Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
File: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft (raw, json)
Hash identifier: 4o9pzJQ+H365ffUMC8n99NF1IfYP/RE6q0qpxfJvZlc=
Subject key identifier: DF:07:DF:DB:36:EE:2C:56:91:8F:5D:DD:B3:D7:D2:83:FB:6D:71:BD
Authority key identifier: 94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
Certificate issuer: /CN=94d161593da815cac58d3479652d048480d26713
Certificate serial: 01958B4DDAC259F51CEDE86EC94C9E6CC7CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
Manifest number: 1496
Signing time: Wed 12 Mar 2025 17:01:29 +0000
Manifest this update: Wed 12 Mar 2025 17:01:29 +0000
Manifest next update: Thu 13 Mar 2025 17:01:29 +0000
Files and hashes: 1: bdAF9viIHB5V5FhTALS-owQhcks.roa (hash: lPv9YsuyVHwxqfP/RRJpZeMDZjwRG/d34AhteS5V7Ew=)
2: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl (hash: whca6K5MxU6d8+wGATOp1/yAc7rDWNN31dhw69d7+oE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 17:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:4d:da:c2:59:f5:1c:ed:e8:6e:c9:4c:9e:6c:c7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d161593da815cac58d3479652d048480d26713
Validity
Not Before: Mar 12 17:01:29 2025 GMT
Not After : Mar 13 17:01:29 2025 GMT
Subject: CN=df07dfdb36ee2c56918f5dddb3d7d283fb6d71bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:38:4d:cb:12:1c:42:0b:e3:14:0f:fd:50:f9:
21:62:2d:37:45:ad:08:06:58:bf:c4:9f:05:ba:5a:
4f:be:6c:fe:c9:67:4e:34:3b:8e:8d:91:16:2e:0b:
e4:d8:2f:f7:63:bd:9f:26:80:9b:d9:d0:8d:6b:80:
b9:7b:0c:1c:8d:87:23:0f:59:8e:ae:54:b3:ca:10:
68:e5:4e:9b:20:9d:34:9b:4c:32:fb:30:54:9c:c8:
4d:af:62:09:25:36:cb:42:e7:97:d5:c3:36:14:fd:
7c:10:c1:90:b1:42:02:97:94:fa:85:86:03:58:cd:
49:6d:27:f8:86:98:43:0b:79:2f:92:90:15:d4:98:
4a:19:eb:ec:67:0f:fc:d8:84:9f:40:bf:9c:d6:41:
a6:ef:5e:0c:ca:a2:7c:90:db:15:c4:85:14:6d:df:
29:45:9a:94:5f:6f:f9:b6:10:bb:36:27:ba:98:70:
b5:3d:95:07:53:07:cb:14:62:64:1a:07:7f:fd:1a:
c7:d4:26:12:95:82:55:35:64:b9:60:eb:a2:5e:54:
16:1a:2f:84:85:4e:af:b2:f5:69:8b:8c:20:b2:e4:
62:67:e1:14:ec:c7:bc:2a:5a:21:94:e3:16:a2:72:
86:96:de:24:94:3c:e6:c0:57:2d:2c:d2:59:52:0b:
fb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:07:DF:DB:36:EE:2C:56:91:8F:5D:DD:B3:D7:D2:83:FB:6D:71:BD
X509v3 Authority Key Identifier:
keyid:94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:6b:d6:0a:46:e3:8c:c0:46:37:b8:39:1d:48:db:3c:3d:e0:
a3:da:c1:3a:84:96:88:e9:80:1c:a2:f1:49:86:21:50:d4:7d:
9f:86:16:c9:a7:4d:64:46:43:79:7c:00:e4:01:ef:1d:2e:a6:
67:bc:03:98:d0:ec:7f:cf:78:e9:b9:a7:63:28:3f:86:b9:4b:
24:bd:a9:92:e9:e7:45:89:0c:bb:28:44:38:a3:d1:fd:dc:dd:
04:3f:aa:55:17:b6:71:cf:9f:5a:de:de:86:77:b0:75:d1:d8:
29:06:af:51:0d:bf:b0:be:ee:07:76:58:85:dd:49:7d:8a:d1:
e6:a7:4e:f7:1f:b6:52:ec:1f:cd:e7:10:7b:00:a9:db:67:06:
90:b7:9d:37:ed:bc:ee:b9:47:fb:b9:72:36:14:ff:16:36:34:
04:b9:45:33:8f:1a:3c:55:9f:25:74:43:b4:35:95:b1:d5:12:
cf:29:2c:8d:a9:71:4c:be:3e:ca:21:7c:ce:7f:0a:44:7b:b8:
2f:09:bb:d0:5c:32:99:20:06:37:19:15:8b:6e:37:ce:d0:24:
8e:15:db:8e:e1:1b:6a:88:91:16:69:14:ee:8b:fc:71:1a:c2:
3b:11:da:5a:4e:40:5b:51:6a:3d:20:34:e3:9a:04:31:58:5a:
de:f1:41:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLTdrCWfUc7ehuyUyebMfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDE2MTU5M2RhODE1Y2FjNThkMzQ3OTY1MmQwNDg0ODBk
MjY3MTMwHhcNMjUwMzEyMTcwMTI5WhcNMjUwMzEzMTcwMTI5WjAzMTEwLwYDVQQD
EyhkZjA3ZGZkYjM2ZWUyYzU2OTE4ZjVkZGRiM2Q3ZDI4M2ZiNmQ3MWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtThNyxIcQgvjFA/9UPkhYi03Ra0I
Bli/xJ8FulpPvmz+yWdONDuOjZEWLgvk2C/3Y72fJoCb2dCNa4C5ewwcjYcjD1mO
rlSzyhBo5U6bIJ00m0wy+zBUnMhNr2IJJTbLQueX1cM2FP18EMGQsUICl5T6hYYD
WM1JbSf4hphDC3kvkpAV1JhKGevsZw/82ISfQL+c1kGm714MyqJ8kNsVxIUUbd8p
RZqUX2/5thC7Nie6mHC1PZUHUwfLFGJkGgd//RrH1CYSlYJVNWS5YOuiXlQWGi+E
hU6vsvVpi4wgsuRiZ+EU7Me8KlohlOMWonKGlt4klDzmwFctLNJZUgv7OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8H39s27ixWkY9d3bPX0oP7bXG9MB8GA1UdIwQY
MBaAFJTRYVk9qBXKxY00eWUtBISA0mcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEt
ZDhlOThiODVhZWE0LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEtZDhlOThiODVhZWE0
LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2vWCkbj
jMBGN7g5HUjbPD3go9rBOoSWiOmAHKLxSYYhUNR9n4YWyadNZEZDeXwA5AHvHS6m
Z7wDmNDsf8946bmnYyg/hrlLJL2pkunnRYkMuyhEOKPR/dzdBD+qVRe2cc+fWt7e
hnewddHYKQavUQ2/sL7uB3ZYhd1JfYrR5qdO9x+2UuwfzecQewCp22cGkLedN+28
7rlH+7lyNhT/FjY0BLlFM48aPFWfJXRDtDWVsdUSzyksjalxTL4+yiF8zn8KRHu4
Lwm70FwymSAGNxkVi243ztAkjhXbjuEbaoiRFmkU7ov8cRrCOxHaWk5AW1FqPSA0
45oEMVha3vFBFw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:15 2025 by rpki-client