Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: /4uD4g9gnz3XXetDX79sqUqAjTesEM145JGpk4r/aJQ=
Subject key identifier: 4B:AA:8F:C4:7E:45:48:B8:70:18:7D:09:1F:DC:29:AE:9D:56:C8:89
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 01964AB4039B1C433C913430FBBEBAA78B91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 011B
Signing time: Fri 18 Apr 2025 21:00:33 +0000
Manifest this update: Fri 18 Apr 2025 21:00:33 +0000
Manifest next update: Sat 19 Apr 2025 21:00:33 +0000
Files and hashes: 1: 5ZRHOA8DDg_XhJ8JjCvhTOGiC1w.roa (hash: eWpgjaoVJC0L+xFRvzTJa/HrtM2zzM7SykfE1sq9g2I=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: tS880s5o9ShAJP0ApJhe8ZMU2MtwISb5gz6G20E9T/M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4a:b4:03:9b:1c:43:3c:91:34:30:fb:be:ba:a7:8b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Apr 18 21:00:33 2025 GMT
Not After : Apr 19 21:00:33 2025 GMT
Subject: CN=4baa8fc47e4548b870187d091fdc29ae9d56c889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b3:d4:46:af:bd:00:9f:50:99:1f:3d:dd:12:
26:a1:15:ba:13:5f:dd:25:bb:9c:43:45:c1:4c:a1:
c3:ef:eb:98:87:23:1d:23:1f:44:14:2f:e2:d0:36:
8e:0f:da:33:4e:d8:13:9a:8b:55:b7:5f:93:06:dc:
8e:b9:79:64:16:cd:c4:5d:26:b2:dd:9d:5c:23:2a:
38:63:8a:f9:5a:12:c0:1a:20:d1:a3:48:7f:ef:73:
23:0e:a3:cb:60:47:86:7e:98:0d:dc:95:ad:bb:c0:
a9:e1:dd:56:15:45:16:f3:f7:6a:5a:ec:fb:52:eb:
d9:32:5e:84:e7:9e:75:53:7f:56:2f:e9:96:a2:eb:
87:5e:4f:d9:72:d4:5d:b9:98:e6:78:57:f8:88:be:
05:31:11:2f:84:5a:c7:1e:bc:1c:b7:9f:e6:5e:08:
ef:29:e7:6b:be:04:40:89:f7:ad:b4:7e:fd:5c:4d:
70:d5:3c:e6:c2:f8:75:f6:bd:c4:fb:8e:1d:52:16:
4d:90:69:f6:77:e9:9a:2c:1f:5d:92:64:24:c4:99:
84:c1:72:36:a6:18:e9:60:d0:58:47:e6:a5:5a:3b:
22:ec:c5:5a:a9:42:1f:4c:b9:4c:40:c0:de:47:b8:
3c:05:10:ed:df:c1:f3:1b:2d:26:46:56:6b:b8:b9:
c4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AA:8F:C4:7E:45:48:B8:70:18:7D:09:1F:DC:29:AE:9D:56:C8:89
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:a4:8b:8d:b0:07:01:d0:a3:2a:4b:b9:38:f6:41:98:9b:eb:
b0:5f:3e:ec:05:09:e3:4c:7a:20:52:1f:1f:68:1a:c5:f3:f0:
12:7f:80:56:01:1c:93:38:74:c4:e3:6b:8d:4d:8b:70:ac:21:
1c:7c:fc:b5:21:63:b0:22:4a:35:23:0a:5a:6b:09:16:51:f6:
b9:fb:34:2b:6f:46:b9:a5:e0:ab:1e:f2:85:47:54:54:46:7b:
e1:7a:42:f9:4b:0b:c8:95:7d:cf:7c:d3:c6:62:1e:0f:fd:2c:
af:80:f1:6c:08:7e:58:26:13:46:5e:2a:ea:2d:4a:5b:8b:be:
2f:48:5b:d6:36:c2:a2:ca:cf:1f:7e:fb:48:90:bf:42:b2:ae:
e4:11:c1:ef:de:cf:ce:c0:50:b5:b2:1e:ac:c3:5a:78:d1:a1:
f4:8a:b2:b1:6e:1e:21:77:00:5b:29:f8:93:d2:c3:26:47:41:
a7:d3:93:42:7e:7e:54:e5:e3:b1:ef:6c:f2:e9:13:29:d0:03:
38:b6:82:9d:bc:31:b3:89:c4:55:a2:fc:c2:e5:70:16:ec:d7:
cb:ab:c3:3d:70:ac:42:8b:e0:fb:02:f6:ef:82:a1:cb:82:db:
aa:51:f4:2a:82:e8:10:d5:21:c2:d7:72:1f:64:58:7e:3f:b4:
0a:ff:69:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKtAObHEM8kTQw+766p4uRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjUwNDE4MjEwMDMzWhcNMjUwNDE5MjEwMDMzWjAzMTEwLwYDVQQD
Eyg0YmFhOGZjNDdlNDU0OGI4NzAxODdkMDkxZmRjMjlhZTlkNTZjODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbPURq+9AJ9QmR893RImoRW6E1/d
JbucQ0XBTKHD7+uYhyMdIx9EFC/i0DaOD9ozTtgTmotVt1+TBtyOuXlkFs3EXSay
3Z1cIyo4Y4r5WhLAGiDRo0h/73MjDqPLYEeGfpgN3JWtu8Cp4d1WFUUW8/dqWuz7
UuvZMl6E5551U39WL+mWouuHXk/ZctRduZjmeFf4iL4FMREvhFrHHrwct5/mXgjv
KedrvgRAifettH79XE1w1Tzmwvh19r3E+44dUhZNkGn2d+maLB9dkmQkxJmEwXI2
phjpYNBYR+alWjsi7MVaqUIfTLlMQMDeR7g8BRDt38HzGy0mRlZruLnE3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuqj8R+RUi4cBh9CR/cKa6dVsiJMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6SLjbAH
AdCjKku5OPZBmJvrsF8+7AUJ40x6IFIfH2gaxfPwEn+AVgEckzh0xONrjU2LcKwh
HHz8tSFjsCJKNSMKWmsJFlH2ufs0K29GuaXgqx7yhUdUVEZ74XpC+UsLyJV9z3zT
xmIeD/0sr4DxbAh+WCYTRl4q6i1KW4u+L0hb1jbCosrPH377SJC/QrKu5BHB797P
zsBQtbIerMNaeNGh9IqysW4eIXcAWyn4k9LDJkdBp9OTQn5+VOXjse9s8ukTKdAD
OLaCnbwxs4nEVaL8wuVwFuzXy6vDPXCsQovg+wL274Khy4LbqlH0KoLoENUhwtdy
H2RYfj+0Cv9pCw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:35:50 2025 by rpki-client