Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
File: NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft (raw, json)
Hash identifier: fh7uZMNvmLpmfz+J2hvQZBS11xocVIlgrbfWU1pkCc8=
Subject key identifier: 6E:77:BC:FD:6B:42:A1:31:1A:BF:E0:AE:69:59:F7:78:F1:EA:69:A3
Authority key identifier: 35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
Certificate issuer: /CN=35f1a573915153de82890eae1303067fa68b2877
Certificate serial: 019653B7B8091D6C27186742C83A78B1DCDC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
Manifest number: 0FFF
Signing time: Sun 20 Apr 2025 15:01:11 +0000
Manifest this update: Sun 20 Apr 2025 15:01:11 +0000
Manifest next update: Mon 21 Apr 2025 15:01:11 +0000
Files and hashes: 1: 64AufSKo0ctGsskBfGJHYgegDUM.roa (hash: TxQbijMyiwaYhEgR6gv3I6pa/f1D2b/JYXZHussR2b4=)
2: NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl (hash: 009GhO30OuOGGXk8FWa0ws63N3gNKItzEL0Vq8aFRgI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 15:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:b7:b8:09:1d:6c:27:18:67:42:c8:3a:78:b1:dc:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35f1a573915153de82890eae1303067fa68b2877
Validity
Not Before: Apr 20 15:01:11 2025 GMT
Not After : Apr 21 15:01:11 2025 GMT
Subject: CN=6e77bcfd6b42a1311abfe0ae6959f778f1ea69a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:52:2e:f2:47:72:41:c8:c4:c7:b1:2a:20:7f:
95:7f:fa:aa:12:53:b4:08:2b:d0:93:f0:02:84:cf:
d2:7b:42:72:13:e6:49:51:d3:bd:29:39:54:52:7e:
a1:34:7a:44:72:8d:ff:14:a5:be:67:2a:b4:35:50:
a7:ef:29:a8:66:1f:3b:50:f3:2a:19:37:7a:cf:8f:
4e:19:b0:8f:f9:c1:df:19:58:be:6c:e1:42:f5:15:
20:99:8f:ef:d9:a8:54:8b:0a:39:a7:a1:35:57:8e:
89:7d:b1:6e:e6:77:06:47:a9:95:9a:35:54:22:a3:
53:82:92:41:ec:60:2a:61:ae:2e:8a:b0:0f:04:db:
55:51:11:f8:0c:f8:d7:38:07:4e:6c:5b:fd:7a:ba:
c6:1e:f1:4d:a8:a3:b8:13:e1:f3:a0:a7:bd:7b:c0:
0b:b3:ee:eb:62:fb:02:f5:20:be:1a:88:08:3e:3a:
7c:60:50:1b:79:51:d3:cb:8e:5f:2f:01:2c:92:a1:
a7:b4:40:cc:ed:74:b8:69:2d:6a:62:b1:7c:0a:8e:
72:c4:6d:5a:6c:c1:a7:a5:db:89:a5:bb:11:85:01:
a3:51:aa:fd:cc:78:a0:ed:71:25:6e:a5:11:0c:d8:
f2:94:ad:5c:d1:f8:2e:3f:e7:85:1e:a7:15:8c:6e:
de:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:77:BC:FD:6B:42:A1:31:1A:BF:E0:AE:69:59:F7:78:F1:EA:69:A3
X509v3 Authority Key Identifier:
keyid:35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:dc:3b:31:de:23:58:c6:f0:c1:99:6a:c9:d8:a0:53:34:86:
d5:e7:7d:a5:e5:5d:05:be:6d:c5:27:85:b7:40:94:6c:fa:f7:
c9:dc:12:a0:1d:ee:d8:eb:e3:39:a6:32:b0:20:80:bf:2d:b1:
1c:60:49:53:ad:a4:0a:d9:06:20:ff:6c:2a:59:5a:6e:5e:d8:
1b:a2:a2:ab:8e:65:71:57:bd:ad:ba:e1:13:8d:02:5b:74:05:
6a:4d:f0:9c:4a:a7:54:37:25:1b:e2:c5:5b:08:a5:d8:4b:22:
51:c6:7a:39:74:c8:fb:7c:5c:5f:52:9a:4d:36:06:3f:19:9f:
8b:9f:f7:42:44:3d:f0:73:be:1f:76:67:4c:34:03:fa:bb:4d:
7c:04:c3:59:0d:b2:37:6c:59:59:dc:34:fc:65:13:3d:ca:11:
2d:c0:13:4c:d8:9d:27:15:d9:a6:54:8a:84:08:db:bb:94:b2:
35:76:83:80:4d:cd:c8:74:b7:d1:54:94:64:64:d2:56:17:b1:
c3:15:1b:35:88:2d:c1:74:6e:c9:5a:4c:a7:06:c6:00:da:06:
32:e3:be:70:51:d1:36:9b:25:1e:6d:7d:bd:35:56:8c:45:3e:
12:58:8a:10:0b:5c:1d:44:b9:6b:c0:bf:c7:5a:ab:ac:d6:8d:
de:2f:80:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTt7gJHWwnGGdCyDp4sdzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjFhNTczOTE1MTUzZGU4Mjg5MGVhZTEzMDMwNjdmYTY4
YjI4NzcwHhcNMjUwNDIwMTUwMTExWhcNMjUwNDIxMTUwMTExWjAzMTEwLwYDVQQD
Eyg2ZTc3YmNmZDZiNDJhMTMxMWFiZmUwYWU2OTU5Zjc3OGYxZWE2OWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVIu8kdyQcjEx7EqIH+Vf/qqElO0
CCvQk/AChM/Se0JyE+ZJUdO9KTlUUn6hNHpEco3/FKW+Zyq0NVCn7ymoZh87UPMq
GTd6z49OGbCP+cHfGVi+bOFC9RUgmY/v2ahUiwo5p6E1V46JfbFu5ncGR6mVmjVU
IqNTgpJB7GAqYa4uirAPBNtVURH4DPjXOAdObFv9errGHvFNqKO4E+HzoKe9e8AL
s+7rYvsC9SC+GogIPjp8YFAbeVHTy45fLwEskqGntEDM7XS4aS1qYrF8Co5yxG1a
bMGnpduJpbsRhQGjUar9zHig7XElbqURDNjylK1c0fguP+eFHqcVjG7eWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG53vP1rQqExGr/grmlZ93jx6mmjMB8GA1UdIwQY
MBaAFDXxpXORUVPegokOrhMDBn+miyh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAt
MzI5MjExMDI5YTFhLzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAtMzI5MjExMDI5YTFh
LzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVNw7Md4j
WMbwwZlqydigUzSG1ed9peVdBb5txSeFt0CUbPr3ydwSoB3u2OvjOaYysCCAvy2x
HGBJU62kCtkGIP9sKllabl7YG6Kiq45lcVe9rbrhE40CW3QFak3wnEqnVDclG+LF
Wwil2EsiUcZ6OXTI+3xcX1KaTTYGPxmfi5/3QkQ98HO+H3ZnTDQD+rtNfATDWQ2y
N2xZWdw0/GUTPcoRLcATTNidJxXZplSKhAjbu5SyNXaDgE3NyHS30VSUZGTSVhex
wxUbNYgtwXRuyVpMpwbGANoGMuO+cFHRNpslHm19vTVWjEU+EliKEAtcHUS5a8C/
x1qrrNaN3i+AUg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:03:24 2025 by rpki-client