Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
File: NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft (raw, json)
Hash identifier: +LD3FPCzMoCjgtJLtbiiNSmWL4YiR0ZEl39luT9L71E=
Subject key identifier: 0C:F1:6E:FB:CA:A7:6B:C6:14:81:D6:D5:19:AE:9B:18:B7:4C:98:2F
Authority key identifier: 35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
Certificate issuer: /CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Certificate serial: 01965C832549E18E7DFE56C5219CB7279A12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
Manifest number: 02D3
Signing time: Tue 22 Apr 2025 08:00:20 +0000
Manifest this update: Tue 22 Apr 2025 08:00:20 +0000
Manifest next update: Wed 23 Apr 2025 08:00:20 +0000
Files and hashes: 1: NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl (hash: X6dlGMVMgRfpVOiJqJIxHd6OQ+vIFf9l/DKgSFmzCKE=)
2: okivhnQi7w6GWYPlNEAmkXkmxpY.roa (hash: k4R8rWTOlMy3O5fk1lka5CmGZaX0JQEHHbZQX1i51u4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:83:25:49:e1:8e:7d:fe:56:c5:21:9c:b7:27:9a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d7dbaa75ef3420d8d9459130ed01dc535136fb
Validity
Not Before: Apr 22 08:00:20 2025 GMT
Not After : Apr 23 08:00:20 2025 GMT
Subject: CN=0cf16efbcaa76bc61481d6d519ae9b18b74c982f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a6:d0:3a:e9:ab:ec:93:df:8c:35:0a:e8:58:
dc:8a:5c:88:2f:f6:ae:b9:64:23:86:ce:33:bc:d0:
1e:c6:9a:b1:da:27:65:dc:a8:39:b4:ae:76:a7:e0:
a4:1f:0e:a3:d0:a2:6c:e3:2b:eb:44:5a:15:4b:f7:
05:19:fb:0b:b9:98:d2:a6:d3:ba:e4:40:0b:cc:b1:
ee:6f:a1:65:76:a9:18:3d:7e:3d:9b:25:3a:d6:37:
0b:7b:1e:70:7a:35:18:7c:91:97:85:7c:8a:8f:cb:
81:d6:10:06:0e:4e:da:87:04:b1:82:a8:d9:9a:83:
09:a6:31:53:59:6b:d4:8a:b3:9c:a7:a5:bb:d1:e4:
15:b3:9c:cb:15:8b:2b:07:3b:fb:dd:7b:d8:97:61:
4f:fa:6e:7b:61:31:e1:92:73:7d:ff:f1:93:bc:41:
70:47:a2:b6:f8:ec:d0:73:6c:f4:b7:89:98:b3:4c:
b6:54:be:01:2d:8a:eb:db:7f:67:48:ce:ba:32:23:
59:08:59:29:76:3a:8c:d5:9b:09:6a:77:85:d0:c1:
2b:b5:9a:23:4f:50:ed:ac:80:74:03:e4:45:d5:6d:
19:3d:c5:ea:f9:c6:0d:0e:d6:fc:44:e2:19:79:aa:
8d:bb:10:3d:a6:60:87:a3:fb:fc:83:32:73:db:f9:
54:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F1:6E:FB:CA:A7:6B:C6:14:81:D6:D5:19:AE:9B:18:B7:4C:98:2F
X509v3 Authority Key Identifier:
keyid:35:D7:DB:AA:75:EF:34:20:D8:D9:45:91:30:ED:01:DC:53:51:36:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdfbqnXvNCDY2UWRMO0B3FNRNvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9a8a3b-9b44-49ca-b674-d92c9380af33/1/NdfbqnXvNCDY2UWRMO0B3FNRNvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:25:bb:a8:8c:7a:65:43:a6:b5:b6:80:b7:3d:ee:29:e6:7e:
23:43:9a:b7:ee:76:85:a3:ef:88:ac:86:7b:eb:5a:bc:11:55:
90:f6:88:8b:3b:ba:29:7b:b2:05:fc:a9:00:b1:d9:d3:8c:2b:
17:4a:a8:7f:94:6f:fd:43:24:e0:ce:6f:39:1a:f7:11:45:4b:
39:2d:a6:0c:bb:0c:99:66:b5:a7:ce:74:af:72:6f:04:63:fe:
50:00:1b:83:f6:92:5d:20:16:7a:12:50:f4:71:3c:0c:05:7c:
6e:cf:0e:4a:97:97:1f:a2:f4:61:4e:65:56:9b:4c:f5:bb:11:
a8:04:ee:d9:27:e6:ad:d4:dc:99:13:7a:70:4f:52:34:2e:c7:
67:50:42:4f:05:14:61:eb:28:96:85:c8:53:72:12:0a:d5:14:
97:2f:d9:d2:78:24:6c:9b:41:6e:0d:76:a8:b5:a0:e3:00:26:
fa:11:6a:74:f3:56:f9:ea:85:e1:13:f7:39:b4:9c:ad:4f:9e:
ca:aa:62:87:5c:7f:f7:68:8e:bd:cf:36:73:45:27:c8:ee:ee:
48:14:92:5c:c1:f5:b3:5d:22:0d:c7:79:cc:6e:9c:bf:b8:43:
f2:07:ab:fb:97:e3:f1:fd:12:be:87:bd:2b:aa:63:1f:dd:64:
33:5a:90:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZcgyVJ4Y59/lbFIZy3J5oSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDdkYmFhNzVlZjM0MjBkOGQ5NDU5MTMwZWQwMWRjNTM1
MTM2ZmIwHhcNMjUwNDIyMDgwMDIwWhcNMjUwNDIzMDgwMDIwWjAzMTEwLwYDVQQD
EygwY2YxNmVmYmNhYTc2YmM2MTQ4MWQ2ZDUxOWFlOWIxOGI3NGM5ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qbQOumr7JPfjDUK6FjcilyIL/au
uWQjhs4zvNAexpqx2idl3Kg5tK52p+CkHw6j0KJs4yvrRFoVS/cFGfsLuZjSptO6
5EALzLHub6FldqkYPX49myU61jcLex5wejUYfJGXhXyKj8uB1hAGDk7ahwSxgqjZ
moMJpjFTWWvUirOcp6W70eQVs5zLFYsrBzv73XvYl2FP+m57YTHhknN9//GTvEFw
R6K2+OzQc2z0t4mYs0y2VL4BLYrr239nSM66MiNZCFkpdjqM1ZsJaneF0MErtZoj
T1DtrIB0A+RF1W0ZPcXq+cYNDtb8ROIZeaqNuxA9pmCHo/v8gzJz2/lU1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzxbvvKp2vGFIHW1Rmumxi3TJgvMB8GA1UdIwQY
MBaAFDXX26p17zQg2NlFkTDtAdxTUTb7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQt
ZDkyYzkzODBhZjMzLzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85YThhM2ItOWI0NC00OWNhLWI2NzQtZDkyYzkzODBhZjMz
LzEvTmRmYnFuWHZOQ0RZMlVXUk1PMEIzRk5STnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYCW7qIx6
ZUOmtbaAtz3uKeZ+I0Oat+52haPviKyGe+tavBFVkPaIizu6KXuyBfypALHZ04wr
F0qof5Rv/UMk4M5vORr3EUVLOS2mDLsMmWa1p850r3JvBGP+UAAbg/aSXSAWehJQ
9HE8DAV8bs8OSpeXH6L0YU5lVptM9bsRqATu2SfmrdTcmRN6cE9SNC7HZ1BCTwUU
YesoloXIU3ISCtUUly/Z0ngkbJtBbg12qLWg4wAm+hFqdPNW+eqF4RP3ObScrU+e
yqpih1x/92iOvc82c0UnyO7uSBSSXMH1s10iDcd5zG6cv7hD8ger+5fj8f0Svoe9
K6pjH91kM1qQ0w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:00:39 2025 by rpki-client