Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier: N5ckm8dekIL6xZYB6EU9ToR6fLfeCy/le93bxXv2zoo=
Subject key identifier: 70:F7:36:0A:9E:F0:B8:17:0E:9B:10:61:B5:37:F8:E6:0A:66:0B:47
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial: 019653EDFE22812298C53BD1E37AA0E6C970
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number: 0D96
Signing time: Sun 20 Apr 2025 16:00:28 +0000
Manifest this update: Sun 20 Apr 2025 16:00:28 +0000
Manifest next update: Mon 21 Apr 2025 16:00:28 +0000
Files and hashes: 1: 5KKpk9qEveM_ucLAOYR8lDjQsvs.roa (hash: FsEABHDgSk6DaTySsepeca9yMLpdy1J0E11YMBOaZ9k=)
2: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: BMRjdk+jKLyqN0bi/qVDLuynDdZAwf8vhn6TmCFx+RU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:ed:fe:22:81:22:98:c5:3b:d1:e3:7a:a0:e6:c9:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Validity
Not Before: Apr 20 16:00:28 2025 GMT
Not After : Apr 21 16:00:28 2025 GMT
Subject: CN=70f7360a9ef0b8170e9b1061b537f8e60a660b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c2:bf:42:99:18:75:38:40:d0:6a:33:61:8b:
13:b8:e4:78:c7:89:43:e9:f4:c9:26:10:51:9f:e2:
31:66:96:ff:e6:90:c7:9f:73:58:e9:74:a6:06:ec:
56:f7:7b:a3:21:cd:7d:c8:19:08:96:92:ec:c2:d3:
d0:fd:f6:61:ef:1b:d1:6f:68:d2:af:a3:18:9f:8b:
d7:ce:e1:db:4d:8b:8c:bc:9e:5f:83:31:1d:b9:02:
48:a9:e8:58:21:d6:c7:ac:d2:42:37:95:86:b9:de:
48:07:c3:99:91:74:b4:55:cd:31:dc:a3:bd:79:80:
ec:4d:45:24:87:0f:91:ed:a4:18:ff:bc:de:2b:c6:
36:8c:54:58:13:f7:62:61:17:e4:f9:ea:d5:2a:23:
47:52:48:fb:6d:7f:d3:ef:ef:5c:eb:06:37:26:21:
b3:b6:30:86:79:0d:8b:8e:c0:af:1d:69:b0:a3:1c:
ce:1c:2e:40:7b:1b:41:1e:ee:1f:cb:70:10:02:35:
8f:ed:47:5a:5d:d5:fe:82:49:00:13:6e:1e:d4:17:
4b:37:09:9a:52:7d:9d:62:bb:0e:ac:0e:10:64:c2:
c6:4b:8b:e0:60:82:26:47:1f:6b:4a:fb:0b:fc:4d:
a5:96:03:1f:ee:26:0d:dd:8f:9d:d5:d1:04:dd:50:
69:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F7:36:0A:9E:F0:B8:17:0E:9B:10:61:B5:37:F8:E6:0A:66:0B:47
X509v3 Authority Key Identifier:
keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:02:6d:b6:84:a1:e2:b8:f5:99:7b:1e:1c:cb:d0:96:89:79:
f2:e5:f8:8c:ca:7d:d9:06:09:4a:8b:2a:5a:26:8b:b4:7e:9c:
4f:2a:a8:96:5f:80:b2:6e:27:22:ab:94:84:7e:4d:17:f5:f0:
62:1f:23:14:be:4f:e5:21:1c:ec:dd:24:fc:be:32:10:e4:74:
70:b8:6d:d4:95:4a:ba:30:2a:7e:2f:1f:2a:b0:2d:4b:3e:c7:
99:96:f7:c4:c4:62:be:6c:6d:1b:0c:a6:6f:46:51:39:66:e9:
8f:cd:38:a2:82:0d:fa:16:7a:54:cb:0a:54:9c:d6:5d:77:21:
04:ca:09:c4:70:7b:75:54:9c:e4:c7:14:e0:11:d6:10:a6:f7:
69:d3:fe:17:d3:a4:73:10:17:fe:9b:dc:c7:c0:1e:4c:0a:2f:
74:ca:be:72:f8:97:08:04:10:f9:ef:9c:27:33:6e:1c:e1:70:
40:f2:d6:18:33:c3:fe:ee:af:71:ff:b9:e1:2e:50:6d:08:58:
b3:40:f9:f7:53:02:01:29:f9:bf:15:87:9c:f8:83:ac:5d:ab:
d8:3b:1c:a6:80:14:68:ea:e8:c7:ed:c9:5c:02:d6:e1:d5:65:
b2:73:d3:ce:a7:fc:9f:61:db:5c:08:cd:dd:a3:db:6c:6c:d3:
18:08:48:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7f4igSKYxTvR43qg5slwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjUwNDIwMTYwMDI4WhcNMjUwNDIxMTYwMDI4WjAzMTEwLwYDVQQD
Eyg3MGY3MzYwYTllZjBiODE3MGU5YjEwNjFiNTM3ZjhlNjBhNjYwYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8K/QpkYdThA0GozYYsTuOR4x4lD
6fTJJhBRn+IxZpb/5pDHn3NY6XSmBuxW93ujIc19yBkIlpLswtPQ/fZh7xvRb2jS
r6MYn4vXzuHbTYuMvJ5fgzEduQJIqehYIdbHrNJCN5WGud5IB8OZkXS0Vc0x3KO9
eYDsTUUkhw+R7aQY/7zeK8Y2jFRYE/diYRfk+erVKiNHUkj7bX/T7+9c6wY3JiGz
tjCGeQ2LjsCvHWmwoxzOHC5AextBHu4fy3AQAjWP7UdaXdX+gkkAE24e1BdLNwma
Un2dYrsOrA4QZMLGS4vgYIImRx9rSvsL/E2llgMf7iYN3Y+d1dEE3VBpQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHD3Ngqe8LgXDpsQYbU3+OYKZgtHMB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHQJttoSh
4rj1mXseHMvQlol58uX4jMp92QYJSosqWiaLtH6cTyqoll+Asm4nIquUhH5NF/Xw
Yh8jFL5P5SEc7N0k/L4yEOR0cLht1JVKujAqfi8fKrAtSz7HmZb3xMRivmxtGwym
b0ZROWbpj804ooIN+hZ6VMsKVJzWXXchBMoJxHB7dVSc5McU4BHWEKb3adP+F9Ok
cxAX/pvcx8AeTAovdMq+cviXCAQQ+e+cJzNuHOFwQPLWGDPD/u6vcf+54S5QbQhY
s0D591MCASn5vxWHnPiDrF2r2DscpoAUaOrox+3JXALW4dVlsnPTzqf8n2HbXAjN
3aPbbGzTGAhIOw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:29:05 2025 by rpki-client