Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft
File: P5oSEPUJkiOdOn8uXoATtatJH_8.mft (raw, json)
Hash identifier: 4F+B1ro1ql4KsV3x9r449nyNawL2ZTFLMxmEkD25yxg=
Subject key identifier: 27:FD:7A:16:B6:D3:B2:51:3B:52:EA:8B:90:A6:01:F6:B9:E9:1B:AD
Authority key identifier: 3F:9A:12:10:F5:09:92:23:9D:3A:7F:2E:5E:80:13:B5:AB:49:1F:FF
Certificate issuer: /CN=3f9a1210f50992239d3a7f2e5e8013b5ab491fff
Certificate serial: 019650B60A17C795C9E4215DB9879240E60E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft
Manifest number: 10CA
Signing time: Sun 20 Apr 2025 01:00:29 +0000
Manifest this update: Sun 20 Apr 2025 01:00:29 +0000
Manifest next update: Mon 21 Apr 2025 01:00:29 +0000
Files and hashes: 1: P5oSEPUJkiOdOn8uXoATtatJH_8.crl (hash: PLeLX1OKk+WhzIn7yxX6sb/6MYn7rzKUnNWCZseljMM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:50:b6:0a:17:c7:95:c9:e4:21:5d:b9:87:92:40:e6:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f9a1210f50992239d3a7f2e5e8013b5ab491fff
Validity
Not Before: Apr 20 01:00:29 2025 GMT
Not After : Apr 21 01:00:29 2025 GMT
Subject: CN=27fd7a16b6d3b2513b52ea8b90a601f6b9e91bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2c:13:0d:30:bf:3e:f1:cb:6f:e6:06:ac:e6:
9e:8e:9a:61:c9:e3:7f:13:7a:34:12:80:5f:b9:37:
9b:e3:a5:b0:df:d7:cf:ed:24:1b:8c:ac:37:e9:56:
23:bc:97:6d:c5:5b:64:38:f6:d7:65:48:36:31:64:
1a:88:88:62:75:ab:d3:54:1d:1b:e9:40:0b:3c:a2:
c3:fa:52:98:e7:55:2e:af:d6:19:c6:00:f4:cf:80:
2d:70:71:d2:0a:d4:39:ed:4f:16:30:18:b8:85:8d:
bf:d2:18:70:ef:1e:91:48:8c:6e:41:7c:84:cb:33:
bd:7f:ef:a4:e0:58:b5:2e:51:21:b4:9b:17:11:21:
f9:22:85:80:e2:a1:78:e3:87:aa:6c:41:61:e2:3d:
2d:42:a7:07:15:23:24:5c:3e:5b:e1:de:37:5d:fa:
16:f6:ac:0f:94:e3:f0:f7:df:66:0b:a4:47:9e:84:
a8:59:e0:68:39:07:6f:40:6f:50:4b:5c:14:ee:c2:
b3:1a:aa:5a:ef:78:43:e6:5e:fc:f4:6f:20:73:94:
11:21:89:c8:81:d7:0c:cb:09:da:14:45:a9:bf:39:
9c:28:f9:34:bd:28:39:eb:48:7f:44:9d:22:7b:5a:
4d:6a:1a:64:eb:bf:f4:f1:f6:a1:d6:2d:c8:3b:ab:
90:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FD:7A:16:B6:D3:B2:51:3B:52:EA:8B:90:A6:01:F6:B9:E9:1B:AD
X509v3 Authority Key Identifier:
keyid:3F:9A:12:10:F5:09:92:23:9D:3A:7F:2E:5E:80:13:B5:AB:49:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:e6:f4:9d:a1:c7:a3:9c:49:c7:11:f0:d9:d7:dc:c1:e2:47:
f5:3e:ee:5e:10:8b:8b:1d:8d:58:fb:ac:11:66:20:a6:fd:30:
ed:5e:30:a2:02:43:33:f5:01:f1:2c:e8:03:58:8f:65:eb:ca:
19:83:6c:3a:1d:a7:0c:31:69:31:9d:92:e4:07:da:37:76:63:
76:71:06:0a:44:14:93:16:86:c8:cc:68:ea:0d:a3:3c:78:b3:
92:c1:46:55:04:9e:ec:17:0a:54:fb:a0:9c:f9:0f:5c:59:28:
df:9e:d1:26:24:d1:9c:91:bc:4a:86:e5:49:00:33:a8:21:63:
e2:b7:3f:ef:e5:88:0c:b9:f6:cf:45:ed:91:14:d2:b5:ad:e6:
86:73:55:2a:bc:a6:0d:5f:2e:8f:6b:cb:84:3e:fc:86:53:5a:
b1:a1:93:f9:19:fc:34:7c:b3:01:70:91:2c:12:a0:da:e8:da:
10:68:16:23:78:5a:8a:6a:d1:d8:68:9f:7d:20:f1:51:2b:0c:
29:d1:e8:12:af:1b:75:78:98:d4:40:16:94:7d:11:fa:92:b8:
98:d7:84:fd:ab:84:42:fa:4a:36:2e:50:eb:d8:5f:c4:c3:d3:
7e:30:57:d4:82:ac:6b:de:3a:1e:3f:4e:d1:56:d5:3b:db:e6:
32:94:cc:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQtgoXx5XJ5CFduYeSQOYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOWExMjEwZjUwOTkyMjM5ZDNhN2YyZTVlODAxM2I1YWI0
OTFmZmYwHhcNMjUwNDIwMDEwMDI5WhcNMjUwNDIxMDEwMDI5WjAzMTEwLwYDVQQD
EygyN2ZkN2ExNmI2ZDNiMjUxM2I1MmVhOGI5MGE2MDFmNmI5ZTkxYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSwTDTC/PvHLb+YGrOaejpphyeN/
E3o0EoBfuTeb46Ww39fP7SQbjKw36VYjvJdtxVtkOPbXZUg2MWQaiIhidavTVB0b
6UALPKLD+lKY51Uur9YZxgD0z4AtcHHSCtQ57U8WMBi4hY2/0hhw7x6RSIxuQXyE
yzO9f++k4Fi1LlEhtJsXESH5IoWA4qF444eqbEFh4j0tQqcHFSMkXD5b4d43XfoW
9qwPlOPw999mC6RHnoSoWeBoOQdvQG9QS1wU7sKzGqpa73hD5l789G8gc5QRIYnI
gdcMywnaFEWpvzmcKPk0vSg560h/RJ0ie1pNahpk67/08fah1i3IO6uQkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCf9eha207JRO1Lqi5CmAfa56RutMB8GA1UdIwQY
MBaAFD+aEhD1CZIjnTp/Ll6AE7WrSR//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xNGE1ZTgtZjNiZi00MmY5LWEyODUt
YTg3MzRmNzAzYjk4LzEvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xNGE1ZTgtZjNiZi00MmY5LWEyODUtYTg3MzRmNzAzYjk4
LzEvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+b0naHH
o5xJxxHw2dfcweJH9T7uXhCLix2NWPusEWYgpv0w7V4wogJDM/UB8SzoA1iPZevK
GYNsOh2nDDFpMZ2S5AfaN3ZjdnEGCkQUkxaGyMxo6g2jPHizksFGVQSe7BcKVPug
nPkPXFko357RJiTRnJG8SoblSQAzqCFj4rc/7+WIDLn2z0XtkRTSta3mhnNVKrym
DV8uj2vLhD78hlNasaGT+Rn8NHyzAXCRLBKg2ujaEGgWI3haimrR2GiffSDxUSsM
KdHoEq8bdXiY1EAWlH0R+pK4mNeE/auEQvpKNi5Q69hfxMPTfjBX1IKsa946Hj9O
0VbVO9vmMpTMtA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:24 2025 by rpki-client