Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
File: zahD6BKxbexgu3CYykEzEX24R00.mft (raw, json)
Hash identifier: FF7caagIO647on/gPQnBngGW4X9q5alR6GxE10uqYyA=
Subject key identifier: 06:43:A8:98:8D:E5:7F:55:5B:A1:9E:5D:6A:19:56:48:B7:56:7B:EE
Authority key identifier: CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
Certificate issuer: /CN=cda843e812b16dec60bb7098ca4133117db8474d
Certificate serial: 0196545C650550F0AE9B7E799AD996C63B68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
Manifest number: 14FE
Signing time: Sun 20 Apr 2025 18:01:03 +0000
Manifest this update: Sun 20 Apr 2025 18:01:03 +0000
Manifest next update: Mon 21 Apr 2025 18:01:03 +0000
Files and hashes: 1: VJUoXBS9iPEfhSdXRvzqWIAuTX8.roa (hash: Nan6DQGHyzFA7VJDUyPb17ZowHybZxaUB4pA1mJmnaY=)
2: zahD6BKxbexgu3CYykEzEX24R00.crl (hash: DZeZsRVMTdHK2NQLSv2Sda3mwjRlE6ScdLp3+bsrGVY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 18:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:5c:65:05:50:f0:ae:9b:7e:79:9a:d9:96:c6:3b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cda843e812b16dec60bb7098ca4133117db8474d
Validity
Not Before: Apr 20 18:01:03 2025 GMT
Not After : Apr 21 18:01:03 2025 GMT
Subject: CN=0643a8988de57f555ba19e5d6a195648b7567bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ed:09:72:79:23:11:78:d4:38:42:0b:36:91:
19:d9:aa:80:4b:28:ba:a8:2d:a9:69:15:61:31:47:
ed:29:2f:a5:a5:d4:09:e4:7b:77:0a:97:c1:55:59:
25:c4:79:50:d8:10:15:db:cd:c4:b4:c0:28:b9:e0:
50:d7:b9:b8:76:6a:b6:f2:5e:c7:0e:6b:06:4a:ef:
79:1d:2d:ff:ba:d9:19:3d:cc:2f:99:5a:95:9a:c4:
a5:98:52:8d:25:b6:81:f3:42:c8:74:55:64:3b:c4:
c8:5c:26:50:cb:12:52:de:59:b0:5a:ff:25:43:55:
d5:66:74:a7:4b:b0:8e:3a:5e:f8:87:3f:d3:cf:bd:
b9:35:a2:45:78:de:70:75:7d:a9:b2:59:55:4a:73:
1b:ac:ce:53:8e:08:3e:aa:d2:0f:5d:9a:c6:0e:1b:
a5:35:ac:8e:37:d8:77:3c:65:9a:48:e4:74:1f:cb:
ca:00:9e:74:84:7a:df:ef:f5:d4:e6:05:a1:df:b9:
30:16:cc:bd:cf:ee:e8:d5:72:b6:47:06:a1:9c:89:
cc:95:84:97:9e:06:67:f0:ed:2a:38:ac:76:7d:bf:
1f:66:79:11:08:76:5f:d2:a6:6f:73:46:ce:43:2d:
e7:a3:62:1c:93:c8:1b:52:ea:0f:2a:c6:47:03:a8:
fc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:43:A8:98:8D:E5:7F:55:5B:A1:9E:5D:6A:19:56:48:B7:56:7B:EE
X509v3 Authority Key Identifier:
keyid:CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:ab:2a:10:1a:a8:ce:c7:89:95:05:2b:c5:61:3a:05:ea:9d:
24:da:51:5b:5d:ff:38:ef:87:fe:ec:4c:32:6a:b9:f7:df:49:
2c:4e:44:85:98:d9:c0:7a:82:51:39:59:ee:65:81:bd:2c:e7:
4c:56:b5:aa:cc:86:81:84:50:f5:55:33:b6:a3:ae:73:92:1c:
e1:f8:82:92:f1:5c:2e:d7:da:75:ce:9f:97:3c:c4:73:01:ba:
2a:7d:63:69:9c:bd:f6:41:0c:f8:15:93:b0:83:a4:44:c4:6f:
36:e1:cb:98:1a:03:4f:f8:6a:2f:2c:1d:85:68:dd:ee:c7:bd:
a1:63:1b:5b:d0:20:b0:e3:20:9c:2b:c3:45:10:f0:c9:3c:3d:
44:1f:14:30:05:55:ad:90:9c:26:3f:fe:d7:1f:ce:7f:d6:fe:
a2:28:41:60:9c:e9:b1:fd:b5:91:36:48:ad:ad:5a:e5:d7:54:
d6:c0:b7:d5:5f:fb:73:fa:cc:ee:6c:84:ba:df:90:55:a6:3a:
9e:36:ec:ec:45:4a:5f:0f:02:e4:57:b9:32:d6:92:5f:1d:95:
1b:5d:7b:95:43:4d:f3:c4:0e:f6:da:8b:9b:e2:86:14:ac:1a:
63:fc:4f:46:9b:60:3e:5a:c9:94:b8:7b:ac:b4:af:42:69:36:
71:dc:6f:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUXGUFUPCum355mtmWxjtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYTg0M2U4MTJiMTZkZWM2MGJiNzA5OGNhNDEzMzExN2Ri
ODQ3NGQwHhcNMjUwNDIwMTgwMTAzWhcNMjUwNDIxMTgwMTAzWjAzMTEwLwYDVQQD
EygwNjQzYTg5ODhkZTU3ZjU1NWJhMTllNWQ2YTE5NTY0OGI3NTY3YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0JcnkjEXjUOEILNpEZ2aqASyi6
qC2paRVhMUftKS+lpdQJ5Ht3CpfBVVklxHlQ2BAV283EtMAoueBQ17m4dmq28l7H
DmsGSu95HS3/utkZPcwvmVqVmsSlmFKNJbaB80LIdFVkO8TIXCZQyxJS3lmwWv8l
Q1XVZnSnS7COOl74hz/Tz725NaJFeN5wdX2psllVSnMbrM5Tjgg+qtIPXZrGDhul
NayON9h3PGWaSOR0H8vKAJ50hHrf7/XU5gWh37kwFsy9z+7o1XK2RwahnInMlYSX
ngZn8O0qOKx2fb8fZnkRCHZf0qZvc0bOQy3no2Ick8gbUuoPKsZHA6j8+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZDqJiN5X9VW6GeXWoZVki3VnvuMB8GA1UdIwQY
MBaAFM2oQ+gSsW3sYLtwmMpBMxF9uEdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQt
ODQyMWQ3ODFiMDNiLzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQtODQyMWQ3ODFiMDNi
LzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATasqEBqo
zseJlQUrxWE6BeqdJNpRW13/OO+H/uxMMmq5999JLE5EhZjZwHqCUTlZ7mWBvSzn
TFa1qsyGgYRQ9VUztqOuc5Ic4fiCkvFcLtfadc6flzzEcwG6Kn1jaZy99kEM+BWT
sIOkRMRvNuHLmBoDT/hqLywdhWjd7se9oWMbW9AgsOMgnCvDRRDwyTw9RB8UMAVV
rZCcJj/+1x/Of9b+oihBYJzpsf21kTZIra1a5ddU1sC31V/7c/rM7myEut+QVaY6
njbs7EVKXw8C5Fe5MtaSXx2VG117lUNN88QO9tqLm+KGFKwaY/xPRptgPlrJlLh7
rLSvQmk2cdxvNA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:11 2025 by rpki-client