Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
File: klA6rxJq980DHKw84eOYwXS4LgI.mft (raw, json)
Hash identifier: eafvUFqze3Q04VdiXbUfMaY3G0QpbGnlQLI82Dogurc=
Subject key identifier: 99:0F:6B:80:3C:F4:0A:DD:69:16:6B:34:7E:41:0F:48:4C:4F:4C:B6
Authority key identifier: 92:50:3A:AF:12:6A:F7:CD:03:1C:AC:3C:E1:E3:98:C1:74:B8:2E:02
Certificate issuer: /CN=92503aaf126af7cd031cac3ce1e398c174b82e02
Certificate serial: 019578A24D207F605E0A99D14253178967E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
Manifest number: 0BEF
Signing time: Sun 09 Mar 2025 02:00:57 +0000
Manifest this update: Sun 09 Mar 2025 02:00:57 +0000
Manifest next update: Mon 10 Mar 2025 02:00:57 +0000
Files and hashes: 1: LyKlqkZe1vL0FqTF3iiSvFK7hTQ.roa (hash: 2Vj99SsHB7IFNM1FIg40rxpKy12rqtdylkU9a0vtpMc=)
2: klA6rxJq980DHKw84eOYwXS4LgI.crl (hash: VIRcV8PgnrGOVOwnltwm8T8xNg0IvMJJbCdwAVZQcTs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 02:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:78:a2:4d:20:7f:60:5e:0a:99:d1:42:53:17:89:67:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92503aaf126af7cd031cac3ce1e398c174b82e02
Validity
Not Before: Mar 9 02:00:57 2025 GMT
Not After : Mar 10 02:00:57 2025 GMT
Subject: CN=990f6b803cf40add69166b347e410f484c4f4cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:45:cb:a3:1b:05:d9:4d:36:02:d6:f3:a9:d5:
45:bc:56:c9:76:33:d0:9d:dd:e1:b4:2b:f0:9a:28:
0b:67:c0:d3:38:23:e6:03:52:7b:14:87:15:75:f3:
71:fe:dd:04:1d:2b:be:ef:ad:bc:91:7c:99:2f:4b:
ab:66:8a:9f:5a:88:90:06:4f:81:7a:71:eb:fe:c0:
49:36:97:20:fd:90:60:ab:01:56:54:3a:46:13:fe:
a4:25:56:97:e3:44:93:d7:c8:59:5f:d9:8a:57:70:
d7:13:73:af:b7:ee:05:d9:b5:34:1f:f2:cb:59:36:
a6:24:e0:5e:b0:e3:92:29:5e:ec:2b:3a:6f:04:4f:
e9:0f:71:36:e5:6d:49:06:3f:7d:46:c1:bf:b1:51:
db:72:ad:ee:b0:cc:ec:4f:9a:6c:2e:75:98:cd:b0:
84:a9:43:50:d5:8c:0d:f1:ec:c8:03:65:87:e2:6a:
c9:a2:0e:cb:41:31:3f:6a:f6:7e:e7:a5:93:5d:ba:
83:30:ef:3a:2e:92:12:f0:db:1d:a8:a0:2c:1e:e3:
c3:b7:75:15:08:a4:f6:ce:d8:3b:59:13:64:f3:cd:
c9:fe:97:8b:30:b8:4c:76:b9:b9:3f:66:07:29:69:
a7:15:9e:b3:27:cf:f8:f8:60:c4:42:a8:26:f2:5e:
c9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0F:6B:80:3C:F4:0A:DD:69:16:6B:34:7E:41:0F:48:4C:4F:4C:B6
X509v3 Authority Key Identifier:
keyid:92:50:3A:AF:12:6A:F7:CD:03:1C:AC:3C:E1:E3:98:C1:74:B8:2E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:e9:2a:e4:0a:c7:d1:30:20:d4:58:cc:72:3e:21:f1:7b:28:
aa:2f:c6:b4:76:56:f1:09:e6:8b:22:13:e6:40:0c:58:2e:90:
ca:be:41:72:d2:90:a8:2e:b1:f4:11:51:82:f3:e0:4a:64:8f:
92:03:92:c1:b7:04:9a:30:3c:6d:f3:ad:33:fb:68:ef:3e:22:
80:a8:6f:67:1a:fd:e7:e2:bb:a7:b2:54:52:76:e8:a7:28:bd:
36:da:d2:8b:35:80:3a:cc:1f:b7:ce:34:56:01:f5:22:fc:51:
e6:64:72:26:53:e9:76:b7:01:65:c7:52:7a:b2:95:7d:0b:30:
68:a6:58:98:dd:1f:db:c0:87:9c:a7:1d:fb:02:ce:bf:ed:36:
d5:22:2b:1d:89:d1:d0:47:81:8e:e6:51:07:c9:c1:63:2d:fe:
20:22:bb:7f:1f:4f:36:e3:f6:01:fc:af:f4:70:5b:4f:82:79:
04:27:46:06:48:32:d3:6d:e3:2b:3d:5b:97:d9:f2:32:3b:5e:
20:0b:4b:f6:57:4c:b8:3c:f8:57:91:f6:0f:66:7d:1e:ae:b7:
2b:b9:82:1a:9f:75:c1:db:d2:8d:d3:8e:9f:64:00:b4:88:ac:
ca:a4:60:47:b3:8a:dc:ee:28:75:c0:49:66:ec:07:79:d1:3d:
ba:2e:30:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV4ok0gf2BeCpnRQlMXiWflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTAzYWFmMTI2YWY3Y2QwMzFjYWMzY2UxZTM5OGMxNzRi
ODJlMDIwHhcNMjUwMzA5MDIwMDU3WhcNMjUwMzEwMDIwMDU3WjAzMTEwLwYDVQQD
Eyg5OTBmNmI4MDNjZjQwYWRkNjkxNjZiMzQ3ZTQxMGY0ODRjNGY0Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0XLoxsF2U02AtbzqdVFvFbJdjPQ
nd3htCvwmigLZ8DTOCPmA1J7FIcVdfNx/t0EHSu+7628kXyZL0urZoqfWoiQBk+B
enHr/sBJNpcg/ZBgqwFWVDpGE/6kJVaX40ST18hZX9mKV3DXE3Ovt+4F2bU0H/LL
WTamJOBesOOSKV7sKzpvBE/pD3E25W1JBj99RsG/sVHbcq3usMzsT5psLnWYzbCE
qUNQ1YwN8ezIA2WH4mrJog7LQTE/avZ+56WTXbqDMO86LpIS8NsdqKAsHuPDt3UV
CKT2ztg7WRNk883J/peLMLhMdrm5P2YHKWmnFZ6zJ8/4+GDEQqgm8l7JTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkPa4A89ArdaRZrNH5BD0hMT0y2MB8GA1UdIwQY
MBaAFJJQOq8SavfNAxysPOHjmMF0uC4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OWJkYjAtYmQ1Yy00ODAwLTk3Njgt
YWZkMTI2OGZkYmZkLzEva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OWJkYjAtYmQ1Yy00ODAwLTk3NjgtYWZkMTI2OGZkYmZk
LzEva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX+kq5ArH
0TAg1FjMcj4h8Xsoqi/GtHZW8QnmiyIT5kAMWC6Qyr5BctKQqC6x9BFRgvPgSmSP
kgOSwbcEmjA8bfOtM/to7z4igKhvZxr95+K7p7JUUnbopyi9NtrSizWAOswft840
VgH1IvxR5mRyJlPpdrcBZcdSerKVfQswaKZYmN0f28CHnKcd+wLOv+021SIrHYnR
0EeBjuZRB8nBYy3+ICK7fx9PNuP2Afyv9HBbT4J5BCdGBkgy023jKz1bl9nyMjte
IAtL9ldMuDz4V5H2D2Z9Hq63K7mCGp91wdvSjdOOn2QAtIisyqRgR7OK3O4odcBJ
ZuwHedE9ui4wKQ==
-----END CERTIFICATE-----
Generated at Sun Mar 9 10:13:45 2025 by rpki-client