Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
File: NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft (raw, json)
Hash identifier: nCKthkt4SjD2Avao2m2qYZQgJGq7j30b3gqQponoQ0Q=
Subject key identifier: 86:8D:C2:0C:0B:C9:BE:F0:E7:28:06:53:1E:F4:7E:13:30:DB:D8:0C
Authority key identifier: 35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
Certificate issuer: /CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Certificate serial: 01964B8F86B04222EE56E97C4062F68D0B8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
Manifest number: 14FB
Signing time: Sat 19 Apr 2025 01:00:19 +0000
Manifest this update: Sat 19 Apr 2025 01:00:19 +0000
Manifest next update: Sun 20 Apr 2025 01:00:19 +0000
Files and hashes: 1: Jhw9faAWoEdqP1e__8w7b6zkmPk.roa (hash: TQENvT9b218+4xF+VAk4clIU0JMsKTFbzJxIDRXuwJ4=)
2: NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl (hash: BsqXq0SHLPWKYUebpjVLyd0XU11UhudERYDUizfJAjw=)
3: fubcea_39IkkaWowT_0PbtN75oM.roa (hash: b26RPXGBBJCeMiSKu69amdDTbZc6gUFdxgY2Yx3wVnw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4b:8f:86:b0:42:22:ee:56:e9:7c:40:62:f6:8d:0b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Validity
Not Before: Apr 19 01:00:19 2025 GMT
Not After : Apr 20 01:00:19 2025 GMT
Subject: CN=868dc20c0bc9bef0e72806531ef47e1330dbd80c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:82:7d:2f:68:45:d1:d0:38:96:b1:32:a0:7f:
f5:f8:11:49:26:24:5c:98:a3:77:39:19:a1:5f:34:
e2:13:42:44:55:25:f1:cf:5c:90:7e:49:c9:65:fe:
74:3f:d5:52:bc:95:66:a5:5f:9b:75:c8:80:04:3a:
90:46:81:a7:1d:63:c0:55:50:45:95:6f:89:79:a9:
68:37:d1:6e:1c:00:45:ac:d6:85:f2:59:b2:75:21:
a2:31:db:c3:84:f0:13:0e:cb:f1:00:eb:42:43:3e:
52:ac:f8:32:50:af:6a:01:06:f1:00:10:58:af:2c:
1f:fc:98:12:f3:fa:5b:5b:6b:f8:4c:6a:74:10:4c:
64:97:18:b7:5e:7f:30:31:48:e5:4a:45:7a:22:df:
79:72:0d:f5:6f:a5:88:d9:c2:d7:2d:cf:0d:14:4e:
82:f4:74:c1:ac:03:52:cc:29:f6:89:cf:da:d8:da:
fc:89:65:9f:78:fe:a2:a7:24:15:4b:3f:ab:1f:c7:
71:63:96:cf:64:f0:68:e7:76:c1:03:d6:f2:d4:cd:
7c:55:32:f2:5a:9c:12:d8:48:31:df:32:81:04:5d:
8e:9c:dc:8a:97:8f:c4:70:10:9c:e7:0f:25:c4:03:
b1:39:eb:67:3f:dc:7f:d2:e1:3a:ca:d5:fd:e5:0c:
2c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8D:C2:0C:0B:C9:BE:F0:E7:28:06:53:1E:F4:7E:13:30:DB:D8:0C
X509v3 Authority Key Identifier:
keyid:35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:b9:17:e2:48:58:22:55:71:bc:7b:e0:5a:5b:11:8e:ba:24:
86:73:57:6b:99:65:b3:09:8c:c8:c0:88:d4:90:c7:d3:6e:1b:
d8:d3:25:d6:45:c2:fa:5d:ac:de:c6:5d:34:95:87:cb:8c:dd:
9e:86:97:c9:e5:08:cd:8d:cf:29:c8:43:99:68:e8:be:ed:85:
e7:02:f1:99:5b:46:ac:8e:65:f8:7e:90:fd:f4:3a:ba:ec:b1:
aa:25:44:12:04:05:27:a5:a6:da:e9:bc:3c:08:f0:64:80:f0:
28:07:03:3a:12:64:a9:6c:dd:87:df:76:60:72:7a:f7:eb:23:
6e:5e:1e:b2:de:89:89:6e:7a:f3:dd:ad:b8:c2:09:c5:f0:c8:
55:79:79:c8:75:6b:ad:c9:35:48:7d:11:88:ac:f0:b4:f4:97:
6d:a1:ff:4b:d1:a9:87:db:b7:5d:9e:4a:3c:54:85:27:ea:14:
07:e8:10:11:f9:61:18:70:37:7f:ed:23:87:9b:9a:d6:e2:38:
5e:96:19:1d:8f:de:7c:52:a0:b4:80:4a:0c:09:0c:ff:52:4c:
9e:3f:6d:7b:cf:80:54:d1:43:7c:3d:55:84:a1:f7:1f:17:ad:
ba:ec:10:35:09:7b:1d:78:58:66:0b:db:72:a6:0b:8b:57:cd:
1f:c4:07:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLj4awQiLuVul8QGL2jQuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1M2UzZjI4ZTY0N2U5MmFjOGE3MTBjMzA1YzJlMjFiNjIz
ZWRjMWMwHhcNMjUwNDE5MDEwMDE5WhcNMjUwNDIwMDEwMDE5WjAzMTEwLwYDVQQD
Eyg4NjhkYzIwYzBiYzliZWYwZTcyODA2NTMxZWY0N2UxMzMwZGJkODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IJ9L2hF0dA4lrEyoH/1+BFJJiRc
mKN3ORmhXzTiE0JEVSXxz1yQfknJZf50P9VSvJVmpV+bdciABDqQRoGnHWPAVVBF
lW+JealoN9FuHABFrNaF8lmydSGiMdvDhPATDsvxAOtCQz5SrPgyUK9qAQbxABBY
rywf/JgS8/pbW2v4TGp0EExklxi3Xn8wMUjlSkV6It95cg31b6WI2cLXLc8NFE6C
9HTBrANSzCn2ic/a2Nr8iWWfeP6ipyQVSz+rH8dxY5bPZPBo53bBA9by1M18VTLy
WpwS2Egx3zKBBF2OnNyKl4/EcBCc5w8lxAOxOetnP9x/0uE6ytX95Qws7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIaNwgwLyb7w5ygGUx70fhMw29gMMB8GA1UdIwQY
MBaAFDU+PyjmR+kqyKcQwwXC4htiPtwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQt
ZGFjYTI2ZGU2ZjdiLzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQtZGFjYTI2ZGU2Zjdi
LzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7kX4khY
IlVxvHvgWlsRjrokhnNXa5llswmMyMCI1JDH024b2NMl1kXC+l2s3sZdNJWHy4zd
noaXyeUIzY3PKchDmWjovu2F5wLxmVtGrI5l+H6Q/fQ6uuyxqiVEEgQFJ6Wm2um8
PAjwZIDwKAcDOhJkqWzdh992YHJ69+sjbl4est6JiW56892tuMIJxfDIVXl5yHVr
rck1SH0RiKzwtPSXbaH/S9Gph9u3XZ5KPFSFJ+oUB+gQEflhGHA3f+0jh5ua1uI4
XpYZHY/efFKgtIBKDAkM/1JMnj9te8+AVNFDfD1VhKH3HxetuuwQNQl7HXhYZgvb
cqYLi1fNH8QHkg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:11:16 2025 by rpki-client