Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: ehtZ8FR2kydicgil730djHHSmAE7dqFnbRzjvqVNhBs=
Subject key identifier: 73:D5:B0:78:E7:3F:FD:2D:4E:64:31:16:6C:C7:C9:34:B7:9B:E2:67
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 019655009EDD845A1B0E1C42154F00E4FD08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 1501
Signing time: Sun 20 Apr 2025 21:00:26 +0000
Manifest this update: Sun 20 Apr 2025 21:00:26 +0000
Manifest next update: Mon 21 Apr 2025 21:00:26 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: U4cWAHV093tIfFZF3M0kOS7jp9gb82iMY30rFjzhM48=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 21:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:00:9e:dd:84:5a:1b:0e:1c:42:15:4f:00:e4:fd:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Apr 20 21:00:26 2025 GMT
Not After : Apr 21 21:00:26 2025 GMT
Subject: CN=73d5b078e73ffd2d4e6431166cc7c934b79be267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:15:31:e2:03:a0:81:63:d4:ca:7c:bb:57:b5:
94:68:07:e6:37:bc:11:a7:38:a7:cc:76:54:76:a2:
9c:2d:c7:d1:be:69:6f:14:f8:ec:23:e0:eb:48:30:
02:98:e5:dd:f5:e0:b9:d1:47:5f:94:eb:54:bb:70:
fb:09:a5:e8:4c:97:e4:75:50:1f:f0:7d:20:c6:8f:
01:a2:46:dc:ae:3b:d2:6a:ad:ad:90:0b:a0:c7:fa:
e9:36:b1:62:87:40:f6:97:d7:9f:f7:b0:91:9a:e2:
11:15:73:5a:06:ce:b9:87:7c:94:fb:31:16:5f:ef:
c9:80:6d:32:0d:bf:af:48:5f:0f:07:aa:83:97:dc:
65:9e:4f:7c:e4:4d:18:02:2e:6f:5c:30:2f:56:97:
66:b3:55:e8:7c:41:aa:14:30:d5:85:7c:e6:3c:57:
d9:4b:27:95:b5:ac:74:3a:ed:98:37:6d:8a:8b:0d:
67:0b:ef:1e:af:ed:fe:0c:9a:08:bf:6e:c5:15:ea:
6d:86:a1:48:01:33:4b:51:9d:a1:71:2b:15:a6:aa:
88:bd:49:f1:76:5b:68:98:c7:fd:72:7b:fd:d0:94:
07:b3:b2:04:4f:8f:8a:10:ae:bb:4d:20:d7:1e:12:
25:3f:1f:db:11:49:d7:e4:f1:f8:c1:8f:36:ea:97:
e6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D5:B0:78:E7:3F:FD:2D:4E:64:31:16:6C:C7:C9:34:B7:9B:E2:67
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:e9:dc:d8:d1:8b:9d:3f:8f:64:cc:d0:40:64:79:1d:0c:3d:
44:11:be:cf:e6:6f:cc:fb:82:c6:be:ce:62:9a:1a:f6:43:b9:
e6:06:66:6b:54:09:c0:2e:c5:68:a3:a4:d4:ef:0c:4b:0a:ff:
47:1a:b6:43:15:25:86:5a:8e:cb:62:01:42:be:a4:8b:b7:b8:
ad:bb:b9:f9:e4:fb:bb:90:b0:72:31:00:25:dd:92:5a:ec:18:
de:b9:1a:a5:be:83:fe:45:00:13:c5:f2:67:21:ce:9e:87:70:
d2:3e:d6:22:6f:c9:9f:de:a8:be:b6:86:59:88:9f:a6:b2:49:
43:97:27:05:03:4b:6f:62:d9:7e:fe:d2:40:99:00:f5:b7:91:
80:e0:73:f3:5e:6e:28:42:2a:ad:88:e2:1d:2f:61:48:f0:61:
2f:14:58:bb:73:2a:ce:c4:b2:53:2c:91:57:33:b5:98:b2:18:
f7:52:2b:ee:11:b1:f2:dc:ac:1a:59:9d:1c:6b:12:09:45:10:
94:17:98:05:67:6a:49:f3:9a:61:7e:a4:4f:14:f0:09:67:ee:
fc:93:fb:7e:ba:2a:31:eb:31:7e:87:72:7e:e3:37:77:a5:0f:
d1:ab:fc:31:b6:f7:c1:9e:95:cf:98:61:34:53:b6:e9:f4:a1:
4f:65:64:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVAJ7dhFobDhxCFU8A5P0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwNDIwMjEwMDI2WhcNMjUwNDIxMjEwMDI2WjAzMTEwLwYDVQQD
Eyg3M2Q1YjA3OGU3M2ZmZDJkNGU2NDMxMTY2Y2M3YzkzNGI3OWJlMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBUx4gOggWPUyny7V7WUaAfmN7wR
pzinzHZUdqKcLcfRvmlvFPjsI+DrSDACmOXd9eC50UdflOtUu3D7CaXoTJfkdVAf
8H0gxo8BokbcrjvSaq2tkAugx/rpNrFih0D2l9ef97CRmuIRFXNaBs65h3yU+zEW
X+/JgG0yDb+vSF8PB6qDl9xlnk985E0YAi5vXDAvVpdms1XofEGqFDDVhXzmPFfZ
SyeVtax0Ou2YN22Kiw1nC+8er+3+DJoIv27FFepthqFIATNLUZ2hcSsVpqqIvUnx
dltomMf9cnv90JQHs7IET4+KEK67TSDXHhIlPx/bEUnX5PH4wY826pfmOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPVsHjnP/0tTmQxFmzHyTS3m+JnMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdenc2NGL
nT+PZMzQQGR5HQw9RBG+z+ZvzPuCxr7OYpoa9kO55gZma1QJwC7FaKOk1O8MSwr/
Rxq2QxUlhlqOy2IBQr6ki7e4rbu5+eT7u5CwcjEAJd2SWuwY3rkapb6D/kUAE8Xy
ZyHOnodw0j7WIm/Jn96ovraGWYifprJJQ5cnBQNLb2LZfv7SQJkA9beRgOBz815u
KEIqrYjiHS9hSPBhLxRYu3MqzsSyUyyRVzO1mLIY91Ir7hGx8tysGlmdHGsSCUUQ
lBeYBWdqSfOaYX6kTxTwCWfu/JP7froqMesxfodyfuM3d6UP0av8Mbb3wZ6Vz5hh
NFO26fShT2VkFA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:08 2025 by rpki-client