Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
File: uT2pHx9TY0JyxZEQh85my602FKM.mft (raw, json)
Hash identifier: iih+IIZxL6evApwrLBGysVmJ1qKRQ3FyrILP76+m8x4=
Subject key identifier: D4:19:BD:DE:5E:B3:B4:90:EA:0D:55:64:8A:9B:B9:42:C3:8D:4E:FA
Authority key identifier: B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
Certificate issuer: /CN=b93da91f1f53634272c5911087ce66cbad3614a3
Certificate serial: 01963275EBA1527332E70D0A02751B671EB9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
Manifest number: 068A
Signing time: Mon 14 Apr 2025 04:01:50 +0000
Manifest this update: Mon 14 Apr 2025 04:01:50 +0000
Manifest next update: Tue 15 Apr 2025 04:01:50 +0000
Files and hashes: 1: 0386LGj4Sidbyca8KneFkNR54TI.roa (hash: jcV5FqK/anJpS83+3AC/ntYQGRcWnZsS3JRi5ZH9EXg=)
2: uT2pHx9TY0JyxZEQh85my602FKM.crl (hash: rk6bfLRK/q73YZ9wpO2B8zClv8fRge6nYgnbMFgDRWU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:32:75:eb:a1:52:73:32:e7:0d:0a:02:75:1b:67:1e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93da91f1f53634272c5911087ce66cbad3614a3
Validity
Not Before: Apr 14 04:01:50 2025 GMT
Not After : Apr 15 04:01:50 2025 GMT
Subject: CN=d419bdde5eb3b490ea0d55648a9bb942c38d4efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:5d:40:84:5c:c9:ba:c8:b9:29:26:5b:c6:
c6:15:1d:f4:44:a5:96:33:48:2e:d9:10:65:95:9f:
72:3a:ab:8f:ff:70:4c:b7:db:a0:79:2b:62:a7:19:
8a:b3:72:dd:02:c2:29:c0:dc:ba:3c:02:7a:ba:ab:
00:24:3d:b4:8e:ab:f1:de:03:ad:dc:c2:a8:be:9b:
d9:35:ff:f8:59:d1:a2:70:6e:6c:be:f3:89:e6:c4:
0e:d9:5a:0c:fb:3c:df:44:b4:95:1b:04:99:50:ce:
5c:2b:15:c3:98:3e:42:cb:af:8c:d3:9a:43:76:5f:
8b:47:39:23:11:09:ca:06:0f:f9:9b:7b:56:a8:c5:
4e:09:e8:43:62:79:ac:80:91:19:bc:02:57:57:82:
f9:d4:60:86:50:82:ad:1c:c6:1c:a2:82:a9:a3:55:
1e:90:cf:ef:7e:d5:d4:c3:fc:99:8a:ec:7f:57:92:
a3:f9:ec:9d:b2:ee:43:cb:3a:a8:57:fc:7a:3c:2a:
46:d6:84:1f:2e:bb:3f:8e:36:70:65:18:b1:c9:1e:
a8:88:8c:18:0b:ad:48:12:c8:1b:2f:68:13:93:45:
84:f0:a2:0b:d7:40:8f:6f:9c:89:dc:2d:53:ba:00:
74:a5:23:eb:05:24:d9:76:1f:4d:cd:30:99:92:40:
2c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:19:BD:DE:5E:B3:B4:90:EA:0D:55:64:8A:9B:B9:42:C3:8D:4E:FA
X509v3 Authority Key Identifier:
keyid:B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:64:5d:03:ca:a7:1c:e6:31:ed:aa:b3:51:a5:c0:5d:88:bb:
39:73:c8:2a:fc:eb:08:79:03:7a:74:ce:54:30:4c:00:f9:a0:
64:03:2f:7b:18:61:0d:e2:aa:67:39:8a:94:9e:65:6c:45:06:
77:d8:a5:41:b3:35:46:4a:c4:76:ce:67:49:dd:28:c6:f2:76:
e1:40:38:a6:9e:d4:c5:98:97:a7:cc:b6:7f:43:b9:d1:54:b3:
00:1b:7b:f4:23:68:33:51:77:7c:74:fb:42:49:2b:fc:1f:de:
96:a9:26:2d:1d:09:bf:04:1f:9d:4b:4f:6e:33:4a:a5:49:0f:
08:a0:fe:72:9e:6e:7c:c1:5c:db:e7:84:d6:5a:3a:41:0e:06:
45:6a:dd:85:73:ff:91:a7:bf:f5:65:50:63:a2:58:90:4e:50:
55:80:01:65:19:d3:b9:b5:ab:47:08:da:2b:78:b1:9a:39:6c:
a0:64:fd:f7:31:fb:55:73:50:c0:f8:44:7c:73:84:80:f5:f2:
01:61:60:3f:3f:a6:48:a0:ae:d9:aa:84:8d:96:8e:1f:25:c1:
9e:64:b3:cd:c1:aa:6d:cd:d1:6b:8b:10:72:df:1d:1f:7e:00:
51:3b:39:4b:70:08:ee:3e:a0:ec:fa:69:bb:07:53:a5:9d:b1:
87:f0:f5:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYydeuhUnMy5w0KAnUbZx65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2RhOTFmMWY1MzYzNDI3MmM1OTExMDg3Y2U2NmNiYWQz
NjE0YTMwHhcNMjUwNDE0MDQwMTUwWhcNMjUwNDE1MDQwMTUwWjAzMTEwLwYDVQQD
EyhkNDE5YmRkZTVlYjNiNDkwZWEwZDU1NjQ4YTliYjk0MmMzOGQ0ZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlNdQIRcybrIuSkmW8bGFR30RKWW
M0gu2RBllZ9yOquP/3BMt9ugeStipxmKs3LdAsIpwNy6PAJ6uqsAJD20jqvx3gOt
3MKovpvZNf/4WdGicG5svvOJ5sQO2VoM+zzfRLSVGwSZUM5cKxXDmD5Cy6+M05pD
dl+LRzkjEQnKBg/5m3tWqMVOCehDYnmsgJEZvAJXV4L51GCGUIKtHMYcooKpo1Ue
kM/vftXUw/yZiux/V5Kj+eydsu5DyzqoV/x6PCpG1oQfLrs/jjZwZRixyR6oiIwY
C61IEsgbL2gTk0WE8KIL10CPb5yJ3C1TugB0pSPrBSTZdh9NzTCZkkAsUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQZvd5es7SQ6g1VZIqbuULDjU76MB8GA1UdIwQY
MBaAFLk9qR8fU2NCcsWREIfOZsutNhSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEt
OGJmNWIxZWQxMjA5LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEtOGJmNWIxZWQxMjA5
LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ2RdA8qn
HOYx7aqzUaXAXYi7OXPIKvzrCHkDenTOVDBMAPmgZAMvexhhDeKqZzmKlJ5lbEUG
d9ilQbM1RkrEds5nSd0oxvJ24UA4pp7UxZiXp8y2f0O50VSzABt79CNoM1F3fHT7
Qkkr/B/elqkmLR0JvwQfnUtPbjNKpUkPCKD+cp5ufMFc2+eE1lo6QQ4GRWrdhXP/
kae/9WVQY6JYkE5QVYABZRnTubWrRwjaK3ixmjlsoGT99zH7VXNQwPhEfHOEgPXy
AWFgPz+mSKCu2aqEjZaOHyXBnmSzzcGqbc3Ra4sQct8dH34AUTs5S3AI7j6g7Ppp
uwdTpZ2xh/D11g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:34:49 2025 by rpki-client