Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
File: sszaHFSHy5ONV-phzC1i0xBw21E.mft (raw, json)
Hash identifier: Pt+4rnVA/lQzPEB10uNulVaPge1AWxsYORX7mVB/egM=
Subject key identifier: 34:4A:3E:1F:0C:C5:53:49:7E:73:FB:E4:5D:55:08:98:D6:E4:30:B5
Authority key identifier: B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51
Certificate issuer: /CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
Certificate serial: 01965ACBA0D997FD1D1CE90E14EBC151B74C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
Manifest number: 0B08
Signing time: Tue 22 Apr 2025 00:00:16 +0000
Manifest this update: Tue 22 Apr 2025 00:00:16 +0000
Manifest next update: Wed 23 Apr 2025 00:00:16 +0000
Files and hashes: 1: 3_xmC1ho9_8ZqNCvSg_4Ci-eALc.roa (hash: F7LfywH9mxXY2KxRJjRgggVLiwyV5wwnZqXcnTIZ+/Y=)
2: sszaHFSHy5ONV-phzC1i0xBw21E.crl (hash: fe4hN8o41/Bwo5KqJwhLR2EsEZMufyBHON7TAB9LG8k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:cb:a0:d9:97:fd:1d:1c:e9:0e:14:eb:c1:51:b7:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
Validity
Not Before: Apr 22 00:00:16 2025 GMT
Not After : Apr 23 00:00:16 2025 GMT
Subject: CN=344a3e1f0cc553497e73fbe45d550898d6e430b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bb:77:c1:fd:17:5b:56:00:8f:5b:2a:2a:7f:
d1:5b:69:28:ac:b1:99:79:98:2d:73:3c:fa:cc:a1:
82:51:ee:8a:60:02:46:f4:37:17:67:47:77:14:ad:
a7:bb:28:be:75:eb:06:50:d1:37:20:16:2c:c4:11:
72:bd:48:d2:5f:65:ea:0b:bc:ea:ed:df:7c:aa:a2:
3b:10:0d:33:80:db:ac:69:16:16:f0:43:64:1c:75:
30:75:a5:23:6f:fe:ff:ce:b1:f3:65:56:12:d4:10:
8d:56:93:d6:84:05:40:c9:ac:c2:0c:f9:4d:60:a0:
86:ee:c8:dd:83:86:5f:93:68:4c:6e:cf:cb:73:83:
1c:de:2a:0f:3c:e4:a1:29:9a:24:de:9c:72:55:f1:
02:cd:d9:44:b2:0f:59:56:2d:1e:be:4b:cc:20:a0:
4f:48:21:c4:cb:e5:8a:fa:e8:df:2a:67:7f:33:b1:
68:46:09:ca:1a:e3:0a:bf:7f:61:6b:50:f5:0b:f4:
0e:ce:36:7a:c1:66:d6:ae:68:79:77:a2:51:a5:d4:
35:12:04:c6:2a:4b:26:00:ea:d0:f5:0e:cb:5e:40:
5c:7d:e1:83:cc:3c:33:2d:13:0e:6f:a5:f2:1e:d9:
ae:f5:78:6c:ed:05:14:34:0c:03:0d:ca:13:c3:4e:
08:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4A:3E:1F:0C:C5:53:49:7E:73:FB:E4:5D:55:08:98:D6:E4:30:B5
X509v3 Authority Key Identifier:
keyid:B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:e9:fc:38:27:a5:9c:d2:8b:e1:90:d7:71:e9:13:56:84:09:
9a:fd:ea:cc:57:3f:6a:97:fe:34:c0:f3:a4:8b:f5:71:61:bf:
08:b3:b8:8c:7d:54:14:1d:76:da:ab:fc:f5:b0:8b:e0:20:a5:
bd:47:dd:89:73:7e:25:c0:f1:3f:37:cd:65:d4:f4:14:b0:9b:
bf:f5:f9:d9:a6:e3:79:3c:60:f1:a9:d9:af:8b:70:6c:f1:e3:
a0:16:51:7a:d5:80:b2:93:35:de:d7:bb:a4:7c:5b:aa:79:f5:
30:8c:4e:10:fd:6f:80:33:00:d2:5b:53:c0:26:51:83:a4:26:
52:ae:c3:c0:d0:07:25:c5:c5:55:ae:de:e8:67:a1:df:70:c2:
d3:b1:65:fe:cb:8b:ca:d3:a7:43:c0:c2:c6:d9:c2:bf:94:52:
9f:8d:92:34:72:a9:f0:cc:a2:c3:fc:d7:2c:a3:24:a6:34:96:
12:ff:fa:4f:d4:c6:b1:ec:32:ea:4b:d6:6a:37:cc:24:0d:f4:
6c:3a:f8:a2:79:05:a0:d9:2d:da:5c:06:4a:d0:de:de:3e:b8:
81:9e:42:2f:9d:2d:60:b4:0c:f1:44:62:9c:95:32:21:41:d1:
55:e5:ec:65:ea:bd:f9:16:f8:9e:cc:da:ee:76:86:c8:b1:b7:
27:23:87:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZay6DZl/0dHOkOFOvBUbdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyY2NkYTFjNTQ4N2NiOTM4ZDU3ZWE2MWNjMmQ2MmQzMTA3
MGRiNTEwHhcNMjUwNDIyMDAwMDE2WhcNMjUwNDIzMDAwMDE2WjAzMTEwLwYDVQQD
EygzNDRhM2UxZjBjYzU1MzQ5N2U3M2ZiZTQ1ZDU1MDg5OGQ2ZTQzMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurt3wf0XW1YAj1sqKn/RW2korLGZ
eZgtczz6zKGCUe6KYAJG9DcXZ0d3FK2nuyi+desGUNE3IBYsxBFyvUjSX2XqC7zq
7d98qqI7EA0zgNusaRYW8ENkHHUwdaUjb/7/zrHzZVYS1BCNVpPWhAVAyazCDPlN
YKCG7sjdg4Zfk2hMbs/Lc4Mc3ioPPOShKZok3pxyVfECzdlEsg9ZVi0evkvMIKBP
SCHEy+WK+ujfKmd/M7FoRgnKGuMKv39ha1D1C/QOzjZ6wWbWrmh5d6JRpdQ1EgTG
KksmAOrQ9Q7LXkBcfeGDzDwzLRMOb6XyHtmu9Xhs7QUUNAwDDcoTw04IOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRKPh8MxVNJfnP75F1VCJjW5DC1MB8GA1UdIwQY
MBaAFLLM2hxUh8uTjVfqYcwtYtMQcNtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzIt
M2RiOTYxNzAzZWE5LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzItM2RiOTYxNzAzZWE5
LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX+n8OCel
nNKL4ZDXcekTVoQJmv3qzFc/apf+NMDzpIv1cWG/CLO4jH1UFB122qv89bCL4CCl
vUfdiXN+JcDxPzfNZdT0FLCbv/X52abjeTxg8anZr4twbPHjoBZRetWAspM13te7
pHxbqnn1MIxOEP1vgDMA0ltTwCZRg6QmUq7DwNAHJcXFVa7e6Geh33DC07Fl/suL
ytOnQ8DCxtnCv5RSn42SNHKp8Myiw/zXLKMkpjSWEv/6T9TGsewy6kvWajfMJA30
bDr4onkFoNkt2lwGStDe3j64gZ5CL50tYLQM8URinJUyIUHRVeXsZeq9+Rb4nsza
7naGyLG3JyOHpQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:31 2025 by rpki-client