Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
File: nurBz77ElK6UV8hm5jYYZcTzAEg.mft (raw, json)
Hash identifier: P4garGMyVOajbHhR58bBANHy/5HzAxdBkCncIYRcjI0=
Subject key identifier: 5D:09:93:02:A9:AB:DB:CE:11:D6:D9:01:4A:86:4C:BA:1F:C6:1F:E3
Authority key identifier: 9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
Certificate issuer: /CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Certificate serial: 019645569BD414875AFC73BE333EA4EFD64D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
Manifest number: 0AF1
Signing time: Thu 17 Apr 2025 20:00:25 +0000
Manifest this update: Thu 17 Apr 2025 20:00:25 +0000
Manifest next update: Fri 18 Apr 2025 20:00:25 +0000
Files and hashes: 1: mmnZOOh4xZoAyB6ozP7dMz0vpOQ.roa (hash: MPgwr3P3oOg7+ut0sMgX1kiy6aK0r7pykdMfFbGH85I=)
2: nurBz77ElK6UV8hm5jYYZcTzAEg.crl (hash: GvXJznv06am8UTz7XJTdECWWmiO5LXpQrimY32QR3Dc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:56:9b:d4:14:87:5a:fc:73:be:33:3e:a4:ef:d6:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Validity
Not Before: Apr 17 20:00:25 2025 GMT
Not After : Apr 18 20:00:25 2025 GMT
Subject: CN=5d099302a9abdbce11d6d9014a864cba1fc61fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9e:cf:5a:d9:61:b8:5d:2c:0e:ef:04:fb:65:
88:60:82:da:04:35:2d:ae:c9:0c:05:b5:15:7e:be:
1b:5b:d6:b3:9e:18:60:cf:39:d4:92:d6:76:82:ca:
10:25:68:01:0d:f7:af:54:44:02:91:12:3e:e7:da:
46:71:b9:35:7f:a6:8a:bf:73:fc:1c:87:17:27:1a:
fb:1d:ed:76:73:cc:52:13:92:97:d4:65:bc:01:b5:
59:03:b1:3a:d9:3e:5c:d4:b7:3c:00:b6:c6:af:fb:
6c:10:23:a7:c2:b8:66:be:98:c9:ec:72:9c:6c:3b:
80:ae:e9:10:90:35:3f:9a:f7:d4:da:a7:cc:b5:24:
3b:8f:0d:d1:83:1d:e6:91:c4:59:97:79:a3:cb:1c:
0a:5f:74:a8:83:7a:e1:f7:27:46:22:56:25:0b:24:
f1:18:96:a8:18:bc:2f:cd:4a:01:8c:2e:ce:1c:8f:
32:95:e7:3e:af:01:a1:c0:84:ff:06:11:cc:b5:7a:
9d:37:f0:a1:b3:0c:f9:4c:d7:57:47:0e:4d:6d:39:
14:73:84:5c:e1:bd:a5:27:96:6a:35:8f:91:c1:a8:
e2:3e:4e:42:3f:40:8b:d9:92:cc:d7:75:d2:65:3a:
a9:61:ad:7b:76:ef:8e:69:e5:6b:d1:b2:d6:bd:5a:
cf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:09:93:02:A9:AB:DB:CE:11:D6:D9:01:4A:86:4C:BA:1F:C6:1F:E3
X509v3 Authority Key Identifier:
keyid:9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:fb:72:30:da:42:3f:40:3a:53:cc:72:10:a1:db:df:62:87:
91:99:67:6e:2e:98:7a:7e:13:dc:01:5c:15:3d:0b:2c:00:aa:
52:28:40:9d:bb:35:e6:d7:7e:4f:ec:32:c3:d2:62:30:70:47:
d9:a2:2c:d3:d3:40:89:31:1f:6b:d2:32:c5:5d:fd:a4:6c:f3:
26:92:86:cf:3b:6b:a7:65:e4:db:85:fd:f6:a5:bd:c0:e2:9b:
1a:4d:18:aa:d3:d0:5f:88:f0:68:94:b6:9d:33:e4:bd:33:2c:
60:da:80:ca:a9:e6:74:87:d3:ad:ca:31:e1:c9:61:69:94:f8:
fa:bc:00:56:97:f3:5c:1e:64:f2:4f:df:c8:97:1f:59:f1:7e:
6f:a6:f0:dc:dd:2b:8e:a0:0a:43:1b:96:2b:70:30:c4:47:78:
e1:cf:89:0f:6a:2c:c8:72:47:61:01:ca:01:20:20:73:5e:30:
ab:b1:25:fc:e4:52:f8:9d:9c:e8:12:f4:a2:6d:f7:9f:a1:7c:
5a:3d:9d:bc:ea:6b:2f:b9:f2:17:86:90:58:81:5f:e6:96:db:
90:44:9a:56:4f:f6:9b:d7:13:fc:25:82:2f:cd:82:33:f5:31:
3a:62:bb:9b:6b:a2:57:4e:52:12:94:98:62:90:ef:87:a6:f3:
2a:4a:d1:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFVpvUFIda/HO+Mz6k79ZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWFjMWNmYmVjNDk0YWU5NDU3Yzg2NmU2MzYxODY1YzRm
MzAwNDgwHhcNMjUwNDE3MjAwMDI1WhcNMjUwNDE4MjAwMDI1WjAzMTEwLwYDVQQD
Eyg1ZDA5OTMwMmE5YWJkYmNlMTFkNmQ5MDE0YTg2NGNiYTFmYzYxZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp7PWtlhuF0sDu8E+2WIYILaBDUt
rskMBbUVfr4bW9aznhhgzznUktZ2gsoQJWgBDfevVEQCkRI+59pGcbk1f6aKv3P8
HIcXJxr7He12c8xSE5KX1GW8AbVZA7E62T5c1Lc8ALbGr/tsECOnwrhmvpjJ7HKc
bDuArukQkDU/mvfU2qfMtSQ7jw3Rgx3mkcRZl3mjyxwKX3Sog3rh9ydGIlYlCyTx
GJaoGLwvzUoBjC7OHI8ylec+rwGhwIT/BhHMtXqdN/Chswz5TNdXRw5NbTkUc4Rc
4b2lJ5ZqNY+RwajiPk5CP0CL2ZLM13XSZTqpYa17du+OaeVr0bLWvVrPZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0JkwKpq9vOEdbZAUqGTLofxh/jMB8GA1UdIwQY
MBaAFJ7qwc++xJSulFfIZuY2GGXE8wBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQt
ZTI4NWNkOGNhZDEyLzEvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQtZTI4NWNkOGNhZDEy
LzEvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPtyMNpC
P0A6U8xyEKHb32KHkZlnbi6Yen4T3AFcFT0LLACqUihAnbs15td+T+wyw9JiMHBH
2aIs09NAiTEfa9IyxV39pGzzJpKGzztrp2Xk24X99qW9wOKbGk0YqtPQX4jwaJS2
nTPkvTMsYNqAyqnmdIfTrcox4clhaZT4+rwAVpfzXB5k8k/fyJcfWfF+b6bw3N0r
jqAKQxuWK3AwxEd44c+JD2osyHJHYQHKASAgc14wq7El/ORS+J2c6BL0om33n6F8
Wj2dvOprL7nyF4aQWIFf5pbbkESaVk/2m9cT/CWCL82CM/UxOmK7m2uiV05SEpSY
YpDvh6bzKkrRgQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:45:34 2025 by rpki-client