Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json)
Hash identifier: 9xqe3dEkGfaFJjFGjcEtzwMi12MgTrl+QFIhqyZnAJA=
Subject key identifier: 52:F5:73:8D:19:3E:6A:6F:14:C1:8A:49:51:03:7A:35:97:38:42:1B
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 0196507ED95997ACF993BD1C5B3C195CDDF7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
Manifest number: 14FB
Signing time: Sun 20 Apr 2025 00:00:12 +0000
Manifest this update: Sun 20 Apr 2025 00:00:12 +0000
Manifest next update: Mon 21 Apr 2025 00:00:12 +0000
Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: ZCHO58hoKIhSrR7czVbNBUp6BMrh+lX85C8Pbp8595g=)
2: IyvCi4bscVz-cDd1e8YDDEn65h8.roa (hash: +ReDdginBUQu4++Dvo5zNIlV1w8CIv08Gg4t44mG608=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:50:7e:d9:59:97:ac:f9:93:bd:1c:5b:3c:19:5c:dd:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Apr 20 00:00:12 2025 GMT
Not After : Apr 21 00:00:12 2025 GMT
Subject: CN=52f5738d193e6a6f14c18a4951037a359738421b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:55:2c:76:65:f9:ed:f8:fb:7b:13:ea:b6:1f:
46:94:55:21:8e:86:46:2e:af:22:8d:43:22:b0:8a:
0b:48:79:fe:78:59:1e:fb:c5:07:9f:bf:be:87:99:
fc:6a:1e:a2:8d:bd:5a:44:a8:54:bd:5e:c1:e6:0f:
d2:78:06:fe:50:2d:50:e0:4b:b1:3e:fa:e7:4c:9a:
b0:db:82:48:93:03:86:87:82:9c:c3:9a:5d:6b:0c:
81:7a:71:e9:d3:e2:72:f4:9f:96:a0:b7:a2:bf:64:
50:5a:39:6e:c2:66:1d:4e:71:46:a4:1e:f0:bf:68:
3a:0f:81:6b:79:e5:42:96:eb:34:9e:ab:3f:b9:f8:
e0:af:5a:3e:dd:db:f6:e3:ec:3a:36:aa:19:a2:85:
ed:ce:39:3a:25:f4:ce:9e:22:a0:13:64:84:82:1a:
3c:1c:0a:97:ac:ab:83:11:8f:51:4e:0d:4e:43:5b:
32:d3:6f:05:8d:89:7e:9f:f0:0a:0c:49:59:68:c3:
10:2b:f3:a2:b8:18:7b:4d:2c:6e:bc:8e:88:3a:4e:
fe:39:84:9d:e4:6a:6d:70:a2:f2:a8:8f:f2:c3:45:
7b:fa:0c:5e:ae:fd:e6:f5:80:36:28:94:1d:49:c4:
fe:4e:7d:6d:4c:3d:13:4e:08:d6:32:34:25:a5:81:
4a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F5:73:8D:19:3E:6A:6F:14:C1:8A:49:51:03:7A:35:97:38:42:1B
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:dd:71:d6:7c:93:c1:44:e1:6b:12:6c:95:07:27:6e:6b:0f:
9e:72:9a:37:51:3d:b3:27:61:4e:a6:6c:da:b6:e5:75:54:d0:
78:bf:b0:d3:f6:0a:1d:e3:fa:93:72:b5:9b:77:6d:fa:e6:d8:
79:6d:a6:9e:3c:6f:d6:ce:24:88:5d:60:0e:c2:23:e6:9e:11:
45:16:bc:eb:47:b0:f7:7a:80:45:2e:d5:97:f2:93:2e:34:cf:
c1:5e:bc:52:e3:9e:3b:72:6c:b8:4b:1d:6c:73:8b:aa:53:64:
32:48:f7:0f:c8:b4:0d:56:5c:bf:2b:94:00:bb:62:77:77:88:
76:5d:d2:6b:12:c2:42:87:94:08:78:01:55:23:3a:a8:00:d7:
9c:bb:e0:a8:b4:9d:a9:f2:88:89:72:89:72:55:81:8b:1c:6d:
c2:a3:ce:cb:c6:83:11:58:d6:16:53:cf:a7:5b:54:50:1c:e6:
b5:3c:98:0a:ad:a0:ad:af:da:13:fd:45:20:dd:9c:5a:0d:b7:
af:28:ee:92:89:92:4a:25:e6:a2:64:b1:d7:94:6f:f5:68:e4:
d1:26:8b:10:6e:85:7b:b6:29:3f:45:f6:5e:b7:ca:98:6e:63:
44:e0:53:c2:db:e0:f8:02:d6:76:58:92:50:e6:e2:f9:96:73:
28:0d:e4:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQftlZl6z5k70cWzwZXN33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjUwNDIwMDAwMDEyWhcNMjUwNDIxMDAwMDEyWjAzMTEwLwYDVQQD
Eyg1MmY1NzM4ZDE5M2U2YTZmMTRjMThhNDk1MTAzN2EzNTk3Mzg0MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1UsdmX57fj7exPqth9GlFUhjoZG
Lq8ijUMisIoLSHn+eFke+8UHn7++h5n8ah6ijb1aRKhUvV7B5g/SeAb+UC1Q4Eux
PvrnTJqw24JIkwOGh4Kcw5pdawyBenHp0+Jy9J+WoLeiv2RQWjluwmYdTnFGpB7w
v2g6D4FreeVClus0nqs/ufjgr1o+3dv24+w6NqoZooXtzjk6JfTOniKgE2SEgho8
HAqXrKuDEY9RTg1OQ1sy028FjYl+n/AKDElZaMMQK/OiuBh7TSxuvI6IOk7+OYSd
5GptcKLyqI/yw0V7+gxerv3m9YA2KJQdScT+Tn1tTD0TTgjWMjQlpYFKnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFL1c40ZPmpvFMGKSVEDejWXOEIbMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFN1x1nyT
wUThaxJslQcnbmsPnnKaN1E9sydhTqZs2rbldVTQeL+w0/YKHeP6k3K1m3dt+ubY
eW2mnjxv1s4kiF1gDsIj5p4RRRa860ew93qARS7Vl/KTLjTPwV68UuOeO3JsuEsd
bHOLqlNkMkj3D8i0DVZcvyuUALtid3eIdl3SaxLCQoeUCHgBVSM6qADXnLvgqLSd
qfKIiXKJclWBixxtwqPOy8aDEVjWFlPPp1tUUBzmtTyYCq2gra/aE/1FIN2cWg23
ryjukomSSiXmomSx15Rv9Wjk0SaLEG6Fe7YpP0X2XrfKmG5jROBTwtvg+ALWdliS
UObi+ZZzKA3kPg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:38:03 2025 by rpki-client