Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
File: mKUzMIdAu70he_adzpCz9UEghFc.mft (raw, json)
Hash identifier: uZNjug1hk2eIB9QhMVTOBxzvj5wzq8WbfKL8TrepG/4=
Subject key identifier: 3E:D2:0F:6D:36:6B:5A:CF:BE:35:EB:8D:E7:8B:AC:DA:1A:5A:74:20
Authority key identifier: 98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
Certificate issuer: /CN=98a533308740bbbd217bf69dce90b3f541208457
Certificate serial: 0196120E61EC79F92DF1EEDBAD2740CFFA91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
Manifest number: 14DE
Signing time: Mon 07 Apr 2025 21:00:54 +0000
Manifest this update: Mon 07 Apr 2025 21:00:54 +0000
Manifest next update: Tue 08 Apr 2025 21:00:54 +0000
Files and hashes: 1: 4hnUUt9Ys_eQWvU2fA6JemX65dw.roa (hash: ntUnKbzWvKshnrPe1olGFJu/nCj9Xb/2m4Wf2hJLEss=)
2: mKUzMIdAu70he_adzpCz9UEghFc.crl (hash: l5USX7U1xYuiOxziQ4j/j27bke4nXZmYkVsLM1tm/cA=)
3: sfQ3GEtYzhBBWxqpfOQ0GcKpsbY.roa (hash: wrk4xF0OxGaC9MkY6FPvwbKzU+JxYtuzUOz5b0tcuxA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:12:0e:61:ec:79:f9:2d:f1:ee:db:ad:27:40:cf:fa:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a533308740bbbd217bf69dce90b3f541208457
Validity
Not Before: Apr 7 21:00:54 2025 GMT
Not After : Apr 8 21:00:54 2025 GMT
Subject: CN=3ed20f6d366b5acfbe35eb8de78bacda1a5a7420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d7:eb:0a:25:7c:68:32:52:63:e3:6a:88:f3:
e5:d0:45:2e:f1:cd:cd:f2:2c:11:80:c5:84:12:e2:
ce:b7:9e:6f:0f:3e:3a:8b:5b:53:a3:b9:d1:64:88:
05:c7:ba:34:5e:9d:46:94:29:62:75:c5:f7:19:13:
97:95:14:04:d8:45:e3:1e:1f:fb:5f:3d:b3:ce:75:
17:78:08:9a:8e:fc:95:4c:a1:04:a7:0e:5b:47:dc:
9b:d6:33:ed:52:d8:78:ee:8b:25:98:d2:8e:70:d7:
6a:c1:fc:70:70:5e:29:10:51:f7:4c:ae:55:1e:46:
7f:ff:95:3e:a4:cc:50:01:c0:ba:76:bc:97:d1:f5:
0a:63:10:f2:ad:f5:2b:30:fa:5b:0b:29:90:2a:1b:
e4:15:40:5b:32:f6:65:7c:a6:8f:fa:2f:e1:6f:8a:
44:21:52:96:75:82:61:e1:a5:f5:6a:9c:69:f9:87:
20:1e:58:7c:a1:3c:4a:b2:29:73:e5:c1:34:dc:2b:
61:53:c5:86:3e:43:aa:0b:ce:0c:f6:bd:99:ca:fb:
4c:45:05:44:2c:51:37:2a:e2:64:11:4a:09:0d:59:
76:c9:bb:f1:39:83:fa:b8:1f:41:56:d1:1b:6b:00:
7b:00:4a:ca:d7:ed:8c:2e:ac:30:9a:9d:d2:b4:0e:
58:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D2:0F:6D:36:6B:5A:CF:BE:35:EB:8D:E7:8B:AC:DA:1A:5A:74:20
X509v3 Authority Key Identifier:
keyid:98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:60:c5:7a:83:d6:dd:3b:db:d1:97:da:82:d4:ff:0f:0e:42:
f2:60:f9:48:ec:fa:d6:d9:2b:5a:17:e2:27:58:6a:1c:51:1b:
9b:94:eb:d6:28:27:80:2b:7b:ad:aa:6f:87:95:e0:ae:0b:1f:
6e:ff:3e:5f:d2:e2:a3:87:86:7d:79:8e:54:32:07:3b:d5:bd:
06:ba:b4:39:d7:51:96:f7:82:e1:d5:d9:e2:e4:5c:8e:79:57:
03:d1:ad:50:87:8a:50:33:22:23:a4:f9:3e:f7:8e:6e:5a:25:
63:66:5f:fe:3e:71:78:25:e6:fb:2f:cb:3d:00:ab:73:5c:3f:
92:51:55:a3:7b:ab:b3:b7:ad:a4:54:75:de:80:ea:fe:b2:67:
fc:7e:02:09:65:0b:70:2c:5b:c5:2d:ad:a4:24:eb:0e:35:45:
9f:f3:44:ad:55:e2:63:90:7e:f2:f0:31:d9:41:8a:76:86:e4:
7c:10:d8:04:c6:06:78:00:41:5b:13:39:9e:29:3d:3d:84:8e:
4e:e2:5e:7b:5a:9c:81:1c:d7:fb:dd:d9:e3:33:b8:74:3e:37:
52:c6:70:68:a4:6a:95:0c:24:66:40:21:a8:ad:e6:fa:d2:0f:
64:a3:8b:d1:7a:66:15:ac:83:e7:3b:e0:3d:ce:af:51:d6:8a:
96:01:ea:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYSDmHsefkt8e7brSdAz/qRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTUzMzMwODc0MGJiYmQyMTdiZjY5ZGNlOTBiM2Y1NDEy
MDg0NTcwHhcNMjUwNDA3MjEwMDU0WhcNMjUwNDA4MjEwMDU0WjAzMTEwLwYDVQQD
EygzZWQyMGY2ZDM2NmI1YWNmYmUzNWViOGRlNzhiYWNkYTFhNWE3NDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitfrCiV8aDJSY+NqiPPl0EUu8c3N
8iwRgMWEEuLOt55vDz46i1tTo7nRZIgFx7o0Xp1GlClidcX3GROXlRQE2EXjHh/7
Xz2zznUXeAiajvyVTKEEpw5bR9yb1jPtUth47oslmNKOcNdqwfxwcF4pEFH3TK5V
HkZ//5U+pMxQAcC6dryX0fUKYxDyrfUrMPpbCymQKhvkFUBbMvZlfKaP+i/hb4pE
IVKWdYJh4aX1apxp+YcgHlh8oTxKsilz5cE03CthU8WGPkOqC84M9r2ZyvtMRQVE
LFE3KuJkEUoJDVl2ybvxOYP6uB9BVtEbawB7AErK1+2MLqwwmp3StA5Y0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7SD202a1rPvjXrjeeLrNoaWnQgMB8GA1UdIwQY
MBaAFJilMzCHQLu9IXv2nc6Qs/VBIIRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2Qt
OWY2ODkwZjkyZTYwLzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2QtOWY2ODkwZjkyZTYw
LzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm2DFeoPW
3Tvb0ZfagtT/Dw5C8mD5SOz61tkrWhfiJ1hqHFEbm5Tr1igngCt7rapvh5Xgrgsf
bv8+X9Lio4eGfXmOVDIHO9W9Brq0OddRlveC4dXZ4uRcjnlXA9GtUIeKUDMiI6T5
PveOblolY2Zf/j5xeCXm+y/LPQCrc1w/klFVo3urs7etpFR13oDq/rJn/H4CCWUL
cCxbxS2tpCTrDjVFn/NErVXiY5B+8vAx2UGKdobkfBDYBMYGeABBWxM5nik9PYSO
TuJee1qcgRzX+93Z4zO4dD43UsZwaKRqlQwkZkAhqK3m+tIPZKOL0XpmFayD5zvg
Pc6vUdaKlgHqiQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:37 2025 by rpki-client