Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft
File: iq94tpd0pVUH3qv4xMlpQunvDSA.mft (raw, json)
Hash identifier: n/jg6MUgjREMUivdOqUtqGYCMbax7dOCwySiG8DZOL0=
Subject key identifier: 4A:35:D2:DD:A9:70:81:DC:22:92:4B:8D:D2:E9:98:FE:45:8D:C5:99
Authority key identifier: 8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20
Certificate issuer: /CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20
Certificate serial: 0196568118693534E5F8A8520C86B032EF01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft
Manifest number: 0BFA
Signing time: Mon 21 Apr 2025 04:00:23 +0000
Manifest this update: Mon 21 Apr 2025 04:00:23 +0000
Manifest next update: Tue 22 Apr 2025 04:00:23 +0000
Files and hashes: 1: JQCJu_zj_dBb25hVe1CPLuILo-c.roa (hash: ppq/kkdZOhkWPFmrOFoKNIk30mkp2cJ+7oYbrYYHQUY=)
2: iq94tpd0pVUH3qv4xMlpQunvDSA.crl (hash: y3HWxuMfhUIHJ7WwDg9FRs9ppP8Jxtmp9g5iMyfeI/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:81:18:69:35:34:e5:f8:a8:52:0c:86:b0:32:ef:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20
Validity
Not Before: Apr 21 04:00:23 2025 GMT
Not After : Apr 22 04:00:23 2025 GMT
Subject: CN=4a35d2dda97081dc22924b8dd2e998fe458dc599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e5:bf:8d:7e:93:cc:a0:76:cf:53:34:e2:6f:
94:7d:0f:d6:c1:72:c1:46:16:06:df:ef:e9:ac:b0:
cf:87:7d:1d:43:e5:df:bc:88:21:54:e5:5f:2b:b6:
57:07:d1:8e:b9:b7:72:a1:37:68:40:db:70:83:0a:
33:a5:5d:c4:0b:7f:76:09:c3:19:89:b7:c4:fa:fb:
73:e1:cc:f7:67:19:c5:e7:b0:b1:bb:6a:d4:78:24:
9a:a5:13:6a:f2:84:a5:c6:de:d5:e8:9c:59:d0:ec:
fa:b7:5b:b5:c3:50:7a:44:6d:79:8c:e4:a4:0e:bd:
64:5a:b8:e1:bc:63:25:9b:a2:3c:3b:64:0b:2a:20:
c9:ae:dc:f6:26:79:5a:b1:22:37:24:88:54:a6:56:
0d:6c:aa:ad:de:61:97:1a:55:63:16:49:d3:95:9a:
25:a8:52:74:48:b5:31:b0:bd:53:ba:cd:d6:19:8a:
ea:e2:7f:e3:2e:39:6f:5d:db:0f:d2:4b:9a:b1:8d:
18:55:c2:95:d9:68:ea:b3:99:85:4d:c6:b5:a5:96:
e9:93:8b:cb:70:8b:ea:38:fb:17:83:51:1c:fc:ca:
cb:55:38:86:16:6d:65:dc:00:99:4c:54:a1:86:d8:
67:47:93:01:31:64:95:ad:ea:ef:f6:19:e7:40:90:
a8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:35:D2:DD:A9:70:81:DC:22:92:4B:8D:D2:E9:98:FE:45:8D:C5:99
X509v3 Authority Key Identifier:
keyid:8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:e0:a8:e7:d0:2d:e8:f7:c2:98:3c:4f:3d:c7:c6:f9:36:42:
e8:37:e9:a6:7e:61:0f:ea:78:31:d7:30:34:17:8d:25:be:67:
c3:76:dc:f6:ae:ef:a3:d7:d4:61:35:17:a8:56:d4:76:63:26:
bd:93:32:6e:2c:85:a1:37:d2:76:92:f3:20:47:4a:e3:5d:ac:
6a:9f:4c:f3:73:ac:a7:72:07:f2:5d:38:20:7e:a5:39:c5:a3:
19:11:cf:44:ee:f4:5a:3f:74:c0:9b:bc:4b:5b:24:25:44:76:
1c:11:4f:bb:87:25:10:12:2a:29:28:ab:1a:9f:aa:60:f5:36:
12:b8:2c:87:f3:12:3a:10:85:e9:36:c5:9e:82:87:75:d0:b9:
52:3f:1c:04:2b:7c:70:18:bc:67:b3:da:49:a1:ed:d2:a0:6d:
a0:2b:8b:01:b5:43:b6:dd:6a:95:15:13:99:6d:f7:47:73:89:
99:73:bc:56:39:f2:e7:17:ff:3a:dc:53:c5:ed:35:2b:af:24:
c2:a6:73:61:d9:70:5e:46:91:b3:91:d6:f3:b1:50:83:5d:8d:
dd:f1:8e:ac:01:06:c3:17:81:46:7f:f1:22:22:dd:02:4c:df:
f6:18:f2:6b:2c:dd:bc:92:86:a3:62:3d:e3:92:b9:17:59:3d:
b3:77:fe:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWgRhpNTTl+KhSDIawMu8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWY3OGI2OTc3NGE1NTUwN2RlYWJmOGM0Yzk2OTQyZTll
ZjBkMjAwHhcNMjUwNDIxMDQwMDIzWhcNMjUwNDIyMDQwMDIzWjAzMTEwLwYDVQQD
Eyg0YTM1ZDJkZGE5NzA4MWRjMjI5MjRiOGRkMmU5OThmZTQ1OGRjNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OW/jX6TzKB2z1M04m+UfQ/WwXLB
RhYG3+/prLDPh30dQ+XfvIghVOVfK7ZXB9GOubdyoTdoQNtwgwozpV3EC392CcMZ
ibfE+vtz4cz3ZxnF57Cxu2rUeCSapRNq8oSlxt7V6JxZ0Oz6t1u1w1B6RG15jOSk
Dr1kWrjhvGMlm6I8O2QLKiDJrtz2JnlasSI3JIhUplYNbKqt3mGXGlVjFknTlZol
qFJ0SLUxsL1Tus3WGYrq4n/jLjlvXdsP0kuasY0YVcKV2Wjqs5mFTca1pZbpk4vL
cIvqOPsXg1Ec/MrLVTiGFm1l3ACZTFShhthnR5MBMWSVrerv9hnnQJCosQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEo10t2pcIHcIpJLjdLpmP5FjcWZMB8GA1UdIwQY
MBaAFIqveLaXdKVVB96r+MTJaULp7w0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83OTczOTAtODFkNC00YzVkLWFiNzEt
NzA4ODU2OGM1MWMwLzEvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS83OTczOTAtODFkNC00YzVkLWFiNzEtNzA4ODU2OGM1MWMw
LzEvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANOCo59At
6PfCmDxPPcfG+TZC6Dfppn5hD+p4MdcwNBeNJb5nw3bc9q7vo9fUYTUXqFbUdmMm
vZMybiyFoTfSdpLzIEdK412sap9M83Osp3IH8l04IH6lOcWjGRHPRO70Wj90wJu8
S1skJUR2HBFPu4clEBIqKSirGp+qYPU2Ergsh/MSOhCF6TbFnoKHddC5Uj8cBCt8
cBi8Z7PaSaHt0qBtoCuLAbVDtt1qlRUTmW33R3OJmXO8Vjny5xf/OtxTxe01K68k
wqZzYdlwXkaRs5HW87FQg12N3fGOrAEGwxeBRn/xIiLdAkzf9hjyayzdvJKGo2I9
45K5F1k9s3f+qA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:58:07 2025 by rpki-client