Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft
File: ddl3qipMEMe0evKt2WgESH4idKk.mft (raw, json)
Hash identifier: ZBhz324aqlj5IJ6oxUrf70mL1VloNsq3kp77W7rppR4=
Subject key identifier: 68:E3:13:2B:B4:50:90:69:2A:23:AA:C1:7F:96:E4:A3:6B:FD:6E:B6
Authority key identifier: 75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9
Certificate issuer: /CN=75d977aa2a4c10c7b47af2add96804487e2274a9
Certificate serial: 01964BFDD4035403FCE849A3677B156BD149
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft
Manifest number: 14FA
Signing time: Sat 19 Apr 2025 03:00:48 +0000
Manifest this update: Sat 19 Apr 2025 03:00:48 +0000
Manifest next update: Sun 20 Apr 2025 03:00:48 +0000
Files and hashes: 1: d1djO8IkOk-DAQF-B5CVMX1fEOA.roa (hash: ObQ/agHgncZ7LWNprlr11FO8JEBhRFid61XXKnLc8Hc=)
2: ddl3qipMEMe0evKt2WgESH4idKk.crl (hash: oP9MrggFbmSu0I006XhvubPNrWjQgXuXv2W3heDXfHI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 03:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4b:fd:d4:03:54:03:fc:e8:49:a3:67:7b:15:6b:d1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75d977aa2a4c10c7b47af2add96804487e2274a9
Validity
Not Before: Apr 19 03:00:48 2025 GMT
Not After : Apr 20 03:00:48 2025 GMT
Subject: CN=68e3132bb45090692a23aac17f96e4a36bfd6eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1a:70:91:f8:f2:12:4f:c0:92:df:67:22:ca:
3d:5e:54:fa:29:cb:3c:8b:fa:95:e6:e7:8b:d8:da:
4d:2d:fe:85:7d:f2:34:e6:84:c8:f8:87:35:e0:db:
5b:2c:71:d9:65:38:d6:a6:60:c9:ce:64:88:e7:d6:
6f:5e:94:01:5d:40:80:c7:5b:f1:46:e9:15:4d:63:
2a:21:77:42:df:23:01:53:95:6c:92:14:9e:17:4d:
e8:ee:25:65:0b:c0:e7:c9:cd:94:8b:d4:7e:a9:73:
21:c8:b6:7a:16:f6:90:11:db:39:9d:e6:6a:3a:c3:
74:dc:74:f0:61:6f:54:de:00:e0:7d:c3:1f:23:82:
d7:b7:a5:f1:b1:a8:81:78:99:fa:d2:b5:34:0d:60:
70:ec:ac:e9:99:fb:2b:6f:4c:5e:86:b9:41:52:11:
ef:55:4c:a4:e3:10:5e:94:5a:12:53:98:69:f6:eb:
27:46:89:ca:7f:80:e1:cc:33:77:0c:90:22:1c:b4:
c7:9a:e6:b7:76:8d:9d:a2:ab:30:11:46:c6:73:7d:
3d:4f:89:9a:91:5f:ac:f0:1b:e1:2d:a5:26:66:db:
8c:6b:f8:2e:36:fa:28:7d:d6:42:6f:ca:d5:94:1c:
bd:a3:71:28:65:62:0c:14:47:ef:ea:fe:5b:74:8e:
d8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E3:13:2B:B4:50:90:69:2A:23:AA:C1:7F:96:E4:A3:6B:FD:6E:B6
X509v3 Authority Key Identifier:
keyid:75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:2c:8d:fa:6b:af:e4:cb:21:1f:46:6c:7c:ee:0e:84:68:fe:
55:74:71:ee:2d:df:19:31:4b:88:68:db:d7:fc:88:08:35:b4:
d3:ad:61:c6:f7:42:34:a1:6b:37:94:63:da:a4:9b:db:92:fe:
64:c8:40:56:a8:bd:c0:1e:92:81:2a:7a:9c:15:9f:e8:90:ca:
08:30:0d:b3:02:13:56:1d:66:fb:35:72:19:4a:08:6a:ea:18:
97:54:fe:a4:39:c5:85:48:92:d6:b6:41:3b:7e:06:dd:33:bc:
7d:85:9f:81:b6:d2:ee:2e:d7:8d:e4:f3:d9:51:f7:6e:d3:7b:
12:76:6a:ab:09:68:a4:14:75:af:f0:fe:f7:18:aa:d9:57:39:
96:45:38:cd:fc:ba:78:c9:e6:a1:7a:87:57:e5:58:c8:fe:9d:
88:80:08:eb:dc:78:82:97:bb:29:46:df:2a:e9:a2:1c:20:1e:
39:f1:b7:ed:a1:dd:15:6a:55:4c:99:02:c2:6b:01:87:f5:87:
54:8b:39:31:a9:f5:68:2d:3e:9c:a8:30:23:95:2e:e2:d1:83:
87:db:64:ab:55:39:e2:86:69:30:ae:86:19:9e:74:e5:da:67:
2b:3c:a2:18:df:e4:38:9b:4a:67:87:6d:f7:22:f4:cc:d6:2a:
f9:0f:ac:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZL/dQDVAP86EmjZ3sVa9FJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZDk3N2FhMmE0YzEwYzdiNDdhZjJhZGQ5NjgwNDQ4N2Uy
Mjc0YTkwHhcNMjUwNDE5MDMwMDQ4WhcNMjUwNDIwMDMwMDQ4WjAzMTEwLwYDVQQD
Eyg2OGUzMTMyYmI0NTA5MDY5MmEyM2FhYzE3Zjk2ZTRhMzZiZmQ2ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxpwkfjyEk/Akt9nIso9XlT6Kcs8
i/qV5ueL2NpNLf6FffI05oTI+Ic14NtbLHHZZTjWpmDJzmSI59ZvXpQBXUCAx1vx
RukVTWMqIXdC3yMBU5VskhSeF03o7iVlC8Dnyc2Ui9R+qXMhyLZ6FvaQEds5neZq
OsN03HTwYW9U3gDgfcMfI4LXt6XxsaiBeJn60rU0DWBw7Kzpmfsrb0xehrlBUhHv
VUyk4xBelFoSU5hp9usnRonKf4DhzDN3DJAiHLTHmua3do2doqswEUbGc309T4ma
kV+s8BvhLaUmZtuMa/guNvoofdZCb8rVlBy9o3EoZWIMFEfv6v5bdI7YfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjjEyu0UJBpKiOqwX+W5KNr/W62MB8GA1UdIwQY
MBaAFHXZd6oqTBDHtHryrdloBEh+InSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzct
MTI2ZGY1NDQ2ZGU5LzEvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzctMTI2ZGY1NDQ2ZGU5
LzEvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyyN+muv
5MshH0ZsfO4OhGj+VXRx7i3fGTFLiGjb1/yICDW0061hxvdCNKFrN5Rj2qSb25L+
ZMhAVqi9wB6SgSp6nBWf6JDKCDANswITVh1m+zVyGUoIauoYl1T+pDnFhUiS1rZB
O34G3TO8fYWfgbbS7i7XjeTz2VH3btN7EnZqqwlopBR1r/D+9xiq2Vc5lkU4zfy6
eMnmoXqHV+VYyP6diIAI69x4gpe7KUbfKumiHCAeOfG37aHdFWpVTJkCwmsBh/WH
VIs5Man1aC0+nKgwI5Uu4tGDh9tkq1U54oZpMK6GGZ505dpnKzyiGN/kOJtKZ4dt
9yL0zNYq+Q+sww==
-----END CERTIFICATE-----
Generated at Sat Apr 19 13:58:39 2025 by rpki-client