Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier: FE2ojcgYxG5vNAyUP1mYEmQIjB45FPPuCcsSRqcPO6k=
Subject key identifier: 7D:6B:D7:89:B0:CC:44:27:89:03:EE:52:F4:56:62:CA:FD:27:8E:51
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 01963B77EE9B7DD4DCBD4F06E60455CA7DB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number: 14F3
Signing time: Tue 15 Apr 2025 22:00:37 +0000
Manifest this update: Tue 15 Apr 2025 22:00:37 +0000
Manifest next update: Wed 16 Apr 2025 22:00:37 +0000
Files and hashes: 1: WdYc6wSLVkfUe7irxf4uyXxEIsM.roa (hash: dpYwLA3RR3eH0lZ7/JtVVQoaXF1Y2bKy7GfyH86APlE=)
2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: pEDBhtmPOn47KjZBm6/BM16+1EQ+lRCvr2qsVb0xGeQ=)
3: tUMiGCgmsKV0vxqojlEA4oJxpRM.roa (hash: UydNeJbpnz/tc0fGV+RmvBf+BwmLoVjaXgDPrRLbpVY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 22:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3b:77:ee:9b:7d:d4:dc:bd:4f:06:e6:04:55:ca:7d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: Apr 15 22:00:37 2025 GMT
Not After : Apr 16 22:00:37 2025 GMT
Subject: CN=7d6bd789b0cc44278903ee52f45662cafd278e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:14:59:7e:47:86:a4:0e:5e:e2:35:6e:31:77:
5e:6e:4a:61:35:34:26:1e:4b:ac:4e:99:2d:77:12:
ef:45:9f:28:f0:a0:ab:51:9a:2d:f6:7f:5a:c2:18:
eb:05:4f:20:9d:19:7a:80:32:bc:d5:39:38:0f:68:
b7:ec:46:c3:36:f3:f8:5c:26:c9:57:f9:6e:d6:27:
a3:96:e0:6f:18:b6:c9:b3:2c:c2:9c:68:2a:e9:92:
a0:21:59:ed:4d:2a:1d:c5:34:57:7a:50:23:a1:af:
08:fb:ed:45:44:7e:87:51:8e:48:84:b5:ba:71:31:
e9:ed:67:30:7f:1f:1a:88:91:46:13:2e:d7:c0:77:
d5:51:05:62:78:76:c9:b2:be:45:c9:dc:80:75:1d:
4f:fd:08:1f:4a:2c:6f:0a:72:f8:ad:ee:1c:53:0c:
c7:32:ba:21:0e:0b:79:fd:97:d1:27:cf:24:d5:f9:
b9:92:61:f1:39:b3:ad:af:e9:cf:db:db:7a:64:dd:
78:0f:e4:2a:c9:9c:40:24:6e:36:57:6d:f5:2c:45:
0d:d9:3f:89:1f:94:1e:48:7e:65:62:d2:e2:70:2a:
a5:0e:dc:75:cd:b9:7d:53:2e:7a:73:81:d5:8a:b0:
dd:75:69:b4:ea:19:94:55:9c:f3:40:ae:05:3a:48:
12:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:6B:D7:89:B0:CC:44:27:89:03:EE:52:F4:56:62:CA:FD:27:8E:51
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c3:38:9a:bb:de:ed:d4:c4:29:ba:f2:38:26:31:b8:22:58:c3:
8a:34:90:3b:c5:af:a9:4a:cf:62:d8:30:ea:a0:5f:14:c1:ee:
76:b2:ab:c4:b8:ca:01:55:28:6f:9b:3f:dd:df:75:20:a0:bd:
fe:51:fd:04:dc:47:e7:a7:98:9f:73:00:2f:89:22:21:b0:80:
5e:1f:e0:65:df:6f:86:74:c3:0e:71:70:8b:1c:71:a7:6e:85:
05:50:86:90:1c:db:bd:31:fb:01:2c:be:5c:c6:2b:ce:cc:d6:
43:e5:6c:d2:da:5e:c1:ce:08:04:06:55:22:a8:5a:ed:e1:61:
a2:e8:d8:c4:fc:7d:f0:f5:24:02:93:48:71:45:57:8f:4f:74:
17:78:6d:fc:ba:b2:5f:94:bc:95:8b:92:7d:e6:a1:a1:54:80:
ee:64:27:1b:df:ee:46:b8:dd:97:33:28:ff:3a:a4:4e:48:33:
29:a3:56:8c:7a:12:57:e3:73:ab:16:df:cc:5b:7b:19:e8:ba:
67:c1:26:e6:f8:83:12:b0:1b:16:00:a7:5a:e4:b8:02:97:92:
fd:61:cc:1c:7f:d2:e3:da:4d:79:02:52:11:69:32:2b:45:14:
04:58:95:b4:c5:7c:95:9e:72:dc:5f:ff:fd:3a:05:7e:8d:fb:
b3:f4:7b:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY7d+6bfdTcvU8G5gRVyn2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjUwNDE1MjIwMDM3WhcNMjUwNDE2MjIwMDM3WjAzMTEwLwYDVQQD
Eyg3ZDZiZDc4OWIwY2M0NDI3ODkwM2VlNTJmNDU2NjJjYWZkMjc4ZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxRZfkeGpA5e4jVuMXdebkphNTQm
HkusTpktdxLvRZ8o8KCrUZot9n9awhjrBU8gnRl6gDK81Tk4D2i37EbDNvP4XCbJ
V/lu1iejluBvGLbJsyzCnGgq6ZKgIVntTSodxTRXelAjoa8I++1FRH6HUY5IhLW6
cTHp7Wcwfx8aiJFGEy7XwHfVUQVieHbJsr5FydyAdR1P/QgfSixvCnL4re4cUwzH
MrohDgt5/ZfRJ88k1fm5kmHxObOtr+nP29t6ZN14D+QqyZxAJG42V231LEUN2T+J
H5QeSH5lYtLicCqlDtx1zbl9Uy56c4HVirDddWm06hmUVZzzQK4FOkgSBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1r14mwzEQniQPuUvRWYsr9J45RMB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwziau97t
1MQpuvI4JjG4IljDijSQO8WvqUrPYtgw6qBfFMHudrKrxLjKAVUob5s/3d91IKC9
/lH9BNxH56eYn3MAL4kiIbCAXh/gZd9vhnTDDnFwixxxp26FBVCGkBzbvTH7ASy+
XMYrzszWQ+Vs0tpewc4IBAZVIqha7eFhoujYxPx98PUkApNIcUVXj090F3ht/Lqy
X5S8lYuSfeahoVSA7mQnG9/uRrjdlzMo/zqkTkgzKaNWjHoSV+NzqxbfzFt7Gei6
Z8Em5viDErAbFgCnWuS4ApeS/WHMHH/S49pNeQJSEWkyK0UUBFiVtMV8lZ5y3F//
/ToFfo37s/R7+A==
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:48:25 2025 by rpki-client