Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
File: SrfcA3ifWGIbJejdDZJdyRtKWqI.mft (raw, json)
Hash identifier: 8OmC/sBxHc2JV5vS+nociz+tIj7I1SXGnEAcc6r9/nk=
Subject key identifier: FC:86:9A:4E:8B:B6:63:D5:15:71:44:BD:35:C7:4F:48:2E:B3:0D:2B
Authority key identifier: 4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
Certificate issuer: /CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Certificate serial: 01964FDB0AB20B91450789B8EA8C0542058F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
Manifest number: 09A0
Signing time: Sat 19 Apr 2025 21:01:17 +0000
Manifest this update: Sat 19 Apr 2025 21:01:17 +0000
Manifest next update: Sun 20 Apr 2025 21:01:17 +0000
Files and hashes: 1: EmdE4lFlfaABPtiZtlnbFIKNWhE.roa (hash: xZDQuK6O09neLie5Q456W4oztNFuHLsLoArEyWHRJSU=)
2: SrfcA3ifWGIbJejdDZJdyRtKWqI.crl (hash: f04QjQo7gWy4a2mk/V4fZ1mkrREppP6tSv4664YXo3w=)
3: lCpE9-_9vA0HzQAwKrWQ7gX2Gi8.roa (hash: YkwTTveNH0IQGCLC0ZIMEDB0zjPdx3yFhcYm5gkoPpw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 21:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4f:db:0a:b2:0b:91:45:07:89:b8:ea:8c:05:42:05:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Validity
Not Before: Apr 19 21:01:17 2025 GMT
Not After : Apr 20 21:01:17 2025 GMT
Subject: CN=fc869a4e8bb663d5157144bd35c74f482eb30d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b2:86:31:30:73:25:43:12:dd:39:d7:4f:0b:
a5:68:1e:81:5c:d4:80:42:f7:9e:1e:7a:1c:21:eb:
5e:31:6d:25:d0:d6:8f:b8:9f:9f:ad:e7:66:cc:66:
df:88:a6:37:78:1e:8a:26:61:cf:c1:c0:c1:aa:d0:
bc:99:54:a3:ff:d1:e2:2e:c5:09:39:d4:f8:55:ed:
2a:fc:ae:68:03:f2:be:21:0f:fd:c3:6d:8a:85:0f:
bf:5d:09:c5:e5:98:8c:20:cf:d5:44:e2:4a:f3:b9:
30:58:45:3e:3a:c9:3a:59:7e:ad:6a:5f:bc:23:73:
a1:38:1a:5b:9b:a5:b4:7f:6a:f5:c2:17:25:89:03:
ae:6e:34:4d:7c:16:e3:3c:2b:4c:0d:09:08:aa:92:
a3:74:ca:d3:06:77:d9:21:51:5d:a0:94:e1:bb:5f:
c7:92:ed:b3:b7:66:2b:d3:44:d1:0a:fd:bf:00:0d:
bd:16:7a:fb:c6:e3:55:22:91:f7:96:08:5b:5a:80:
ee:e0:c3:ef:32:0e:ec:2e:84:91:4e:ad:73:b0:0a:
8c:64:0c:82:56:c1:ba:fe:79:76:35:76:b9:5c:2f:
52:d9:16:09:bb:24:93:41:fc:ed:4c:be:04:58:b7:
d1:31:a7:7a:a7:92:88:44:4b:13:10:c8:b9:49:c3:
a9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:86:9A:4E:8B:B6:63:D5:15:71:44:BD:35:C7:4F:48:2E:B3:0D:2B
X509v3 Authority Key Identifier:
keyid:4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:3f:bd:f4:17:29:3a:d3:c7:8d:a2:b8:2d:8e:3a:98:c5:40:
2f:ab:11:1d:f6:bf:01:f3:1b:b9:04:97:90:fb:4c:b9:7b:fa:
96:ee:66:09:01:52:f0:25:9c:41:5b:a8:18:c9:7e:e0:96:b3:
2e:14:f3:76:4f:65:a8:e7:db:ea:9b:97:3b:03:4f:76:f7:7e:
7b:21:fd:f0:1d:5e:60:f0:91:bd:2a:24:6a:2b:af:99:fc:aa:
71:65:ea:b2:b7:e0:50:7a:75:5e:9f:6e:1d:d5:c9:3b:16:68:
ce:61:a3:96:a3:9b:c5:45:a2:8f:88:fd:e2:dc:8a:93:90:dc:
c7:1f:ee:e0:72:48:4c:63:90:7c:41:c2:d6:ff:f6:37:0f:2c:
87:7a:d2:fc:ef:0e:3c:81:6d:40:51:dd:84:07:0c:40:1e:d1:
4b:c4:f8:a6:34:a7:b4:b5:58:c8:c9:27:e1:d3:6b:a5:6c:98:
60:ea:52:29:2c:b0:ec:f1:d5:ae:1e:cc:d6:81:53:c5:bb:33:
d2:94:7d:88:ca:60:52:4e:f4:6d:9a:be:27:7a:83:cd:09:d2:
2a:f1:cb:42:2d:8d:80:e7:8d:56:25:37:00:5e:52:12:b0:93:
7e:97:2e:a9:ef:39:87:6d:75:ad:5d:95:3d:8b:3c:c3:72:3a:
62:45:48:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2wqyC5FFB4m46owFQgWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjdkYzAzNzg5ZjU4NjIxYjI1ZThkZDBkOTI1ZGM5MWI0
YTVhYTIwHhcNMjUwNDE5MjEwMTE3WhcNMjUwNDIwMjEwMTE3WjAzMTEwLwYDVQQD
EyhmYzg2OWE0ZThiYjY2M2Q1MTU3MTQ0YmQzNWM3NGY0ODJlYjMwZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrKGMTBzJUMS3TnXTwulaB6BXNSA
QveeHnocIeteMW0l0NaPuJ+fredmzGbfiKY3eB6KJmHPwcDBqtC8mVSj/9HiLsUJ
OdT4Ve0q/K5oA/K+IQ/9w22KhQ+/XQnF5ZiMIM/VROJK87kwWEU+Osk6WX6tal+8
I3OhOBpbm6W0f2r1whcliQOubjRNfBbjPCtMDQkIqpKjdMrTBnfZIVFdoJThu1/H
ku2zt2Yr00TRCv2/AA29Fnr7xuNVIpH3lghbWoDu4MPvMg7sLoSRTq1zsAqMZAyC
VsG6/nl2NXa5XC9S2RYJuySTQfztTL4EWLfRMad6p5KIREsTEMi5ScOp9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyGmk6LtmPVFXFEvTXHT0gusw0rMB8GA1UdIwQY
MBaAFEq33AN4n1hiGyXo3Q2SXckbSlqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzIt
ZjM4YmNiZDkzMzkwLzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzItZjM4YmNiZDkzMzkw
LzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApT+99Bcp
OtPHjaK4LY46mMVAL6sRHfa/AfMbuQSXkPtMuXv6lu5mCQFS8CWcQVuoGMl+4Jaz
LhTzdk9lqOfb6puXOwNPdvd+eyH98B1eYPCRvSokaiuvmfyqcWXqsrfgUHp1Xp9u
HdXJOxZozmGjlqObxUWij4j94tyKk5Dcxx/u4HJITGOQfEHC1v/2Nw8sh3rS/O8O
PIFtQFHdhAcMQB7RS8T4pjSntLVYyMkn4dNrpWyYYOpSKSyw7PHVrh7M1oFTxbsz
0pR9iMpgUk70bZq+J3qDzQnSKvHLQi2NgOeNViU3AF5SErCTfpcuqe85h211rV2V
PYs8w3I6YkVIiA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:18:31 2025 by rpki-client