Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File: raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier: T9tHYouVVLoJ+wSsMgt2nBq9pIO+MkW4Fk75Vl3I2G8=
Subject key identifier: D8:32:AC:1C:A5:6D:83:69:A5:FF:BC:30:DC:7F:3F:C7:C4:CE:BB:59
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer: /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial: 019658DDC4AEA5EC8F3F4840F1301A4A1F2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number: 0A5C
Signing time: Mon 21 Apr 2025 15:00:50 +0000
Manifest this update: Mon 21 Apr 2025 15:00:50 +0000
Manifest next update: Tue 22 Apr 2025 15:00:50 +0000
Files and hashes: 1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: g74l/MZoi4S/0NaXc3v8iFUvle/sqVqNy+kwIArkPQk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:dd:c4:ae:a5:ec:8f:3f:48:40:f1:30:1a:4a:1f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
Validity
Not Before: Apr 21 15:00:50 2025 GMT
Not After : Apr 22 15:00:50 2025 GMT
Subject: CN=d832ac1ca56d8369a5ffbc30dc7f3fc7c4cebb59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4a:d5:62:04:b1:24:e7:16:1c:fa:b1:b8:8c:
a2:c5:7d:10:6a:95:6e:91:62:0c:ac:0b:80:af:3b:
bc:a4:2a:b6:15:54:24:1a:50:5b:2d:fe:4e:d7:17:
04:27:3d:15:17:bf:6a:0e:12:89:59:ac:47:4a:dd:
0d:24:42:fe:4b:26:29:e2:47:b5:e8:b1:61:ee:2a:
39:0e:e2:a1:2a:71:1e:e1:78:06:d8:48:ab:3c:5c:
04:c5:42:20:90:0c:63:18:70:a3:d5:cd:b2:9a:99:
d9:e8:4f:da:4b:d1:50:85:f0:59:cb:4d:9f:04:05:
0a:3a:69:2e:63:eb:27:d4:65:04:6e:81:cc:29:05:
ab:b4:37:7f:65:f7:58:6b:be:77:44:bc:be:01:fd:
c1:a8:d7:89:13:6e:8a:8f:bc:b0:8a:a4:84:98:93:
74:c6:24:ae:83:68:c5:f6:22:bf:48:33:13:af:2b:
5b:dc:c8:16:6c:12:92:57:d8:77:6a:60:77:19:50:
31:1a:0d:11:59:30:a3:8d:79:6c:4d:f8:fa:da:9b:
c1:c1:a3:db:56:71:b6:e6:27:ab:d2:4f:b9:80:0f:
f3:e1:53:1d:35:a8:71:05:e0:28:d5:fb:0b:c2:9a:
ff:0d:ce:79:8b:7a:b5:25:1a:79:b7:34:da:d6:f9:
fd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:32:AC:1C:A5:6D:83:69:A5:FF:BC:30:DC:7F:3F:C7:C4:CE:BB:59
X509v3 Authority Key Identifier:
keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:64:bc:4a:47:8d:b1:b4:cf:e5:43:f5:90:4e:87:e3:56:70:
d0:f1:23:4f:d8:8d:d0:44:2e:67:58:e2:42:27:7a:0f:9c:de:
a3:a2:a0:8b:d5:ea:35:9e:84:10:07:3b:50:94:46:2f:60:2e:
6d:05:38:10:df:4e:20:12:bd:67:e8:2f:62:1c:9f:d9:2d:52:
2b:79:7a:9f:36:a9:24:6e:8b:34:3b:fd:5a:21:24:e6:13:5f:
fe:1f:5a:d4:a4:6c:c8:33:09:55:6f:47:40:d7:33:36:5c:73:
99:f6:66:8c:c1:cb:03:41:16:2b:a7:a2:f2:09:26:04:82:c1:
76:bf:ca:a9:6d:f3:ef:32:9f:ff:e5:df:62:7f:c9:5f:a7:87:
e1:f3:7c:70:69:c6:46:4d:6e:31:5b:f8:29:7f:4a:51:b0:08:
0f:2d:84:ca:79:56:c6:46:04:c1:17:43:65:3f:bc:47:3f:bc:
d7:c7:45:49:ef:c3:82:03:68:d1:15:b8:aa:b4:b7:25:51:bc:
60:79:be:a2:e8:79:c9:cf:0e:ea:a1:14:c4:f0:ad:35:00:10:
a1:0b:8d:7f:3c:2e:08:48:c4:4f:80:9a:4d:6e:68:3a:09:92:
76:b8:83:a3:75:3c:99:18:bb:ad:0a:e7:fe:3e:dd:2a:5c:d2:
08:c7:e3:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZY3cSupeyPP0hA8TAaSh8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwNDIxMTUwMDUwWhcNMjUwNDIyMTUwMDUwWjAzMTEwLwYDVQQD
EyhkODMyYWMxY2E1NmQ4MzY5YTVmZmJjMzBkYzdmM2ZjN2M0Y2ViYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmErVYgSxJOcWHPqxuIyixX0QapVu
kWIMrAuArzu8pCq2FVQkGlBbLf5O1xcEJz0VF79qDhKJWaxHSt0NJEL+SyYp4ke1
6LFh7io5DuKhKnEe4XgG2EirPFwExUIgkAxjGHCj1c2ympnZ6E/aS9FQhfBZy02f
BAUKOmkuY+sn1GUEboHMKQWrtDd/ZfdYa753RLy+Af3BqNeJE26Kj7ywiqSEmJN0
xiSug2jF9iK/SDMTrytb3MgWbBKSV9h3amB3GVAxGg0RWTCjjXlsTfj62pvBwaPb
VnG25ier0k+5gA/z4VMdNahxBeAo1fsLwpr/Dc55i3q1JRp5tzTa1vn9EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgyrBylbYNppf+8MNx/P8fEzrtZMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWS8SkeN
sbTP5UP1kE6H41Zw0PEjT9iN0EQuZ1jiQid6D5zeo6Kgi9XqNZ6EEAc7UJRGL2Au
bQU4EN9OIBK9Z+gvYhyf2S1SK3l6nzapJG6LNDv9WiEk5hNf/h9a1KRsyDMJVW9H
QNczNlxzmfZmjMHLA0EWK6ei8gkmBILBdr/KqW3z7zKf/+XfYn/JX6eH4fN8cGnG
Rk1uMVv4KX9KUbAIDy2EynlWxkYEwRdDZT+8Rz+818dFSe/DggNo0RW4qrS3JVG8
YHm+ouh5yc8O6qEUxPCtNQAQoQuNfzwuCEjET4CaTW5oOgmSdriDo3U8mRi7rQrn
/j7dKlzSCMfjDg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:18:41 2025 by rpki-client