Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
File: 2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft (raw, json)
Hash identifier: HwXoapQmAwRFwEcxPvqjefepuIgXLpYutdWPE9m/kTI=
Subject key identifier: 34:F5:11:FB:A0:48:1F:2F:F1:5E:62:17:1A:C1:39:9C:21:0E:3A:66
Authority key identifier: D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
Certificate issuer: /CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Certificate serial: 019655DD49F1EBD2D842E51ADD72D8FE04EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
Manifest number: 1241
Signing time: Mon 21 Apr 2025 01:01:27 +0000
Manifest this update: Mon 21 Apr 2025 01:01:27 +0000
Manifest next update: Tue 22 Apr 2025 01:01:27 +0000
Files and hashes: 1: 2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl (hash: NmqYSMEXO/h4wMxtJZkvFY7aZbjRa1/GkUtJekePKpg=)
2: ysJps6pTqYBp8hRsJvvn2nSnB6Y.roa (hash: xFEzrUJlVVBWEtFecNObcV0TMloS/XizxOFPtUYtswE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:dd:49:f1:eb:d2:d8:42:e5:1a:dd:72:d8:fe:04:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Validity
Not Before: Apr 21 01:01:27 2025 GMT
Not After : Apr 22 01:01:27 2025 GMT
Subject: CN=34f511fba0481f2ff15e62171ac1399c210e3a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d2:48:45:84:74:23:fe:67:f5:c3:d9:a4:4f:
65:88:b3:80:89:e3:e2:99:57:0c:cb:21:b3:77:95:
7b:61:ae:a1:5a:3c:db:45:73:ee:4e:a2:2a:c9:9b:
ad:6d:69:6c:eb:24:00:51:8f:6c:5f:87:6a:11:1d:
aa:d3:c9:f2:b7:a5:e5:17:ec:4f:7d:eb:cf:8d:64:
a4:62:8e:82:e6:3b:46:5b:4c:a1:67:6c:7c:58:12:
2c:2a:0d:16:a7:43:8b:84:a1:11:5f:6a:8a:11:91:
b3:4d:a0:91:88:a2:8c:eb:4e:22:dc:93:7b:47:07:
78:db:a4:7f:6f:76:7d:ae:4b:1a:eb:3c:0c:20:a0:
e3:4b:8c:a9:e6:b0:fe:ca:db:f8:69:85:92:07:09:
6b:dc:8a:76:e1:c8:95:ff:56:ea:82:17:35:55:5b:
f6:47:64:2e:d8:c7:97:c2:3b:82:41:15:3e:42:62:
12:42:07:ef:de:fd:1d:e6:30:11:1d:95:20:5a:f2:
45:74:c2:20:e9:32:db:77:e9:42:0c:0b:36:4c:dd:
b9:9d:88:35:75:97:84:ec:2c:1f:e6:2a:70:db:4a:
df:e5:f1:5e:31:23:43:e1:8d:d3:50:12:d9:c0:82:
ce:32:86:75:b4:c8:0b:15:fa:90:93:9a:07:8b:f9:
7b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F5:11:FB:A0:48:1F:2F:F1:5E:62:17:1A:C1:39:9C:21:0E:3A:66
X509v3 Authority Key Identifier:
keyid:D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c1:06:96:cd:d2:ea:58:20:c9:ac:43:4f:4b:7f:5e:c4:14:68:
ab:f3:85:cd:a0:a8:9e:8d:d1:1e:6c:88:b9:0b:97:10:a4:a5:
f4:30:10:31:10:23:5d:89:cd:17:6b:30:c5:51:f4:c9:9c:78:
6b:03:06:e4:fb:2b:41:b4:6c:dd:c2:0e:8d:4e:ee:b7:4a:3b:
f2:1d:45:a3:8d:40:ee:ff:fa:f4:47:44:5b:92:cc:28:cd:48:
19:26:9c:2a:ae:70:e2:b6:6b:b2:e3:cb:b8:9a:fb:c8:a3:ce:
1a:d6:a6:37:32:50:3f:c0:6c:33:15:36:f8:3a:09:5e:31:22:
2b:2b:5e:8b:50:48:89:55:5f:e0:8e:01:fd:11:7b:ae:13:6f:
b9:b2:01:09:42:8f:f4:9b:fa:f4:41:e5:59:ce:d6:5e:83:68:
70:df:c9:6b:db:39:ec:bb:41:bb:1d:ad:82:17:b7:1f:1d:4a:
a1:7f:75:da:cf:6d:18:e6:f6:b5:cc:d6:5c:06:ad:3f:08:64:
8d:f4:e7:6e:5a:fe:26:0c:e8:e9:2b:4a:4c:bc:b6:d3:2d:b5:
78:60:48:7a:41:29:d7:cd:ab:89:9a:39:62:1b:20:37:ff:b0:
32:47:82:3f:02:a0:1c:00:f4:bf:95:c6:08:2c:17:f0:03:ef:
51:92:03:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3Unx69LYQuUa3XLY/gTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NDI4NGI5NDMyNWY1MDYwZjhhMGU4N2MxYmUyODI3Nzg4
ZjE4ZjkwHhcNMjUwNDIxMDEwMTI3WhcNMjUwNDIyMDEwMTI3WjAzMTEwLwYDVQQD
EygzNGY1MTFmYmEwNDgxZjJmZjE1ZTYyMTcxYWMxMzk5YzIxMGUzYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndJIRYR0I/5n9cPZpE9liLOAiePi
mVcMyyGzd5V7Ya6hWjzbRXPuTqIqyZutbWls6yQAUY9sX4dqER2q08nyt6XlF+xP
fevPjWSkYo6C5jtGW0yhZ2x8WBIsKg0Wp0OLhKERX2qKEZGzTaCRiKKM604i3JN7
Rwd426R/b3Z9rksa6zwMIKDjS4yp5rD+ytv4aYWSBwlr3Ip24ciV/1bqghc1VVv2
R2Qu2MeXwjuCQRU+QmISQgfv3v0d5jARHZUgWvJFdMIg6TLbd+lCDAs2TN25nYg1
dZeE7Cwf5ipw20rf5fFeMSND4Y3TUBLZwILOMoZ1tMgLFfqQk5oHi/l7owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDT1EfugSB8v8V5iFxrBOZwhDjpmMB8GA1UdIwQY
MBaAFNlChLlDJfUGD4oOh8G+KCd4jxj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQt
OTVkNTk0NjVlOWE4LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQtOTVkNTk0NjVlOWE4
LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwQaWzdLq
WCDJrENPS39exBRoq/OFzaCono3RHmyIuQuXEKSl9DAQMRAjXYnNF2swxVH0yZx4
awMG5PsrQbRs3cIOjU7ut0o78h1Fo41A7v/69EdEW5LMKM1IGSacKq5w4rZrsuPL
uJr7yKPOGtamNzJQP8BsMxU2+DoJXjEiKytei1BIiVVf4I4B/RF7rhNvubIBCUKP
9Jv69EHlWc7WXoNocN/Ja9s57LtBux2tghe3Hx1KoX912s9tGOb2tczWXAatPwhk
jfTnblr+Jgzo6StKTLy20y21eGBIekEp182riZo5YhsgN/+wMkeCPwKgHAD0v5XG
CCwX8APvUZIDvw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:05 2025 by rpki-client