Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.mft
File: CkGloqGDOWKcwTA-beyLtgXdymU.mft (raw, json)
Hash identifier: CAmAEaDG1I+s9yFPw+jS/fe32jI/UiPaWQx6hCuFPog=
Subject key identifier: 35:83:2A:37:61:F0:24:81:30:14:3F:94:34:17:DB:40:92:F1:4C:8B
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 01960FB2E338F70428C3F095A8B8815E1EC2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.mft
Manifest number: 14DE
Signing time: Mon 07 Apr 2025 10:01:43 +0000
Manifest this update: Mon 07 Apr 2025 10:01:43 +0000
Manifest next update: Tue 08 Apr 2025 10:01:43 +0000
Files and hashes: 1: CkGloqGDOWKcwTA-beyLtgXdymU.crl (hash: U/SaWhyqS1PmnNXWuvCtXKRJljy/YlJp9rohfQfJzMk=)
2: NYpGsgvZZnS43WLsZ6IiOuK1URk.roa (hash: 1DbDkDpg7L2mWH/maxc8wFOk6zRLCwxEnE3jGY7E3oU=)
3: hER6wRwe_hUZJ0u9RImVrBTy1as.roa (hash: iyJ20Ahzbr3qZY7vMtDGjDttWYIPJenArxH2H2QEoYE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:b2:e3:38:f7:04:28:c3:f0:95:a8:b8:81:5e:1e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Apr 7 10:01:43 2025 GMT
Not After : Apr 8 10:01:43 2025 GMT
Subject: CN=35832a3761f0248130143f943417db4092f14c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5b:c9:a6:9c:ed:3b:1a:ef:16:bb:79:c5:96:
fb:91:a2:68:70:58:65:d0:1d:ad:63:06:db:0f:fc:
f8:e9:7b:77:7b:de:b9:91:60:b1:c6:de:b1:f8:55:
94:ec:af:0a:f6:60:70:a8:cd:86:88:6e:cd:db:ae:
89:e6:8c:14:a5:be:c7:6b:fb:47:5d:4b:dc:5f:d0:
2e:6e:d8:54:71:12:88:2b:67:e4:72:3a:ec:cf:16:
7d:f8:85:cd:64:e5:a1:d1:46:de:88:38:a5:6d:6a:
f8:d0:a2:5f:16:9e:7a:7f:b5:10:c4:c5:41:65:04:
42:c3:e6:a0:0a:9b:f5:13:1b:a2:61:d4:8b:02:bd:
29:d4:9a:68:fa:95:88:bf:f1:df:97:9a:d3:56:f6:
f1:ae:f1:c9:5e:f1:fa:ff:67:de:b5:84:4d:95:74:
6f:4b:d0:c4:4a:46:d5:f0:52:a5:11:d7:22:ac:09:
f9:a0:5e:2e:88:c2:b9:44:03:ef:46:aa:b2:fe:5e:
d3:0d:2d:24:08:97:b3:ff:3c:70:ec:f9:55:07:c5:
55:ea:1b:6d:4d:79:a6:1f:12:92:6f:de:7b:33:07:
8d:3c:1d:6d:f9:62:42:86:9d:27:c4:82:91:b8:12:
a2:b4:77:be:02:8a:c5:7b:41:30:c9:f2:51:96:93:
02:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:83:2A:37:61:F0:24:81:30:14:3F:94:34:17:DB:40:92:F1:4C:8B
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:d3:21:78:3a:94:d1:c1:9b:f9:57:85:13:9f:42:3c:a8:70:
94:65:07:6c:c9:ba:c2:78:c9:f5:a1:e3:fd:bb:69:1f:45:bf:
89:45:27:c7:e5:73:42:7c:5f:72:a0:ce:a7:f3:86:b5:f0:12:
b3:4b:d4:c2:80:ef:1d:6e:00:a6:44:2a:6f:63:2a:1e:2a:8a:
08:82:0c:f6:ec:ee:06:f7:ba:87:01:51:2f:53:75:da:f8:5b:
da:bf:4c:b4:f0:8a:e1:88:9d:17:2f:a1:8b:ca:5b:8a:52:fa:
5c:a5:76:c0:b3:4b:3d:4d:87:fd:4f:bb:fe:8c:71:68:9a:71:
91:cd:0a:b1:3a:91:f2:fa:de:e2:70:cd:d4:3b:bd:1f:04:83:
27:f9:62:2c:72:da:b9:5d:f0:50:34:a6:de:8e:d9:6f:ea:68:
ac:cb:19:8d:04:80:e3:81:a0:70:41:1c:80:b1:13:ea:0a:ab:
38:f6:41:52:97:08:dd:32:9c:49:24:2c:14:a1:5c:18:42:bb:
da:b3:86:9c:51:a8:47:84:a8:6d:bc:44:eb:f4:0d:27:ea:0c:
c3:ba:6a:1e:f2:3b:23:da:89:f8:99:df:24:7b:1d:14:e7:df:
42:a3:19:de:b0:ce:28:a9:34:1a:48:d9:51:1b:e0:c6:44:4f:
46:7d:e8:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYPsuM49wQow/CVqLiBXh7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjUwNDA3MTAwMTQzWhcNMjUwNDA4MTAwMTQzWjAzMTEwLwYDVQQD
EygzNTgzMmEzNzYxZjAyNDgxMzAxNDNmOTQzNDE3ZGI0MDkyZjE0YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFvJppztOxrvFrt5xZb7kaJocFhl
0B2tYwbbD/z46Xt3e965kWCxxt6x+FWU7K8K9mBwqM2GiG7N266J5owUpb7Ha/tH
XUvcX9AubthUcRKIK2fkcjrszxZ9+IXNZOWh0UbeiDilbWr40KJfFp56f7UQxMVB
ZQRCw+agCpv1ExuiYdSLAr0p1Jpo+pWIv/Hfl5rTVvbxrvHJXvH6/2fetYRNlXRv
S9DESkbV8FKlEdcirAn5oF4uiMK5RAPvRqqy/l7TDS0kCJez/zxw7PlVB8VV6htt
TXmmHxKSb957MweNPB1t+WJChp0nxIKRuBKitHe+AorFe0EwyfJRlpMCdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWDKjdh8CSBMBQ/lDQX20CS8UyLMB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApNMheDqU
0cGb+VeFE59CPKhwlGUHbMm6wnjJ9aHj/btpH0W/iUUnx+VzQnxfcqDOp/OGtfAS
s0vUwoDvHW4ApkQqb2MqHiqKCIIM9uzuBve6hwFRL1N12vhb2r9MtPCK4YidFy+h
i8pbilL6XKV2wLNLPU2H/U+7/oxxaJpxkc0KsTqR8vre4nDN1Du9HwSDJ/liLHLa
uV3wUDSm3o7Zb+porMsZjQSA44GgcEEcgLET6gqrOPZBUpcI3TKcSSQsFKFcGEK7
2rOGnFGoR4SobbxE6/QNJ+oMw7pqHvI7I9qJ+JnfJHsdFOffQqMZ3rDOKKk0GkjZ
URvgxkRPRn3onQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:35:50 2025 by rpki-client