Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File: iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier: jmzvEbjUYUx1p8/u2dWfayDRiDXseVfY1ZyDkQe/0yQ=
Subject key identifier: E6:CB:AA:00:9C:4E:31:55:81:E1:1E:60:78:17:F6:1B:D9:2B:5B:6F
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer: /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial: 01964CA240B7D1CEC491C28D531C528F9DC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number: 04D1
Signing time: Sat 19 Apr 2025 06:00:23 +0000
Manifest this update: Sat 19 Apr 2025 06:00:23 +0000
Manifest next update: Sun 20 Apr 2025 06:00:23 +0000
Files and hashes: 1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: tcm7NuqLsz6AXq071d9Wh808PrTdr4l2ZS0zczAtJg0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 06:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4c:a2:40:b7:d1:ce:c4:91:c2:8d:53:1c:52:8f:9d:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Validity
Not Before: Apr 19 06:00:23 2025 GMT
Not After : Apr 20 06:00:23 2025 GMT
Subject: CN=e6cbaa009c4e315581e11e607817f61bd92b5b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:bb:7a:16:59:6b:18:11:c0:cd:cb:50:dc:
7c:ff:c9:76:71:00:f1:47:0e:db:e2:9c:2f:f5:b5:
c3:64:93:e9:88:69:43:3d:e5:4d:02:98:40:f4:7b:
d4:93:c9:27:9b:79:38:0f:5e:99:0d:47:c0:7d:7c:
8a:5c:62:4e:23:46:f6:02:97:c1:73:c9:79:d1:fb:
d7:d5:28:a5:f0:54:08:76:53:04:8c:7c:ec:ce:6f:
27:f2:5f:b0:76:14:77:e7:9d:12:a8:78:e0:b8:a1:
02:a2:81:93:8e:93:fb:40:a9:5c:6c:a7:94:c9:fa:
8e:2f:e3:d4:b6:73:87:fc:28:7b:87:b6:e9:33:d0:
25:2a:20:ed:31:5b:fc:9c:c9:2c:34:02:59:40:91:
55:bd:13:8f:8c:ec:16:97:a1:b8:8d:e2:4c:55:59:
29:09:8e:4b:ef:2b:20:fd:2c:60:67:ff:22:c4:2a:
b9:e9:e1:54:38:71:0d:76:fd:17:b6:62:d2:ea:4a:
72:d0:9f:e8:7d:ac:4b:5a:84:70:7e:74:95:64:da:
aa:75:fe:05:0f:14:f6:93:6f:a2:8e:22:5d:1c:04:
0c:a4:e4:4a:93:4d:79:25:21:c4:5c:f4:40:ae:ec:
8d:03:d4:86:ae:7b:bc:16:36:93:85:b1:6f:38:ae:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CB:AA:00:9C:4E:31:55:81:E1:1E:60:78:17:F6:1B:D9:2B:5B:6F
X509v3 Authority Key Identifier:
keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:19:de:e2:df:4d:bf:07:5b:d7:5a:34:54:d1:91:0b:d0:e9:
14:54:59:42:a0:52:3d:51:0a:0b:06:d8:76:33:8b:71:44:93:
d5:fd:8d:79:32:93:24:c4:78:b6:7c:3f:41:a4:5b:86:fc:2e:
94:5b:32:39:42:94:86:d7:5b:79:d8:c5:5d:32:fc:78:07:72:
04:4b:13:0a:9c:de:92:3a:a0:a4:9a:bf:05:4d:25:73:44:c0:
7b:c9:08:ec:18:48:80:4b:60:1d:27:a0:b6:0b:a4:b5:78:0a:
5f:53:14:4b:7b:5b:30:51:05:f1:8d:c7:f9:f8:fc:35:b7:14:
aa:6c:44:8f:f3:bd:41:fd:cf:f0:34:63:b0:b3:f4:77:25:67:
01:23:d0:d5:bf:f4:be:fa:8c:d8:7b:db:63:bc:28:55:8f:e0:
98:c8:ec:ac:48:33:23:49:6d:bb:e6:56:07:16:42:22:50:4d:
58:96:a8:9c:25:16:07:54:8b:ee:71:5d:10:4f:8b:c9:c2:c1:
06:26:16:38:4b:43:50:e5:3d:39:2f:62:46:da:81:ae:3c:c2:
f7:7e:7c:58:7a:a1:7c:09:d4:82:7b:f7:c8:9b:92:93:a0:05:
51:b1:7d:1a:dd:dc:fd:06:31:67:8c:72:a0:44:4a:51:7c:89:
be:e8:b7:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMokC30c7EkcKNUxxSj53GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjUwNDE5MDYwMDIzWhcNMjUwNDIwMDYwMDIzWjAzMTEwLwYDVQQD
EyhlNmNiYWEwMDljNGUzMTU1ODFlMTFlNjA3ODE3ZjYxYmQ5MmI1YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVi7ehZZaxgRwM3LUNx8/8l2cQDx
Rw7b4pwv9bXDZJPpiGlDPeVNAphA9HvUk8knm3k4D16ZDUfAfXyKXGJOI0b2ApfB
c8l50fvX1Sil8FQIdlMEjHzszm8n8l+wdhR3550SqHjguKECooGTjpP7QKlcbKeU
yfqOL+PUtnOH/Ch7h7bpM9AlKiDtMVv8nMksNAJZQJFVvROPjOwWl6G4jeJMVVkp
CY5L7ysg/SxgZ/8ixCq56eFUOHENdv0XtmLS6kpy0J/ofaxLWoRwfnSVZNqqdf4F
DxT2k2+ijiJdHAQMpORKk015JSHEXPRAruyNA9SGrnu8FjaThbFvOK5QxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObLqgCcTjFVgeEeYHgX9hvZK1tvMB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOhne4t9N
vwdb11o0VNGRC9DpFFRZQqBSPVEKCwbYdjOLcUST1f2NeTKTJMR4tnw/QaRbhvwu
lFsyOUKUhtdbedjFXTL8eAdyBEsTCpzekjqgpJq/BU0lc0TAe8kI7BhIgEtgHSeg
tguktXgKX1MUS3tbMFEF8Y3H+fj8NbcUqmxEj/O9Qf3P8DRjsLP0dyVnASPQ1b/0
vvqM2HvbY7woVY/gmMjsrEgzI0ltu+ZWBxZCIlBNWJaonCUWB1SL7nFdEE+LycLB
BiYWOEtDUOU9OS9iRtqBrjzC9358WHqhfAnUgnv3yJuSk6AFUbF9Gt3c/QYxZ4xy
oERKUXyJvui3pw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:29:35 2025 by rpki-client