Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
File: TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft (raw, json)
Hash identifier: ER1yJPqlfFbSnjsHv6FPalIWc/b+RfUF/nawVazWkN8=
Subject key identifier: DA:1B:E2:27:6B:F7:5F:BC:90:BB:BC:75:F6:DE:C1:DB:2A:17:EB:25
Authority key identifier: 4D:F1:81:1F:39:97:B9:50:AC:89:E4:10:EA:3E:F0:18:A6:73:D5:FC
Certificate issuer: /CN=4df1811f3997b950ac89e410ea3ef018a673d5fc
Certificate serial: 019659143C9739D505B2801E7CDA03B725AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
Manifest number: 04BF
Signing time: Mon 21 Apr 2025 16:00:20 +0000
Manifest this update: Mon 21 Apr 2025 16:00:20 +0000
Manifest next update: Tue 22 Apr 2025 16:00:20 +0000
Files and hashes: 1: 4m_ZlqWE1YEBP4kWtbELic7ECzg.roa (hash: t8PO7dqvDfBV4dwcfBXHsLynSbU2oXoJqnNbzqZG81g=)
2: TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl (hash: ocPAO7LIyJyU4uL25mcgV8urDu2PshffwbJjPUg58Kc=)
3: risExVobQciJpjckh7R5a6pHayQ.roa (hash: smtSJjRXs0E72dzCfhCCARBzkZPKWKCqhHgp8E/C6HY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:14:3c:97:39:d5:05:b2:80:1e:7c:da:03:b7:25:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df1811f3997b950ac89e410ea3ef018a673d5fc
Validity
Not Before: Apr 21 16:00:20 2025 GMT
Not After : Apr 22 16:00:20 2025 GMT
Subject: CN=da1be2276bf75fbc90bbbc75f6dec1db2a17eb25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:41:37:f7:7a:88:99:7b:00:3d:d3:7d:2f:18:
5e:ac:33:a3:c1:57:7f:40:9a:23:74:b0:a3:c1:38:
e3:ce:3d:05:4c:5c:ba:6a:a7:72:fb:6d:3f:a2:9d:
9c:b0:f9:23:f4:f0:46:93:69:5b:2a:c9:c8:74:98:
ed:bf:4e:01:22:d2:aa:86:f6:e8:59:e1:dc:7c:4c:
d7:7c:45:a3:7b:a2:01:9d:b0:89:1b:ca:67:f1:0d:
64:69:47:93:98:6c:72:61:cd:0b:57:f9:f3:c6:71:
8c:ad:f7:6c:22:a0:6b:9d:de:c5:a8:cd:71:b0:f1:
69:e4:22:aa:3f:c6:a5:9c:7a:2a:11:02:e4:a5:b3:
30:7d:70:76:1a:9f:46:bf:87:89:ab:54:da:c5:12:
92:d3:61:4f:ca:9a:a5:8b:66:b0:77:b1:4b:fb:8c:
9d:e1:fe:8b:22:23:38:8f:4a:35:c0:06:da:09:75:
20:7c:01:f1:11:67:b6:85:5d:8f:4a:27:8b:60:8b:
e2:0b:c8:69:03:79:a8:e3:af:bc:a8:b7:b0:04:57:
9f:ce:d5:51:da:24:a0:77:16:6d:0c:4f:db:c8:94:
4b:9e:ad:0a:82:af:33:fc:98:79:b8:b9:81:21:dd:
40:d8:f2:33:de:ca:e8:a0:bc:43:8c:2f:c6:62:41:
e8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1B:E2:27:6B:F7:5F:BC:90:BB:BC:75:F6:DE:C1:DB:2A:17:EB:25
X509v3 Authority Key Identifier:
keyid:4D:F1:81:1F:39:97:B9:50:AC:89:E4:10:EA:3E:F0:18:A6:73:D5:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:67:c1:5e:57:ba:7c:73:79:4e:2a:c0:2a:b3:a9:92:bd:1f:
b3:44:cd:c6:2d:ea:fc:78:83:c8:f1:8e:54:19:29:a5:7a:c0:
fc:b9:76:79:37:27:70:30:f6:84:bd:69:4c:b6:6b:31:5e:d0:
d7:80:51:4a:1a:35:fe:75:46:dc:6c:3f:11:e3:6f:51:09:4f:
41:2a:fd:be:ce:44:5e:db:dc:5e:38:ce:d8:07:da:34:f0:d8:
e6:97:48:cb:b3:1e:b3:8f:26:9a:17:79:be:19:84:cc:22:f1:
39:f7:26:3b:da:b0:7e:3c:3e:fb:8a:4d:ba:66:b0:85:07:97:
60:20:87:76:00:17:a0:a8:09:9b:04:2d:1f:c2:64:db:b0:b5:
cd:52:d0:28:87:7e:14:10:5f:73:46:19:6e:40:48:4a:ff:1e:
27:84:9e:5d:57:80:5a:67:d0:f0:0c:63:bb:0e:0e:fc:aa:55:
24:a5:33:df:ba:1a:f3:60:70:7a:47:39:7b:11:82:71:92:ed:
54:8f:2b:e0:04:ff:d8:88:b7:75:5d:b3:84:d5:24:64:86:7c:
f0:e1:6c:52:64:30:41:ed:d7:14:87:29:09:58:bd:4f:8e:1b:
50:16:87:19:77:34:23:8d:5c:5f:4e:dd:b3:38:e8:99:72:56:
42:b4:9d:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFDyXOdUFsoAefNoDtyWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjE4MTFmMzk5N2I5NTBhYzg5ZTQxMGVhM2VmMDE4YTY3
M2Q1ZmMwHhcNMjUwNDIxMTYwMDIwWhcNMjUwNDIyMTYwMDIwWjAzMTEwLwYDVQQD
EyhkYTFiZTIyNzZiZjc1ZmJjOTBiYmJjNzVmNmRlYzFkYjJhMTdlYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkE393qImXsAPdN9LxherDOjwVd/
QJojdLCjwTjjzj0FTFy6aqdy+20/op2csPkj9PBGk2lbKsnIdJjtv04BItKqhvbo
WeHcfEzXfEWje6IBnbCJG8pn8Q1kaUeTmGxyYc0LV/nzxnGMrfdsIqBrnd7FqM1x
sPFp5CKqP8alnHoqEQLkpbMwfXB2Gp9Gv4eJq1TaxRKS02FPypqli2awd7FL+4yd
4f6LIiM4j0o1wAbaCXUgfAHxEWe2hV2PSieLYIviC8hpA3mo46+8qLewBFefztVR
2iSgdxZtDE/byJRLnq0Kgq8z/Jh5uLmBId1A2PIz3srooLxDjC/GYkHopwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNob4idr91+8kLu8dfbewdsqF+slMB8GA1UdIwQY
MBaAFE3xgR85l7lQrInkEOo+8Bimc9X8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zZmU5MzEtN2RkNi00NDNiLWFhZGUt
ZDlhNjE5MzdhMWU1LzEvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zZmU5MzEtN2RkNi00NDNiLWFhZGUtZDlhNjE5MzdhMWU1
LzEvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVmfBXle6
fHN5TirAKrOpkr0fs0TNxi3q/HiDyPGOVBkppXrA/Ll2eTcncDD2hL1pTLZrMV7Q
14BRSho1/nVG3Gw/EeNvUQlPQSr9vs5EXtvcXjjO2AfaNPDY5pdIy7Mes48mmhd5
vhmEzCLxOfcmO9qwfjw++4pNumawhQeXYCCHdgAXoKgJmwQtH8Jk27C1zVLQKId+
FBBfc0YZbkBISv8eJ4SeXVeAWmfQ8Axjuw4O/KpVJKUz37oa82Bwekc5exGCcZLt
VI8r4AT/2Ii3dV2zhNUkZIZ88OFsUmQwQe3XFIcpCVi9T44bUBaHGXc0I41cX07d
szjomXJWQrSdog==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:22:30 2025 by rpki-client