Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: 1hFuD6zhXt/zAzv/SMzYtIABMMQyMkzvXmkhDgR2qxA=
Subject key identifier: 5C:45:DF:7C:85:16:49:A0:D0:85:89:E3:04:3E:7A:1D:EB:66:FB:FC
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 01965B03516DABEDF2F2E42BC700FB2A7E5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 0223
Signing time: Tue 22 Apr 2025 01:01:06 +0000
Manifest this update: Tue 22 Apr 2025 01:01:06 +0000
Manifest next update: Wed 23 Apr 2025 01:01:06 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: CCYZAn371d0+dtKFoO+H3qogG89oYHT79vvL9NpE4I4=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5b:03:51:6d:ab:ed:f2:f2:e4:2b:c7:00:fb:2a:7e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Apr 22 01:01:06 2025 GMT
Not After : Apr 23 01:01:06 2025 GMT
Subject: CN=5c45df7c851649a0d08589e3043e7a1deb66fbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4a:e7:d5:48:04:38:32:73:69:94:6f:f5:42:
e3:30:0d:dd:32:89:7a:97:48:a0:9d:c5:82:c2:cb:
b4:11:09:a4:7f:94:f6:5e:fb:54:5c:68:52:7b:75:
92:5d:a7:fa:99:ac:df:aa:50:b6:5b:93:16:9a:cf:
02:f2:07:46:6f:b2:89:7a:b1:fc:67:aa:4c:85:cf:
23:11:b8:be:97:f3:e5:a2:ca:e0:9f:6e:42:73:52:
0d:b4:c4:3a:a4:3a:b0:90:cd:2b:35:ba:e1:46:78:
9c:1f:e6:82:3c:5b:cb:5d:7f:9a:c6:75:14:24:21:
a8:99:39:18:08:ef:1f:81:ca:5b:49:b5:e8:84:2b:
df:3b:59:20:a1:59:d5:72:dd:a9:a6:8c:71:6d:2f:
44:09:93:e9:39:bc:85:54:56:a8:8b:2d:34:d9:9e:
cf:60:58:71:af:99:7e:a5:25:eb:6e:68:4d:c8:f7:
09:2f:6d:45:9a:36:0d:bf:f0:93:d4:6b:9a:cb:16:
7b:75:fd:19:94:78:3e:76:23:f2:f9:7c:12:de:89:
c9:84:03:02:c0:d1:10:8e:ac:2c:e7:50:f5:79:90:
9b:a5:bb:4b:40:08:11:3e:bc:a2:d3:ba:ce:2c:0d:
2e:e2:52:d8:82:4b:02:43:e4:71:88:66:76:4d:f3:
5a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:45:DF:7C:85:16:49:A0:D0:85:89:E3:04:3E:7A:1D:EB:66:FB:FC
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:20:b3:b5:f5:9c:45:8c:ce:18:e6:de:91:c9:24:1f:89:b6:
ee:5e:95:1f:88:fc:2c:09:72:3d:67:27:81:b2:4f:2d:f4:01:
f0:ee:de:43:80:ee:51:9e:ef:54:b3:56:8c:8e:3c:d5:91:0a:
b2:24:d5:b5:85:e8:7b:95:45:60:3d:2b:b7:ea:a0:d3:ed:3f:
4c:33:2c:ec:d0:aa:71:59:6d:7b:6d:18:b5:1b:4a:2a:21:d8:
ae:0d:75:43:54:27:3b:b5:63:4e:eb:e1:30:6d:67:30:29:5d:
84:35:d8:c1:b8:30:0f:7b:3a:1b:8c:bb:45:37:24:2c:7b:84:
cd:2d:95:8b:c1:1a:d3:1b:35:87:6f:f6:71:1b:81:06:a9:41:
28:4c:c4:41:72:a7:48:03:cb:38:ef:0f:66:b5:2b:43:be:a7:
68:72:19:78:b8:83:42:6e:26:46:94:52:47:2f:19:ab:37:db:
ad:e9:b3:02:22:cd:6d:d8:e2:7a:4f:f7:96:21:53:52:88:9c:
7d:3c:6f:41:f8:5b:18:cf:8b:10:ff:0d:d4:99:2c:74:d7:4a:
f6:61:ac:56:70:f2:ed:11:2c:d3:8c:13:39:28:2d:f2:f6:dd:
23:62:18:fc:a7:91:f6:01:4b:a7:42:33:5b:44:46:ef:da:72:
ed:e4:d7:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbA1Ftq+3y8uQrxwD7Kn5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUwNDIyMDEwMTA2WhcNMjUwNDIzMDEwMTA2WjAzMTEwLwYDVQQD
Eyg1YzQ1ZGY3Yzg1MTY0OWEwZDA4NTg5ZTMwNDNlN2ExZGViNjZmYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsErn1UgEODJzaZRv9ULjMA3dMol6
l0igncWCwsu0EQmkf5T2XvtUXGhSe3WSXaf6mazfqlC2W5MWms8C8gdGb7KJerH8
Z6pMhc8jEbi+l/Plosrgn25Cc1INtMQ6pDqwkM0rNbrhRnicH+aCPFvLXX+axnUU
JCGomTkYCO8fgcpbSbXohCvfO1kgoVnVct2ppoxxbS9ECZPpObyFVFaoiy002Z7P
YFhxr5l+pSXrbmhNyPcJL21FmjYNv/CT1GuayxZ7df0ZlHg+diPy+XwS3onJhAMC
wNEQjqws51D1eZCbpbtLQAgRPryi07rOLA0u4lLYgksCQ+RxiGZ2TfNajQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxF33yFFkmg0IWJ4wQ+eh3rZvv8MB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyCztfWc
RYzOGObekckkH4m27l6VH4j8LAlyPWcngbJPLfQB8O7eQ4DuUZ7vVLNWjI481ZEK
siTVtYXoe5VFYD0rt+qg0+0/TDMs7NCqcVlte20YtRtKKiHYrg11Q1QnO7VjTuvh
MG1nMCldhDXYwbgwD3s6G4y7RTckLHuEzS2Vi8Ea0xs1h2/2cRuBBqlBKEzEQXKn
SAPLOO8PZrUrQ76naHIZeLiDQm4mRpRSRy8ZqzfbremzAiLNbdjiek/3liFTUoic
fTxvQfhbGM+LEP8N1JksdNdK9mGsVnDy7REs04wTOSgt8vbdI2IY/KeR9gFLp0Iz
W0RG79py7eTXHw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:53:44 2025 by rpki-client