Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
File: q3ukNXZmdmStbymmZicOM1eDbxo.mft (raw, json)
Hash identifier: zQJqkhjloN8DZWGELhVVYVMZPP2bVWWWWP0RPcrN4Mw=
Subject key identifier: C9:FD:A5:05:7A:32:D7:8B:06:C4:3B:FB:F8:B0:A0:7D:F7:3E:DD:CA
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 01965236DBCEFA2684F91A77C2B1EB0B59C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
Manifest number: 14FF
Signing time: Sun 20 Apr 2025 08:00:48 +0000
Manifest this update: Sun 20 Apr 2025 08:00:48 +0000
Manifest next update: Mon 21 Apr 2025 08:00:48 +0000
Files and hashes: 1: q3ukNXZmdmStbymmZicOM1eDbxo.crl (hash: DLvtEZPiX/HVeOSZbmaQ50zlV6aUiD9whsgC+2Lq5B4=)
2: rFtQ52vnm-Gf2JN4L6yb0DTiUgw.roa (hash: U6PLdhl9fIkfcENijAv37MSFDTY2VRfS2bCNJb0dRIc=)
3: z4h6VOta7nlktuKCkK1-Zw-1S8Q.roa (hash: XA8aL+R7cIm6KIZ8pt2+mp6cPL138KkhjyZFmjM+7SU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:36:db:ce:fa:26:84:f9:1a:77:c2:b1:eb:0b:59:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Apr 20 08:00:48 2025 GMT
Not After : Apr 21 08:00:48 2025 GMT
Subject: CN=c9fda5057a32d78b06c43bfbf8b0a07df73eddca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e8:05:4b:bd:ed:47:23:d8:d5:33:57:2f:ba:
94:e8:dd:bb:62:7f:b4:46:29:e3:1c:38:6e:af:71:
f0:ab:f7:e9:c2:b9:96:55:5d:78:18:45:ca:fb:b2:
f8:c5:0a:f3:1a:dd:cc:83:13:db:82:62:51:be:63:
92:3a:75:be:8f:2f:55:ad:87:58:df:33:0e:27:78:
1d:8d:ca:32:8c:26:cd:05:1b:28:98:de:49:83:65:
30:67:4d:f3:47:4c:95:48:43:ef:c2:ea:6f:bd:21:
4a:e9:c8:22:cc:c9:55:85:c4:7d:4a:bf:fb:92:cd:
a9:72:7b:45:33:c7:f2:3c:9f:01:b6:ba:ab:05:97:
ad:b1:d8:da:88:b3:da:10:21:6c:f3:00:cd:a8:9a:
30:3e:87:c4:bc:48:50:31:e9:9d:d2:80:8c:e9:70:
03:ca:5c:df:cc:00:77:43:ac:75:46:ca:76:ec:3f:
39:30:07:c0:d1:0e:b7:bd:09:c2:42:d2:79:bb:67:
d5:b4:5c:f8:15:0d:da:13:e8:d7:67:33:a0:ba:63:
d9:56:5d:42:ea:00:99:17:16:ba:e4:ef:fc:2b:4a:
30:e3:b1:81:1c:5d:f6:ae:76:1c:63:95:31:2b:f5:
62:03:6c:bf:ac:ba:82:1e:4d:d6:fc:bf:a4:79:b3:
a8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FD:A5:05:7A:32:D7:8B:06:C4:3B:FB:F8:B0:A0:7D:F7:3E:DD:CA
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:6c:ee:38:b7:47:44:a2:ec:56:df:6c:9a:a6:18:8e:62:20:
a2:21:09:a3:4e:24:f2:a9:16:41:78:2e:26:16:38:9b:79:fd:
71:61:30:b3:42:58:43:f7:f2:85:0a:67:22:35:68:fc:aa:57:
e8:68:d7:cf:a5:45:39:a4:9a:5c:f8:3d:4a:aa:65:ca:70:ec:
19:64:02:a6:ee:5e:0a:60:9d:f7:0b:9e:12:66:b4:70:51:f7:
83:c7:52:ef:ee:b6:b8:46:4a:27:32:58:9b:dd:39:61:c7:f4:
04:8d:26:40:75:9b:75:99:63:97:56:dc:b0:1f:8a:04:f4:e3:
97:3e:57:63:be:ea:d3:fb:f2:62:80:31:9c:4f:b7:d4:66:6c:
52:fa:11:af:6a:04:b4:8d:96:5d:70:f9:e6:15:79:5c:56:50:
2f:5a:e8:a2:95:da:ae:3a:4f:6d:22:8c:75:88:f9:b3:74:c2:
6b:fc:8c:f6:9d:96:75:f4:d1:96:07:f0:66:fe:9b:07:bc:87:
7d:5d:3b:76:95:fe:33:ed:c5:de:1a:c6:52:a4:3e:db:19:f6:
d6:42:81:a2:5b:b7:a2:5e:95:cb:d6:11:1f:fd:3a:6b:b4:80:
6d:d2:d2:6a:c4:83:8a:c9:0b:70:8b:86:1a:80:cd:df:5a:20:
90:aa:f6:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSNtvO+iaE+Rp3wrHrC1nJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2JhNDM1NzY2Njc2NjRhZDZmMjlhNjY2MjcwZTMzNTc4
MzZmMWEwHhcNMjUwNDIwMDgwMDQ4WhcNMjUwNDIxMDgwMDQ4WjAzMTEwLwYDVQQD
EyhjOWZkYTUwNTdhMzJkNzhiMDZjNDNiZmJmOGIwYTA3ZGY3M2VkZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8egFS73tRyPY1TNXL7qU6N27Yn+0
RinjHDhur3Hwq/fpwrmWVV14GEXK+7L4xQrzGt3MgxPbgmJRvmOSOnW+jy9VrYdY
3zMOJ3gdjcoyjCbNBRsomN5Jg2UwZ03zR0yVSEPvwupvvSFK6cgizMlVhcR9Sr/7
ks2pcntFM8fyPJ8BtrqrBZetsdjaiLPaECFs8wDNqJowPofEvEhQMemd0oCM6XAD
ylzfzAB3Q6x1Rsp27D85MAfA0Q63vQnCQtJ5u2fVtFz4FQ3aE+jXZzOgumPZVl1C
6gCZFxa65O/8K0ow47GBHF32rnYcY5UxK/ViA2y/rLqCHk3W/L+kebOoRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMn9pQV6MteLBsQ7+/iwoH33Pt3KMB8GA1UdIwQY
MBaAFKt7pDV2ZnZkrW8ppmYnDjNXg28aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYt
MjNhYzc1ODA0OGVjLzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYtMjNhYzc1ODA0OGVj
LzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhmzuOLdH
RKLsVt9smqYYjmIgoiEJo04k8qkWQXguJhY4m3n9cWEws0JYQ/fyhQpnIjVo/KpX
6GjXz6VFOaSaXPg9SqplynDsGWQCpu5eCmCd9wueEma0cFH3g8dS7+62uEZKJzJY
m905Ycf0BI0mQHWbdZljl1bcsB+KBPTjlz5XY77q0/vyYoAxnE+31GZsUvoRr2oE
tI2WXXD55hV5XFZQL1roopXarjpPbSKMdYj5s3TCa/yM9p2WdfTRlgfwZv6bB7yH
fV07dpX+M+3F3hrGUqQ+2xn21kKBolu3ol6Vy9YRH/06a7SAbdLSasSDiskLcIuG
GoDN31ogkKr2gQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:55:41 2025 by rpki-client