOk
uQmjTYp+gPpeSN+E+BLju3wo3oNVfEvzf0FJKAAno78CGbGw8pP6873T6+nAHtLA
LOss/yxRANQcjA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:17 2025 by rpki-client