Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft
File: MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft (raw, json)
Hash identifier: jpdSOE7D+rGeUXyd0KpUcMbPJp8ceoz98h8ETPdfmH8=
Subject key identifier: 65:48:13:F4:A4:69:56:AB:70:84:E6:8B:66:10:92:EC:E3:AE:23:E7
Authority key identifier: 30:25:FD:33:9A:A6:45:04:F2:89:A0:0C:41:73:C5:5A:00:02:EB:44
Certificate issuer: /CN=3025fd339aa64504f289a00c4173c55a0002eb44
Certificate serial: 01965A9521EFA2F2FE4E2048514D51E90828
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft
Manifest number: 0EC9
Signing time: Mon 21 Apr 2025 23:00:45 +0000
Manifest this update: Mon 21 Apr 2025 23:00:45 +0000
Manifest next update: Tue 22 Apr 2025 23:00:45 +0000
Files and hashes: 1: DPz87dZS9HseddW8gbD-vS7fq9g.roa (hash: 4BW75SF0KzzzYTTCKr54E2E3BA1EBeDyvFumW+QYO5M=)
2: MCX9M5qmRQTyiaAMQXPFWgAC60Q.crl (hash: /JkwXicFnHLh8qhTFCI5Ot7KpwN7u8zPmjkZOE69rT4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5a:95:21:ef:a2:f2:fe:4e:20:48:51:4d:51:e9:08:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3025fd339aa64504f289a00c4173c55a0002eb44
Validity
Not Before: Apr 21 23:00:45 2025 GMT
Not After : Apr 22 23:00:45 2025 GMT
Subject: CN=654813f4a46956ab7084e68b661092ece3ae23e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1f:33:fa:35:d5:3e:54:30:df:8a:73:bc:c7:
a4:51:13:33:32:e3:c4:cf:a9:e1:fb:27:4e:f3:3d:
33:eb:0c:2b:5a:2d:0b:ec:e6:b5:4b:16:6d:52:46:
6e:8d:d4:c7:f2:14:43:1b:3a:09:42:40:c3:0d:53:
df:39:1a:f5:a8:92:03:43:4c:f3:eb:e2:fc:71:d7:
a5:a2:40:a9:2c:54:14:0b:ab:ae:c7:b3:6a:de:ae:
7d:df:21:85:f8:9c:dc:fd:1b:7d:40:4f:b9:18:96:
82:2d:fa:2d:20:2e:35:73:86:91:9e:43:6e:ad:fb:
bf:33:e2:d0:5d:cb:30:0d:e8:25:5d:3a:17:f4:44:
6d:16:20:f8:56:70:86:37:ce:6b:b6:d0:b6:e7:ff:
9d:0f:2e:14:28:50:ed:5b:5f:c5:c6:5d:7e:4f:35:
69:b7:e0:35:86:b3:cf:1d:5f:4a:ea:cd:6a:f2:6a:
bb:4e:9f:0f:df:85:c7:66:36:e5:7d:fe:2c:80:a8:
f5:1d:ca:e7:ae:a0:48:f3:31:2e:b0:1c:44:ce:93:
af:c1:4b:06:bc:69:c5:fd:28:22:78:59:16:27:19:
37:c0:a2:5a:06:37:2f:8e:a9:47:f6:1d:aa:03:1b:
92:b2:1e:85:cb:a6:3d:5c:c9:cb:14:55:3a:70:c8:
9c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:48:13:F4:A4:69:56:AB:70:84:E6:8B:66:10:92:EC:E3:AE:23:E7
X509v3 Authority Key Identifier:
keyid:30:25:FD:33:9A:A6:45:04:F2:89:A0:0C:41:73:C5:5A:00:02:EB:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:aa:d1:04:83:50:6b:7d:56:21:e3:6c:54:a7:ec:56:62:c4:
37:98:8c:a2:8e:03:6e:25:12:13:bd:4f:06:bf:9e:a7:45:32:
af:76:aa:64:52:50:83:ff:dc:60:3a:6a:e8:bf:16:11:d6:6b:
9d:2a:bd:b9:1b:95:02:09:b3:db:da:72:82:4f:af:91:cb:62:
73:66:bc:1f:7a:61:6e:de:16:fb:2c:3b:d8:07:d5:05:21:87:
17:bd:46:42:4a:3d:b6:e1:fe:bd:42:37:b4:e7:67:75:21:54:
b9:bb:dd:40:8b:5f:aa:72:98:ae:ea:45:df:25:18:e4:60:da:
d9:f8:19:98:62:ea:0c:93:bf:10:f9:30:35:62:00:0f:b0:4d:
04:aa:f4:be:2c:49:24:10:72:0a:ab:15:db:a8:b3:a8:36:04:
6c:3a:e9:a5:be:bc:b2:cd:6a:82:89:d5:b4:15:cf:70:7f:1d:
c2:ba:c9:0e:c0:c3:8d:fd:70:c9:1a:6b:eb:02:da:16:51:a2:
7e:7c:07:31:56:fb:33:a6:37:7a:af:76:1c:85:65:79:76:c4:
ae:fa:0a:ae:da:fa:43:0e:a4:59:03:b5:34:5f:46:a1:97:b8:
8c:c6:64:60:e5:c2:71:ff:3a:41:ef:3e:83:01:76:d9:6e:2c:
21:69:07:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZalSHvovL+TiBIUU1R6QgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjVmZDMzOWFhNjQ1MDRmMjg5YTAwYzQxNzNjNTVhMDAw
MmViNDQwHhcNMjUwNDIxMjMwMDQ1WhcNMjUwNDIyMjMwMDQ1WjAzMTEwLwYDVQQD
Eyg2NTQ4MTNmNGE0Njk1NmFiNzA4NGU2OGI2NjEwOTJlY2UzYWUyM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2h8z+jXVPlQw34pzvMekURMzMuPE
z6nh+ydO8z0z6wwrWi0L7Oa1SxZtUkZujdTH8hRDGzoJQkDDDVPfORr1qJIDQ0zz
6+L8cdelokCpLFQUC6uux7Nq3q593yGF+Jzc/Rt9QE+5GJaCLfotIC41c4aRnkNu
rfu/M+LQXcswDeglXToX9ERtFiD4VnCGN85rttC25/+dDy4UKFDtW1/Fxl1+TzVp
t+A1hrPPHV9K6s1q8mq7Tp8P34XHZjblff4sgKj1HcrnrqBI8zEusBxEzpOvwUsG
vGnF/SgieFkWJxk3wKJaBjcvjqlH9h2qAxuSsh6Fy6Y9XMnLFFU6cMicJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVIE/SkaVarcITmi2YQkuzjriPnMB8GA1UdIwQY
MBaAFDAl/TOapkUE8omgDEFzxVoAAutEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YTUyM2ItNzI0NC00MjJkLTkwMDQt
YzRhYTlkYjFhYmI1LzEvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80YTUyM2ItNzI0NC00MjJkLTkwMDQtYzRhYTlkYjFhYmI1
LzEvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgKrRBINQ
a31WIeNsVKfsVmLEN5iMoo4DbiUSE71PBr+ep0Uyr3aqZFJQg//cYDpq6L8WEdZr
nSq9uRuVAgmz29pygk+vkctic2a8H3phbt4W+yw72AfVBSGHF71GQko9tuH+vUI3
tOdndSFUubvdQItfqnKYrupF3yUY5GDa2fgZmGLqDJO/EPkwNWIAD7BNBKr0vixJ
JBByCqsV26izqDYEbDrppb68ss1qgonVtBXPcH8dwrrJDsDDjf1wyRpr6wLaFlGi
fnwHMVb7M6Y3eq92HIVleXbErvoKrtr6Qw6kWQO1NF9GoZe4jMZkYOXCcf86Qe8+
gwF22W4sIWkHaA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:28:08 2025 by rpki-client