Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
File: UFZxLM-od6u3YMt34nBBd0ywRzk.mft (raw, json)
Hash identifier: gSno+jqTTB1LOM4l+vwiLRV22kTk11e3VG2IByFKiSk=
Subject key identifier: 1D:5B:F7:22:C9:E7:E1:C3:BA:26:D5:78:4A:75:F0:F4:1F:D0:2C:FE
Authority key identifier: 50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
Certificate issuer: /CN=5056712ccfa877abb760cb77e27041774cb04739
Certificate serial: 01965537E3C566FF92423D900113689F3651
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
Manifest number: 1502
Signing time: Sun 20 Apr 2025 22:00:48 +0000
Manifest this update: Sun 20 Apr 2025 22:00:48 +0000
Manifest next update: Mon 21 Apr 2025 22:00:48 +0000
Files and hashes: 1: KkYiM3e0iOAnAg_yFBFSK_bjJl8.roa (hash: 5A5Vdre+g6oCjMH5zABiFnTSkWahsDuZjsJoxbwHMo0=)
2: UFZxLM-od6u3YMt34nBBd0ywRzk.crl (hash: aXahWfeV1zUgdFMpXucm/SGZGP0SkY+eT722Gd6ilWw=)
3: _Q23PPlL8v2niGzmSooSDUdLWSk.roa (hash: 8JwVrSvS2kxaZsRD1vVjitt0fjw3hWWmjxqgx0yIUoc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:37:e3:c5:66:ff:92:42:3d:90:01:13:68:9f:36:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5056712ccfa877abb760cb77e27041774cb04739
Validity
Not Before: Apr 20 22:00:48 2025 GMT
Not After : Apr 21 22:00:48 2025 GMT
Subject: CN=1d5bf722c9e7e1c3ba26d5784a75f0f41fd02cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b5:65:a8:9a:81:30:62:52:d1:4e:50:65:be:
2e:86:8b:21:a8:c2:fd:f1:2a:ff:a2:4f:25:3c:e5:
01:04:bd:bc:44:76:db:00:3c:77:3b:b0:0e:7f:9b:
a5:29:1c:f9:4b:d6:9e:43:35:a9:83:6a:bc:2d:49:
a4:d5:c3:2e:d6:ec:6d:85:ba:d7:6c:6e:9c:67:df:
70:74:1a:75:f3:77:15:af:fd:b5:81:4e:97:0f:62:
35:42:df:13:54:83:d5:99:00:bc:bd:44:c8:4c:7c:
12:15:f2:04:dd:54:c0:87:eb:ae:34:8b:cb:8c:6f:
1c:ce:4b:3e:88:b2:f3:b1:91:bd:09:94:b5:3a:39:
da:60:61:0d:8a:02:6d:e2:57:ea:39:11:c2:b7:50:
ee:d1:ec:cd:c4:1a:5a:70:d8:3f:24:37:5c:5e:51:
1f:79:2f:0d:5a:5c:9d:b0:07:96:f7:a4:6e:6f:85:
b7:7e:d3:1a:54:ab:d1:79:80:f9:61:4e:5c:15:ea:
f0:e6:47:2f:d5:ce:58:c1:fc:2f:2c:3b:e7:01:fe:
ec:8d:7a:44:03:ea:1c:d0:98:fd:30:5d:ed:84:d5:
63:8f:b0:a4:c6:8e:80:5f:c8:f1:aa:46:8f:2b:64:
2b:bd:69:b8:50:fb:22:36:e6:66:9b:44:56:30:92:
58:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5B:F7:22:C9:E7:E1:C3:BA:26:D5:78:4A:75:F0:F4:1F:D0:2C:FE
X509v3 Authority Key Identifier:
keyid:50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:57:2b:7f:d9:97:f4:e4:8a:ed:f4:0b:ca:38:d6:dd:b8:5d:
58:1a:cb:3f:03:9a:58:fd:9c:4c:a5:df:94:21:f7:fd:43:2b:
e5:b1:1b:8d:01:08:bf:2d:ac:4a:6d:b6:45:6d:2c:29:f0:37:
35:21:fe:2c:1e:1f:84:8b:87:e8:86:bc:dd:f2:3b:d6:4c:ae:
a1:07:76:3c:de:a9:cf:44:99:55:d4:a5:e7:08:33:a7:9a:c2:
9b:6b:1d:06:aa:62:85:37:3e:3d:61:4d:4d:05:ef:75:00:97:
37:33:52:0f:08:a2:74:1e:ae:72:db:1f:4f:f8:1d:d4:92:3f:
40:9c:33:61:cc:57:7f:2f:9b:03:d8:4e:cd:ad:3c:f7:15:ff:
dd:87:fa:5c:5c:cb:6c:a1:d3:89:63:35:b4:3a:54:66:85:3d:
a5:70:0e:ff:fe:08:9c:c5:21:64:6c:66:1b:ce:af:9f:86:5c:
82:99:94:10:fd:9e:32:de:f2:66:13:61:98:2c:d1:98:28:19:
df:38:4c:5e:09:52:93:c9:47:a0:a2:6f:35:94:54:47:59:2e:
80:2d:c2:c3:09:90:cf:64:60:23:b3:62:71:c5:75:12:b0:0a:
57:6d:73:ed:f6:71:b2:2a:8a:5d:af:99:e2:9d:14:31:93:43:
b3:f0:09:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN+PFZv+SQj2QARNonzZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTY3MTJjY2ZhODc3YWJiNzYwY2I3N2UyNzA0MTc3NGNi
MDQ3MzkwHhcNMjUwNDIwMjIwMDQ4WhcNMjUwNDIxMjIwMDQ4WjAzMTEwLwYDVQQD
EygxZDViZjcyMmM5ZTdlMWMzYmEyNmQ1Nzg0YTc1ZjBmNDFmZDAyY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rVlqJqBMGJS0U5QZb4uhoshqML9
8Sr/ok8lPOUBBL28RHbbADx3O7AOf5ulKRz5S9aeQzWpg2q8LUmk1cMu1uxthbrX
bG6cZ99wdBp183cVr/21gU6XD2I1Qt8TVIPVmQC8vUTITHwSFfIE3VTAh+uuNIvL
jG8czks+iLLzsZG9CZS1OjnaYGENigJt4lfqORHCt1Du0ezNxBpacNg/JDdcXlEf
eS8NWlydsAeW96Rub4W3ftMaVKvReYD5YU5cFerw5kcv1c5YwfwvLDvnAf7sjXpE
A+oc0Jj9MF3thNVjj7Ckxo6AX8jxqkaPK2QrvWm4UPsiNuZmm0RWMJJYvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1b9yLJ5+HDuibVeEp18PQf0Cz+MB8GA1UdIwQY
MBaAFFBWcSzPqHert2DLd+JwQXdMsEc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGIt
Zjg0YjYwNTIxZGY1LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGItZjg0YjYwNTIxZGY1
LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlVcrf9mX
9OSK7fQLyjjW3bhdWBrLPwOaWP2cTKXflCH3/UMr5bEbjQEIvy2sSm22RW0sKfA3
NSH+LB4fhIuH6Ia83fI71kyuoQd2PN6pz0SZVdSl5wgzp5rCm2sdBqpihTc+PWFN
TQXvdQCXNzNSDwiidB6uctsfT/gd1JI/QJwzYcxXfy+bA9hOza089xX/3Yf6XFzL
bKHTiWM1tDpUZoU9pXAO//4InMUhZGxmG86vn4ZcgpmUEP2eMt7yZhNhmCzRmCgZ
3zhMXglSk8lHoKJvNZRUR1kugC3CwwmQz2RgI7NiccV1ErAKV21z7fZxsiqKXa+Z
4p0UMZNDs/AJ7g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:45 2025 by rpki-client