Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
File: IM1XQoSmAY5bA2Neml1lj99XNPA.mft (raw, json)
Hash identifier: TpCsgxuea5w6xCdDht5mRw9TzZE7TCIDftotKJzf6ZM=
Subject key identifier: 2C:D7:A6:95:B8:FF:45:6A:71:95:47:DA:B2:57:F5:46:E4:38:19:A5
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 01963B41089D4031986BE01B3CE4BD895901
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
Manifest number: 1236
Signing time: Tue 15 Apr 2025 21:00:39 +0000
Manifest this update: Tue 15 Apr 2025 21:00:39 +0000
Manifest next update: Wed 16 Apr 2025 21:00:39 +0000
Files and hashes: 1: IM1XQoSmAY5bA2Neml1lj99XNPA.crl (hash: NO48VcoQ4TJV5lEEKLmKGEu7lX/UVTezgV6xTq6Yht0=)
2: MWwIJyVW-xGM8HHmiPSGu90ysVM.roa (hash: 9euJkhmoCQb1LOfkGIPpqowd4pomSIjB0l7bFL7u4Yg=)
3: PiMCmpetvGyOad9hAP8fiU1Qa8U.roa (hash: W2k0p2aLpcmF1pGu+mKgyVPY0tAWg3LNT6+Z7BuBqqY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 21:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3b:41:08:9d:40:31:98:6b:e0:1b:3c:e4:bd:89:59:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Apr 15 21:00:39 2025 GMT
Not After : Apr 16 21:00:39 2025 GMT
Subject: CN=2cd7a695b8ff456a719547dab257f546e43819a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:8f:a3:de:db:4a:05:64:7f:fc:09:38:6c:d4:
ca:77:a1:1c:9b:11:a3:6f:c7:46:05:9e:a7:db:2a:
6f:17:2a:80:59:5a:a2:af:cd:3c:e3:d6:ca:9e:85:
3e:70:8f:92:12:83:57:d5:28:e2:42:fc:16:86:62:
95:3d:df:f4:c4:6a:ed:38:cf:92:38:e6:0e:3b:c9:
c3:58:94:6f:ee:1d:89:3b:61:8a:ab:69:bb:f8:4a:
59:22:7c:4d:7f:f0:e4:d1:b9:f2:19:64:b7:85:86:
dd:e2:c3:7b:9f:29:05:ef:fd:82:96:55:a8:22:a0:
9a:53:0b:49:ff:d9:bf:f6:8b:3a:cb:98:28:88:68:
a2:05:09:64:ef:c3:eb:bf:ce:5c:a3:b4:43:c8:9c:
5d:ed:5b:3c:be:8b:40:67:9c:bd:fd:eb:39:f4:47:
96:db:e9:31:94:c0:95:cc:97:49:ca:65:64:86:59:
30:68:16:25:e1:46:83:0c:75:19:79:32:8f:50:a6:
d5:49:e2:19:57:88:bc:8d:f8:9b:af:00:89:05:b2:
0d:33:e7:ac:60:a1:6a:a2:71:77:d9:84:7c:25:c2:
7a:90:81:c6:b5:f7:6c:59:79:61:a8:d5:e8:d0:00:
36:8e:fb:7c:6e:f8:55:4b:8a:bd:f3:e0:b9:31:39:
e6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D7:A6:95:B8:FF:45:6A:71:95:47:DA:B2:57:F5:46:E4:38:19:A5
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:19:df:5e:95:54:0c:ce:f2:84:16:35:09:3e:bf:24:80:64:
6e:71:23:fd:09:09:7f:a2:8d:a0:ae:8b:57:47:9c:5e:ba:f0:
9c:7c:0b:61:2a:8c:14:ac:9b:79:eb:8a:0a:68:78:a4:52:01:
fa:b7:8f:48:6e:ce:80:77:37:d1:9f:30:20:83:10:1f:f0:bd:
62:23:85:7a:fa:51:b1:f5:f5:31:b0:88:09:c8:da:0c:ad:80:
33:b2:d2:47:f7:53:cf:e6:72:a3:76:c5:30:58:cc:cd:a6:e3:
50:29:0e:6e:56:da:78:f6:67:87:d6:eb:22:13:b4:ab:2a:a3:
04:28:6c:fd:6c:ae:10:4f:bf:58:e9:97:e1:0e:b2:bb:61:7f:
f2:0f:60:1e:67:6f:f6:bf:f8:a6:d9:f5:60:76:fd:f9:9b:2d:
d8:68:42:d3:41:ab:f7:1b:55:bb:de:0f:d8:d9:7d:d3:3c:83:
97:da:e2:b4:aa:63:9e:0a:f8:11:b0:2a:0f:ab:a2:5a:80:74:
2b:fe:90:b6:3a:97:57:62:c6:4d:06:39:a3:17:27:2f:4b:b5:
21:6d:ed:a4:ad:97:19:6f:b5:19:7b:7d:50:a3:2d:54:f5:a8:
d0:fd:fe:e7:68:88:95:0f:f1:73:66:b4:70:0f:e9:84:d2:4a:
0b:88:87:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY7QQidQDGYa+AbPOS9iVkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2Q1NzQyODRhNjAxOGU1YjAzNjM1ZTlhNWQ2NThmZGY1
NzM0ZjAwHhcNMjUwNDE1MjEwMDM5WhcNMjUwNDE2MjEwMDM5WjAzMTEwLwYDVQQD
EygyY2Q3YTY5NWI4ZmY0NTZhNzE5NTQ3ZGFiMjU3ZjU0NmU0MzgxOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+I+j3ttKBWR//Ak4bNTKd6EcmxGj
b8dGBZ6n2ypvFyqAWVqir80849bKnoU+cI+SEoNX1SjiQvwWhmKVPd/0xGrtOM+S
OOYOO8nDWJRv7h2JO2GKq2m7+EpZInxNf/Dk0bnyGWS3hYbd4sN7nykF7/2CllWo
IqCaUwtJ/9m/9os6y5goiGiiBQlk78Prv85co7RDyJxd7Vs8votAZ5y9/es59EeW
2+kxlMCVzJdJymVkhlkwaBYl4UaDDHUZeTKPUKbVSeIZV4i8jfibrwCJBbINM+es
YKFqonF32YR8JcJ6kIHGtfdsWXlhqNXo0AA2jvt8bvhVS4q98+C5MTnmEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzXppW4/0VqcZVH2rJX9UbkOBmlMB8GA1UdIwQY
MBaAFCDNV0KEpgGOWwNjXppdZY/fVzTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUt
NDliNTY4N2ZlZTZkLzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUtNDliNTY4N2ZlZTZk
LzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxBnfXpVU
DM7yhBY1CT6/JIBkbnEj/QkJf6KNoK6LV0ecXrrwnHwLYSqMFKybeeuKCmh4pFIB
+rePSG7OgHc30Z8wIIMQH/C9YiOFevpRsfX1MbCICcjaDK2AM7LSR/dTz+Zyo3bF
MFjMzabjUCkOblbaePZnh9brIhO0qyqjBChs/WyuEE+/WOmX4Q6yu2F/8g9gHmdv
9r/4ptn1YHb9+Zst2GhC00Gr9xtVu94P2Nl90zyDl9ritKpjngr4EbAqD6uiWoB0
K/6QtjqXV2LGTQY5oxcnL0u1IW3tpK2XGW+1GXt9UKMtVPWo0P3+52iIlQ/xc2a0
cA/phNJKC4iHqQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:47:22 2025 by rpki-client