Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.mft
File: tUcxKN5Ul222LZvRYU53xD3uObU.mft (raw, json)
Hash identifier: aXIomKPa/s46CfDqj0e5cybt959AVWGgr2Ld5Kucb6I=
Subject key identifier: 69:BF:21:02:70:88:7D:D5:7D:88:1E:56:69:64:CF:81:CF:6D:A4:4A
Authority key identifier: B5:47:31:28:DE:54:97:6D:B6:2D:9B:D1:61:4E:77:C4:3D:EE:39:B5
Certificate issuer: /CN=b5473128de54976db62d9bd1614e77c43dee39b5
Certificate serial: 01965725FE26315A22C5F2FEB085C8333ADC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUcxKN5Ul222LZvRYU53xD3uObU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.mft
Manifest number: 11D6
Signing time: Mon 21 Apr 2025 07:00:29 +0000
Manifest this update: Mon 21 Apr 2025 07:00:29 +0000
Manifest next update: Tue 22 Apr 2025 07:00:29 +0000
Files and hashes: 1: WT51Xxp6wSpnMPjyEAyyUhxOXPk.roa (hash: GG3W3sv/8g51OizpERxg8YmbMm76mWXeFGoFM/wpQ9M=)
2: tUcxKN5Ul222LZvRYU53xD3uObU.crl (hash: IqFU76nj0saDHQEhGIbngdzQVS1T8C4rME5ujxzgow0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tUcxKN5Ul222LZvRYU53xD3uObU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:25:fe:26:31:5a:22:c5:f2:fe:b0:85:c8:33:3a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5473128de54976db62d9bd1614e77c43dee39b5
Validity
Not Before: Apr 21 07:00:29 2025 GMT
Not After : Apr 22 07:00:29 2025 GMT
Subject: CN=69bf210270887dd57d881e566964cf81cf6da44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fb:1d:2b:89:33:05:0c:c1:f2:49:fe:ab:c5:
86:a6:89:3b:3b:da:bd:19:06:47:46:e1:aa:20:68:
d3:2f:bc:c4:0c:47:1b:97:dc:f0:7d:14:3f:83:cf:
14:5a:ee:99:40:b0:f4:6e:52:51:43:c7:8b:ea:1a:
80:90:f7:a2:cb:44:b1:30:62:bc:e1:b1:6d:cd:a6:
ae:8c:7c:52:3c:9d:fc:01:3b:1c:a9:ab:57:81:05:
30:33:97:88:10:da:05:25:53:86:40:2e:9a:c3:07:
71:1c:00:12:b9:ae:6a:5c:6e:5d:01:a8:58:78:62:
4c:3f:53:d6:e7:9e:ee:f3:b3:75:b8:8c:27:54:ad:
f1:b3:ce:48:54:b3:cc:17:91:3c:98:d9:56:55:e4:
41:b1:36:c2:ff:d3:ae:15:77:24:7c:8d:c7:06:aa:
71:8c:05:fa:be:5f:f2:57:b7:d3:5b:f8:0d:98:08:
9f:1e:46:cd:95:f5:53:6c:8b:bd:c8:10:97:98:55:
e6:bb:5c:73:48:25:ac:51:5d:1e:6b:fd:85:9c:52:
13:ce:c5:cc:76:5c:77:e4:f0:86:f7:ef:a6:7f:fd:
12:00:be:4d:d6:2d:7b:a0:ee:68:10:86:c1:94:de:
2a:0a:29:57:83:1a:d1:80:ac:3e:72:dd:c2:6b:e0:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BF:21:02:70:88:7D:D5:7D:88:1E:56:69:64:CF:81:CF:6D:A4:4A
X509v3 Authority Key Identifier:
keyid:B5:47:31:28:DE:54:97:6D:B6:2D:9B:D1:61:4E:77:C4:3D:EE:39:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUcxKN5Ul222LZvRYU53xD3uObU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:f7:80:f6:a1:65:b1:a8:43:f2:9a:cf:78:86:33:a2:59:b8:
f2:58:b5:9e:7e:85:08:ef:f2:bc:46:09:62:d0:83:79:4f:00:
ef:b6:a5:50:7e:ed:97:2a:3a:77:6b:91:62:a5:ae:7b:39:28:
bd:68:e7:62:36:a7:6e:02:53:65:29:ac:d5:81:d8:f5:ba:05:
24:9e:ab:29:ab:a4:5a:78:ec:2f:06:aa:51:76:1b:98:f2:38:
b4:b6:da:3d:a9:74:7c:59:c4:3a:40:8a:4f:f2:04:eb:ab:2c:
02:2f:ee:69:9d:00:be:99:47:7f:06:7d:71:f8:2f:30:99:0b:
c5:70:4f:9b:2f:47:c2:99:1e:fc:f6:74:f3:f4:e1:3d:ea:4d:
3e:10:6d:70:44:91:93:52:d8:c9:93:25:5b:29:0b:ef:28:6f:
f8:a2:78:74:13:4c:78:1a:e5:6c:85:db:1b:0f:48:31:b1:8a:
d9:b5:d8:d4:44:53:5e:f0:09:e3:7f:07:60:3e:ff:bd:e2:e8:
48:3b:2e:a5:d0:b1:63:fd:1a:7d:1f:0a:75:b0:9e:12:aa:23:
de:81:0b:48:d0:37:8b:a2:53:79:2e:e9:48:9d:2a:ee:89:8d:
64:c3:4e:af:00:be:e7:96:86:59:cb:d6:6c:01:dc:3d:c6:8e:
04:fc:e9:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJf4mMVoixfL+sIXIMzrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDczMTI4ZGU1NDk3NmRiNjJkOWJkMTYxNGU3N2M0M2Rl
ZTM5YjUwHhcNMjUwNDIxMDcwMDI5WhcNMjUwNDIyMDcwMDI5WjAzMTEwLwYDVQQD
Eyg2OWJmMjEwMjcwODg3ZGQ1N2Q4ODFlNTY2OTY0Y2Y4MWNmNmRhNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/sdK4kzBQzB8kn+q8WGpok7O9q9
GQZHRuGqIGjTL7zEDEcbl9zwfRQ/g88UWu6ZQLD0blJRQ8eL6hqAkPeiy0SxMGK8
4bFtzaaujHxSPJ38ATscqatXgQUwM5eIENoFJVOGQC6awwdxHAASua5qXG5dAahY
eGJMP1PW557u87N1uIwnVK3xs85IVLPMF5E8mNlWVeRBsTbC/9OuFXckfI3HBqpx
jAX6vl/yV7fTW/gNmAifHkbNlfVTbIu9yBCXmFXmu1xzSCWsUV0ea/2FnFITzsXM
dlx35PCG9++mf/0SAL5N1i17oO5oEIbBlN4qCilXgxrRgKw+ct3Ca+AwowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGm/IQJwiH3VfYgeVmlkz4HPbaRKMB8GA1UdIwQY
MBaAFLVHMSjeVJdtti2b0WFOd8Q97jm1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVjeEtONVVsMjIyTFp2UllVNTN4RDN1T2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MGRlODAtNTBlOS00YzFkLWE3YjQt
ZTkwNDMxODM0MmVlLzEvdFVjeEtONVVsMjIyTFp2UllVNTN4RDN1T2JVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83MGRlODAtNTBlOS00YzFkLWE3YjQtZTkwNDMxODM0MmVl
LzEvdFVjeEtONVVsMjIyTFp2UllVNTN4RDN1T2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfeA9qFl
sahD8prPeIYzolm48li1nn6FCO/yvEYJYtCDeU8A77alUH7tlyo6d2uRYqWuezko
vWjnYjanbgJTZSms1YHY9boFJJ6rKaukWnjsLwaqUXYbmPI4tLbaPal0fFnEOkCK
T/IE66ssAi/uaZ0AvplHfwZ9cfgvMJkLxXBPmy9Hwpke/PZ08/ThPepNPhBtcESR
k1LYyZMlWykL7yhv+KJ4dBNMeBrlbIXbGw9IMbGK2bXY1ERTXvAJ438HYD7/veLo
SDsupdCxY/0afR8KdbCeEqoj3oELSNA3i6JTeS7pSJ0q7omNZMNOrwC+55aGWcvW
bAHcPcaOBPzpRw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:00 2025 by rpki-client