Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
File: NAahLsxTolGnXOe6yqyeQa7otMo.mft (raw, json)
Hash identifier: iy85jKMosrWzFziej1/rAR8bXT0RzYdlV5ZKxq9XLd0=
Subject key identifier: 2E:32:C3:04:F6:78:DF:6A:66:7F:4A:1D:8C:81:D2:F6:6E:05:03:25
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 019655A618B0D12FD7E742570B3AF9E9899A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
Manifest number: 14FD
Signing time: Mon 21 Apr 2025 00:01:10 +0000
Manifest this update: Mon 21 Apr 2025 00:01:10 +0000
Manifest next update: Tue 22 Apr 2025 00:01:10 +0000
Files and hashes: 1: 9N71vXZ6iYuqWW-If0CgsO_Wjpg.roa (hash: plP8bbCihgTmT1C8mtLaGAuAfGPMZ93aIA1Z/LkRd90=)
2: NAahLsxTolGnXOe6yqyeQa7otMo.crl (hash: J264vZ80WsoovIRClt2gj3GeM2oHeAu8ussqbokD1tM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 00:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:a6:18:b0:d1:2f:d7:e7:42:57:0b:3a:f9:e9:89:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Apr 21 00:01:10 2025 GMT
Not After : Apr 22 00:01:10 2025 GMT
Subject: CN=2e32c304f678df6a667f4a1d8c81d2f66e050325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1a:c7:23:25:c8:ee:a8:7e:5a:a0:40:14:b3:
eb:ad:c4:cb:9a:3c:a3:d7:b5:44:43:86:03:76:26:
03:e8:f4:73:b0:8d:7f:39:c4:9b:64:af:8f:da:57:
4d:9b:e1:c7:b2:65:23:7b:1f:b3:58:c4:83:cb:52:
f3:8f:b3:37:2b:58:08:c5:06:2b:f1:1a:fa:e9:ae:
cc:54:70:fd:e9:5a:1e:53:b6:a0:60:d2:63:b6:4e:
8e:c1:d3:5e:b0:74:50:6a:ea:17:1a:0e:3f:f0:8f:
72:00:2d:13:53:ce:40:a8:bd:3a:d1:0d:73:33:b5:
4a:2d:39:98:71:c9:f3:45:dc:b1:8e:2f:e7:9f:30:
08:bb:3d:8e:78:6c:e6:7c:02:af:01:ff:57:3a:42:
4c:df:9c:cf:2a:76:7b:fb:ae:ff:7e:2d:5b:0e:b4:
9e:87:78:8d:19:d8:86:a8:b8:b3:a6:7a:1e:dd:bc:
3d:4a:d4:bd:a1:64:7b:52:67:78:f5:94:4a:9d:21:
d7:19:42:fa:b3:6e:4a:29:b9:9a:3b:bf:91:d8:5e:
31:e9:31:81:73:c9:76:72:19:48:1f:93:7a:13:4b:
25:19:68:5c:36:58:ea:32:3d:2b:bb:40:17:6c:33:
92:41:60:e9:55:cc:9e:b5:bf:6c:43:91:60:a5:36:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:32:C3:04:F6:78:DF:6A:66:7F:4A:1D:8C:81:D2:F6:6E:05:03:25
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:47:f7:be:85:c3:3a:e2:f9:18:62:1c:f7:78:02:d4:32:39:
af:6b:13:e3:5c:76:a9:50:45:f6:c3:31:d5:00:0f:de:a5:76:
86:f9:09:f8:6b:2d:35:2b:67:c6:a3:4b:0a:46:3b:03:42:e9:
8d:38:c0:04:bc:be:fe:23:ed:91:54:7c:25:90:91:7b:fd:72:
09:99:21:1e:73:d7:b6:0b:cf:ac:df:2e:1a:1d:a9:b5:ce:7c:
30:d5:b2:ad:4c:9a:88:9f:8c:a9:4c:cd:50:15:0e:c5:fd:4d:
95:1e:f1:e8:e6:25:49:a2:43:91:16:b6:eb:3c:2e:39:6a:26:
18:3d:2c:2f:d4:04:27:49:e2:ba:81:7d:0f:6c:5f:8b:0c:ae:
22:80:10:25:b4:64:99:c9:2a:be:61:c3:ff:d2:ca:5c:18:d0:
5d:2e:18:8f:49:30:69:d7:61:ef:8a:0d:d1:28:8f:ea:c3:19:
6e:6f:d3:38:5e:e3:ab:90:21:09:1f:13:44:17:4a:e5:4f:29:
5b:1e:05:51:8a:78:42:5f:81:61:6b:18:a7:33:70:2a:a2:7b:
6d:43:b2:4a:34:d2:54:be:85:4c:54:b0:8b:24:f6:43:40:13:
3c:15:6b:cb:63:e0:9e:07:f1:ab:16:69:b6:1a:a7:63:4d:09:
77:7f:43:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVphiw0S/X50JXCzr56YmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjUwNDIxMDAwMTEwWhcNMjUwNDIyMDAwMTEwWjAzMTEwLwYDVQQD
EygyZTMyYzMwNGY2NzhkZjZhNjY3ZjRhMWQ4YzgxZDJmNjZlMDUwMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRrHIyXI7qh+WqBAFLPrrcTLmjyj
17VEQ4YDdiYD6PRzsI1/OcSbZK+P2ldNm+HHsmUjex+zWMSDy1Lzj7M3K1gIxQYr
8Rr66a7MVHD96VoeU7agYNJjtk6OwdNesHRQauoXGg4/8I9yAC0TU85AqL060Q1z
M7VKLTmYccnzRdyxji/nnzAIuz2OeGzmfAKvAf9XOkJM35zPKnZ7+67/fi1bDrSe
h3iNGdiGqLizpnoe3bw9StS9oWR7Umd49ZRKnSHXGUL6s25KKbmaO7+R2F4x6TGB
c8l2chlIH5N6E0slGWhcNljqMj0ru0AXbDOSQWDpVcyetb9sQ5FgpTbPtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4ywwT2eN9qZn9KHYyB0vZuBQMlMB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaEf3voXD
OuL5GGIc93gC1DI5r2sT41x2qVBF9sMx1QAP3qV2hvkJ+GstNStnxqNLCkY7A0Lp
jTjABLy+/iPtkVR8JZCRe/1yCZkhHnPXtgvPrN8uGh2ptc58MNWyrUyaiJ+MqUzN
UBUOxf1NlR7x6OYlSaJDkRa26zwuOWomGD0sL9QEJ0niuoF9D2xfiwyuIoAQJbRk
mckqvmHD/9LKXBjQXS4Yj0kwaddh74oN0SiP6sMZbm/TOF7jq5AhCR8TRBdK5U8p
Wx4FUYp4Ql+BYWsYpzNwKqJ7bUOySjTSVL6FTFSwiyT2Q0ATPBVry2PgngfxqxZp
thqnY00Jd39Dxw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:51:35 2025 by rpki-client