Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
File: fD2KpDg1BKMa_0sAaBCga88DBa4.mft (raw, json)
Hash identifier: viviFDf6WukKM01/+Kwu01aY54TAU07/TvlXSqvbVfM=
Subject key identifier: C1:D2:AA:7F:3E:45:02:BF:11:81:1C:98:D5:66:D8:74:F6:E2:25:C5
Authority key identifier: 7C:3D:8A:A4:38:35:04:A3:1A:FF:4B:00:68:10:A0:6B:CF:03:05:AE
Certificate issuer: /CN=7c3d8aa4383504a31aff4b006810a06bcf0305ae
Certificate serial: 019655A52EA8EFCC9DB76543D8A3ECE6C91E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
Manifest number: 10D9
Signing time: Mon 21 Apr 2025 00:00:10 +0000
Manifest this update: Mon 21 Apr 2025 00:00:10 +0000
Manifest next update: Tue 22 Apr 2025 00:00:10 +0000
Files and hashes: 1: 8L2O5GlhNp_lrqBMRrzhkCl_FU4.roa (hash: MpUCXGi4iU4O/s2W0Ri/evmaR2tEREi873mtgHCWuJE=)
2: fD2KpDg1BKMa_0sAaBCga88DBa4.crl (hash: DwFhSgBFmHMP7Mheqbiz+iDBpmwnbCM2dXBeFCEteQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:a5:2e:a8:ef:cc:9d:b7:65:43:d8:a3:ec:e6:c9:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d8aa4383504a31aff4b006810a06bcf0305ae
Validity
Not Before: Apr 21 00:00:10 2025 GMT
Not After : Apr 22 00:00:10 2025 GMT
Subject: CN=c1d2aa7f3e4502bf11811c98d566d874f6e225c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:01:33:25:fd:42:37:d4:87:54:3f:03:c3:
9d:1c:15:2c:13:6f:ef:e7:48:24:9c:78:e1:d9:2e:
38:88:8d:61:5a:b2:29:82:46:94:3e:29:8d:bb:76:
d5:f1:48:bb:aa:8a:ff:83:de:50:d8:5b:eb:10:26:
3e:70:2b:ca:13:67:01:34:c7:e5:7d:87:99:bb:27:
ca:8e:c8:33:7b:51:a2:ca:66:56:41:74:f6:01:3b:
3f:a9:46:b3:b1:73:7e:01:2c:d9:9c:05:fd:fe:fa:
f6:46:f4:ae:2e:cf:7a:ad:50:fa:67:df:a6:09:6b:
9e:ee:05:08:db:cc:0e:32:43:aa:da:ba:a9:f7:21:
31:9f:ac:6b:d2:19:08:cd:30:94:1f:eb:0c:31:a9:
99:9e:49:3b:1a:f1:df:88:6f:ae:91:d1:35:cd:bc:
be:36:78:1f:9f:f5:4c:fa:40:e5:09:1b:1a:70:59:
9c:00:26:18:0d:ae:2e:0b:ac:10:e4:10:36:2e:06:
ea:16:8a:40:31:ab:23:77:4c:c6:97:ec:5f:6f:a7:
59:c0:1e:a1:7e:f5:9f:c3:11:b0:ff:b0:3d:7b:e0:
47:80:07:da:8b:2a:32:a7:53:e6:a6:ee:cd:1a:bf:
95:de:27:75:27:06:1f:36:64:af:87:f5:e8:59:c4:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D2:AA:7F:3E:45:02:BF:11:81:1C:98:D5:66:D8:74:F6:E2:25:C5
X509v3 Authority Key Identifier:
keyid:7C:3D:8A:A4:38:35:04:A3:1A:FF:4B:00:68:10:A0:6B:CF:03:05:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:c2:a1:59:b2:72:f9:4a:30:b3:8b:58:95:5d:b7:23:17:45:
eb:e3:d6:ed:69:6b:fc:8d:26:f4:5e:35:9b:b1:c3:74:7f:d0:
22:54:2a:74:4a:0c:f6:be:f9:fa:41:32:95:66:c5:2f:2f:b9:
ef:37:29:a5:3d:e9:ee:92:bf:e5:9e:0e:42:7b:ba:4e:b1:c6:
ee:c6:45:fd:0a:65:8e:91:30:21:35:3f:56:7e:5b:3f:fc:bc:
ec:76:4f:d2:e2:dc:0a:9c:fd:8a:51:b1:75:c5:63:66:ce:1b:
0b:42:5a:0b:be:75:be:f9:87:45:64:a6:b7:78:80:98:42:ea:
50:3e:58:d4:a4:8f:15:8b:37:be:3e:6d:0a:f2:b0:74:45:76:
b9:99:01:0a:e1:2d:4f:73:76:e6:9c:c1:b6:5c:6c:18:0a:ab:
23:31:7e:af:ae:a4:ac:d3:85:10:40:8a:ea:56:0f:f7:21:19:
03:46:af:1f:10:22:49:5b:6a:5f:00:01:d0:cc:d3:fb:e4:5c:
36:a3:95:c5:91:e0:d7:1b:4c:1d:e8:63:de:f3:1b:8e:98:04:
17:4d:3e:b9:87:52:f7:18:af:df:27:c0:02:ee:de:e0:01:e7:
b9:c1:22:99:d9:64:57:de:a2:f9:99:1c:98:5e:be:e0:41:03:
20:89:75:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpS6o78ydt2VD2KPs5skeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2Q4YWE0MzgzNTA0YTMxYWZmNGIwMDY4MTBhMDZiY2Yw
MzA1YWUwHhcNMjUwNDIxMDAwMDEwWhcNMjUwNDIyMDAwMDEwWjAzMTEwLwYDVQQD
EyhjMWQyYWE3ZjNlNDUwMmJmMTE4MTFjOThkNTY2ZDg3NGY2ZTIyNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZUBMyX9QjfUh1Q/A8OdHBUsE2/v
50gknHjh2S44iI1hWrIpgkaUPimNu3bV8Ui7qor/g95Q2FvrECY+cCvKE2cBNMfl
fYeZuyfKjsgze1GiymZWQXT2ATs/qUazsXN+ASzZnAX9/vr2RvSuLs96rVD6Z9+m
CWue7gUI28wOMkOq2rqp9yExn6xr0hkIzTCUH+sMMamZnkk7GvHfiG+ukdE1zby+
Nngfn/VM+kDlCRsacFmcACYYDa4uC6wQ5BA2LgbqFopAMasjd0zGl+xfb6dZwB6h
fvWfwxGw/7A9e+BHgAfaiyoyp1Pmpu7NGr+V3id1JwYfNmSvh/XoWcQKlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHSqn8+RQK/EYEcmNVm2HT24iXFMB8GA1UdIwQY
MBaAFHw9iqQ4NQSjGv9LAGgQoGvPAwWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hNDJlOTQtMTViNy00MjcyLTllYjAt
OTlkYjIxMjQ0ZWRmLzEvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hNDJlOTQtMTViNy00MjcyLTllYjAtOTlkYjIxMjQ0ZWRm
LzEvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT8KhWbJy
+Uows4tYlV23IxdF6+PW7Wlr/I0m9F41m7HDdH/QIlQqdEoM9r75+kEylWbFLy+5
7zcppT3p7pK/5Z4OQnu6TrHG7sZF/QpljpEwITU/Vn5bP/y87HZP0uLcCpz9ilGx
dcVjZs4bC0JaC751vvmHRWSmt3iAmELqUD5Y1KSPFYs3vj5tCvKwdEV2uZkBCuEt
T3N25pzBtlxsGAqrIzF+r66krNOFEECK6lYP9yEZA0avHxAiSVtqXwAB0MzT++Rc
NqOVxZHg1xtMHehj3vMbjpgEF00+uYdS9xiv3yfAAu7e4AHnucEimdlkV96i+Zkc
mF6+4EEDIIl13Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:33:57 2025 by rpki-client