Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: sn9TXibSvyEM+wVHkYpJ7PgGNh1FKO3EHrBRWazbHls=
Subject key identifier: 12:ED:54:DA:B6:2C:44:7A:39:13:B7:49:29:5E:12:E6:1C:37:DD:E8
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 019659825804BAB6F186B448E688DF11F39A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 1503
Signing time: Mon 21 Apr 2025 18:00:36 +0000
Manifest this update: Mon 21 Apr 2025 18:00:36 +0000
Manifest next update: Tue 22 Apr 2025 18:00:36 +0000
Files and hashes: 1: 34veN2ucTJBbi388PrmLekhLRzM.roa (hash: zPkkR8nXQL9mfEVd+D/kn8bIVDt7EDLAoyKRPC1BVEk=)
2: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: GCa4A5YpyBITphGHf4irIBTR2XDfBVtbk1M/a9qfEcE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:82:58:04:ba:b6:f1:86:b4:48:e6:88:df:11:f3:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Apr 21 18:00:36 2025 GMT
Not After : Apr 22 18:00:36 2025 GMT
Subject: CN=12ed54dab62c447a3913b749295e12e61c37dde8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:97:44:9b:3e:d4:e2:44:0c:36:de:62:5f:
d7:46:19:67:5e:24:dc:07:bc:92:c2:24:12:82:79:
b5:26:50:e9:a5:de:6a:52:cf:04:cb:25:f5:dd:5b:
14:55:a9:7b:26:02:d8:b5:4c:07:7c:19:3b:3b:49:
cc:e9:a2:84:49:36:5d:ba:fc:67:88:3f:01:68:5e:
dc:3e:4c:7f:d6:b1:fa:a4:39:1e:2d:ca:17:c0:8d:
38:bd:49:ca:66:53:e6:6b:86:c0:99:84:00:0d:2d:
ba:49:61:70:90:0b:d8:00:92:87:bf:66:39:07:c4:
27:d7:f2:85:3f:e1:73:91:aa:db:8a:0c:29:77:ae:
ff:61:b5:49:eb:b6:f7:05:9a:4a:ce:60:d2:92:a6:
09:f9:b5:4a:c5:b6:80:a2:c1:dd:98:2e:34:09:a0:
09:ef:f2:01:45:57:dc:e8:ff:9f:3f:95:e3:1e:f2:
e7:c7:a4:02:ea:1e:07:c6:3a:f0:c6:f4:66:0e:85:
53:f2:62:28:94:0c:10:ad:2c:4e:26:a5:2d:ef:0c:
d6:ca:22:b0:7d:2d:ea:fe:48:6d:82:25:af:56:4f:
be:d9:c8:3a:23:7d:98:8a:34:fe:3d:7e:22:3e:96:
bd:f9:64:f0:18:0e:98:43:2d:9c:5d:19:c3:f5:17:
66:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:ED:54:DA:B6:2C:44:7A:39:13:B7:49:29:5E:12:E6:1C:37:DD:E8
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:26:4f:e1:77:31:19:c1:8a:e7:3d:8c:e4:63:09:57:80:e5:
e7:e9:c3:7b:2e:bf:70:7d:ea:91:c1:16:63:37:1d:4e:06:68:
ae:a1:f8:80:23:33:e6:07:ec:70:c4:f9:31:37:9a:cd:99:75:
96:45:96:f1:18:b2:68:20:90:61:8a:81:a3:dc:fe:96:17:2b:
0d:61:4c:ea:6f:6e:db:b7:3a:80:14:ec:66:42:6e:68:b8:8b:
c7:40:24:04:21:6e:f9:c0:f6:2b:73:b9:a3:42:de:78:dd:c4:
b4:77:64:c4:e7:ef:e5:38:2e:ed:7b:00:68:e5:a3:79:23:c4:
85:8d:c9:e8:9f:fd:ab:b7:d0:b7:8a:be:9e:2c:26:e4:a5:2b:
e3:91:a1:8f:c9:f8:de:42:73:ff:22:a6:32:b4:7c:3d:95:a2:
38:a4:f2:f6:fb:b8:17:04:63:4a:b8:00:8a:9c:c6:cb:7d:34:
ee:37:78:71:73:c5:6e:ae:51:d6:22:d6:1b:e1:55:24:6b:1d:
33:38:5c:47:22:d0:11:de:39:8f:e5:90:72:22:37:48:4a:19:
32:2e:9b:d3:57:70:81:f9:15:a0:1c:4d:04:9d:d9:75:72:2b:
2a:f9:fe:1f:d1:f2:d3:aa:62:0b:43:c1:34:a5:20:be:ad:57:
bd:40:54:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZglgEurbxhrRI5ojfEfOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjUwNDIxMTgwMDM2WhcNMjUwNDIyMTgwMDM2WjAzMTEwLwYDVQQD
EygxMmVkNTRkYWI2MmM0NDdhMzkxM2I3NDkyOTVlMTJlNjFjMzdkZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCmXRJs+1OJEDDbeYl/XRhlnXiTc
B7ySwiQSgnm1JlDppd5qUs8EyyX13VsUVal7JgLYtUwHfBk7O0nM6aKESTZduvxn
iD8BaF7cPkx/1rH6pDkeLcoXwI04vUnKZlPma4bAmYQADS26SWFwkAvYAJKHv2Y5
B8Qn1/KFP+Fzkarbigwpd67/YbVJ67b3BZpKzmDSkqYJ+bVKxbaAosHdmC40CaAJ
7/IBRVfc6P+fP5XjHvLnx6QC6h4HxjrwxvRmDoVT8mIolAwQrSxOJqUt7wzWyiKw
fS3q/khtgiWvVk++2cg6I32YijT+PX4iPpa9+WTwGA6YQy2cXRnD9RdmiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLtVNq2LER6ORO3SSleEuYcN93oMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALCZP4Xcx
GcGK5z2M5GMJV4Dl5+nDey6/cH3qkcEWYzcdTgZorqH4gCMz5gfscMT5MTeazZl1
lkWW8RiyaCCQYYqBo9z+lhcrDWFM6m9u27c6gBTsZkJuaLiLx0AkBCFu+cD2K3O5
o0LeeN3EtHdkxOfv5Tgu7XsAaOWjeSPEhY3J6J/9q7fQt4q+niwm5KUr45Ghj8n4
3kJz/yKmMrR8PZWiOKTy9vu4FwRjSrgAipzGy3007jd4cXPFbq5R1iLWG+FVJGsd
MzhcRyLQEd45j+WQciI3SEoZMi6b01dwgfkVoBxNBJ3ZdXIrKvn+H9Hy06piC0PB
NKUgvq1XvUBUtA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:53:04 2025 by rpki-client