Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: PTQ2jOi5riljyGe7sKlJZkD3qDzzhvrf7I7a2YZL+jw=
Subject key identifier: 37:B6:02:75:4B:33:E8:0B:35:4B:99:0F:BA:9E:CA:E4:FC:22:A0:78
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 019643688C022656AD0DD7EAFCBE3D78AEF9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 14F5
Signing time: Thu 17 Apr 2025 11:00:47 +0000
Manifest this update: Thu 17 Apr 2025 11:00:47 +0000
Manifest next update: Fri 18 Apr 2025 11:00:47 +0000
Files and hashes: 1: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: wV9eiN/ilfxRGY+7TnQQkNIoth0/KVbrUZt78/kLDYA=)
2: _qAUmpmDNefd9UH0oGsDdu0Dm10.roa (hash: dhnP4xuQumbVUsoW5XRDL/9RukaAPXCZivf9aCXaQyU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:68:8c:02:26:56:ad:0d:d7:ea:fc:be:3d:78:ae:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: Apr 17 11:00:47 2025 GMT
Not After : Apr 18 11:00:47 2025 GMT
Subject: CN=37b602754b33e80b354b990fba9ecae4fc22a078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:12:2a:31:87:4b:82:fb:6a:a4:50:13:f8:5f:
84:46:05:c0:7e:f5:b3:be:73:8a:cd:24:ae:49:e3:
0f:c8:6c:b8:a6:21:f5:1a:64:24:2b:48:3d:c8:a5:
ff:7e:d4:63:37:85:25:21:4c:bb:8c:83:89:52:49:
40:50:04:73:c6:cb:df:b7:6b:df:a6:f5:37:ca:5f:
a9:4a:86:15:ae:bd:0a:79:2f:91:c7:ff:50:20:9e:
fb:58:63:1e:a9:cd:8b:f1:96:cc:55:3e:df:5f:97:
f1:26:d5:59:d0:c4:73:20:e8:cf:d6:c9:8c:96:f1:
c6:ec:0a:03:84:8c:fc:23:cc:da:03:d2:d5:a3:ab:
c5:28:7d:76:fc:00:db:aa:42:06:0e:6f:99:6e:8e:
a6:6e:8c:0c:8b:c4:bc:a7:db:19:2a:fb:02:40:54:
10:1c:d1:18:d6:fe:87:cd:75:1a:55:8c:87:19:27:
3a:61:d3:21:b1:36:24:5a:69:35:c3:bc:7b:2f:a9:
f4:25:dd:a6:d5:04:0e:6f:44:e0:a1:f6:14:b4:a0:
50:f8:7c:6e:57:bb:1d:ff:9e:e1:04:49:95:d5:8a:
01:2f:01:59:8d:89:83:c6:0c:c8:1b:a8:35:bf:4d:
25:15:77:93:5d:9b:10:45:e8:1a:ef:be:a6:6e:20:
f3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B6:02:75:4B:33:E8:0B:35:4B:99:0F:BA:9E:CA:E4:FC:22:A0:78
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:ac:6e:f1:4f:c7:ad:16:6c:7a:33:7d:10:f9:36:fb:49:53:
f7:a3:33:6c:1f:42:9c:77:d0:db:4c:e4:44:2e:3e:e4:b3:2d:
97:a1:77:78:36:01:6c:27:70:4b:46:ee:d2:84:00:52:4e:c1:
3a:02:c9:d2:c1:2f:a1:75:6e:f7:80:ea:8b:06:4a:af:d5:e0:
0e:8d:3a:d5:17:23:7b:86:18:04:85:c1:ca:48:16:c3:24:9f:
c7:b6:cd:5a:6f:f5:1d:42:b8:0d:f9:bd:f3:a7:af:37:42:c5:
54:98:38:6f:75:25:01:04:87:00:3e:b1:e0:a5:bf:ea:3b:38:
2d:d0:fe:65:d4:c6:12:c8:95:f8:8e:1f:80:9f:57:6a:16:2f:
62:1e:c3:f8:0d:6e:dc:bb:e8:a3:c5:be:49:ef:a2:f5:15:49:
d0:b6:96:8a:62:89:eb:19:7a:94:bd:13:fe:ac:87:d4:b1:59:
90:47:19:ef:f9:b7:3e:6d:92:6b:b5:47:70:46:cb:cd:8a:8f:
d6:46:39:0d:19:2d:96:5f:61:06:78:8f:30:28:58:a3:f6:87:
cc:ea:fe:41:4b:a3:1d:dd:26:cb:13:89:39:39:d1:48:04:07:
61:83:65:23:61:a9:a3:6c:4c:e4:c2:3b:68:dc:5e:c6:d6:46:
6d:63:b0:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZDaIwCJlatDdfq/L49eK75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjUwNDE3MTEwMDQ3WhcNMjUwNDE4MTEwMDQ3WjAzMTEwLwYDVQQD
EygzN2I2MDI3NTRiMzNlODBiMzU0Yjk5MGZiYTllY2FlNGZjMjJhMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRIqMYdLgvtqpFAT+F+ERgXAfvWz
vnOKzSSuSeMPyGy4piH1GmQkK0g9yKX/ftRjN4UlIUy7jIOJUklAUARzxsvft2vf
pvU3yl+pSoYVrr0KeS+Rx/9QIJ77WGMeqc2L8ZbMVT7fX5fxJtVZ0MRzIOjP1smM
lvHG7AoDhIz8I8zaA9LVo6vFKH12/ADbqkIGDm+Zbo6mbowMi8S8p9sZKvsCQFQQ
HNEY1v6HzXUaVYyHGSc6YdMhsTYkWmk1w7x7L6n0Jd2m1QQOb0TgofYUtKBQ+Hxu
V7sd/57hBEmV1YoBLwFZjYmDxgzIG6g1v00lFXeTXZsQRega776mbiDzmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDe2AnVLM+gLNUuZD7qeyuT8IqB4MB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiKxu8U/H
rRZsejN9EPk2+0lT96MzbB9CnHfQ20zkRC4+5LMtl6F3eDYBbCdwS0bu0oQAUk7B
OgLJ0sEvoXVu94DqiwZKr9XgDo061Rcje4YYBIXBykgWwySfx7bNWm/1HUK4Dfm9
86evN0LFVJg4b3UlAQSHAD6x4KW/6js4LdD+ZdTGEsiV+I4fgJ9XahYvYh7D+A1u
3Lvoo8W+Se+i9RVJ0LaWimKJ6xl6lL0T/qyH1LFZkEcZ7/m3Pm2Sa7VHcEbLzYqP
1kY5DRktll9hBniPMChYo/aHzOr+QUujHd0myxOJOTnRSAQHYYNlI2Gpo2xM5MI7
aNxextZGbWOwEQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:13:24 2025 by rpki-client