Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
File: NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft (raw, json)
Hash identifier: LPoxN4PLHA98JTM6z7Io9H7S6usg84AcKL+WOK1q3tI=
Subject key identifier: 16:B0:D4:58:41:93:9C:09:44:56:07:EC:F7:99:FC:64:E1:B8:45:73
Authority key identifier: 34:DD:40:26:D2:90:F3:20:1D:28:EF:68:4D:3C:5A:C1:3C:96:EC:6D
Certificate issuer: /CN=34dd4026d290f3201d28ef684d3c5ac13c96ec6d
Certificate serial: 01961169DBA92E8930A657EFE84974C28DF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
Manifest number: 29
Signing time: Mon 07 Apr 2025 18:01:12 +0000
Manifest this update: Mon 07 Apr 2025 18:01:12 +0000
Manifest next update: Tue 08 Apr 2025 18:01:12 +0000
Files and hashes: 1: NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl (hash: bM5H+Xxp9smaf6ylKwNenxGcIuvIK5+17sn2k8fOjmg=)
2: NkwYBQBRVrFsj-xUN7Cv_m6lwSA.roa (hash: gjr66sRTq1kait53s7UP3QklI69yHhHqmsXxB/qlKCc=)
3: V4v-VxZ-7OAHRrY5C50VFKZqDnc.roa (hash: 6nRk9oygeeOeb7rjfRo1H5M200eI6zr7Rlb7ujC3GZM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 18:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:69:db:a9:2e:89:30:a6:57:ef:e8:49:74:c2:8d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34dd4026d290f3201d28ef684d3c5ac13c96ec6d
Validity
Not Before: Apr 7 18:01:12 2025 GMT
Not After : Apr 8 18:01:12 2025 GMT
Subject: CN=16b0d45841939c09445607ecf799fc64e1b84573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:d3:de:d3:07:63:2d:a5:33:6a:0b:73:e4:
bf:53:fd:e1:d8:fe:e9:4a:94:c0:be:84:a5:5d:c1:
c8:5d:03:1e:70:00:23:57:84:8a:c5:3a:22:43:a3:
51:cc:c5:bb:dd:f6:fc:e5:9f:86:0c:a4:1c:c8:29:
0a:c6:42:3b:a1:f7:19:f0:03:6c:45:23:b5:3b:35:
13:69:3a:7b:b1:04:5e:08:c2:71:2e:f6:4f:73:7d:
cc:f7:e6:43:c9:47:29:2b:e9:43:33:7e:96:24:1d:
af:88:a1:bf:98:1d:a2:6f:ca:9e:5f:83:90:47:a1:
8c:59:bf:72:ac:13:1f:17:69:8e:34:1d:d2:e9:bd:
43:6a:7f:30:2c:14:6c:25:cd:f9:58:a1:68:d4:b0:
e4:41:06:c1:3a:cd:6d:f9:d0:22:03:f5:78:d6:a7:
f4:4c:2b:cd:3d:d0:a9:6f:f5:3d:db:5d:b3:58:6c:
3e:ce:1b:ed:05:5e:3a:fe:99:ab:bd:cb:a2:aa:45:
11:41:19:6d:37:98:21:1e:39:1b:08:07:d7:82:0b:
59:f6:79:3d:48:03:89:42:39:74:08:28:bb:ee:ec:
36:a5:2b:c1:e6:0c:a5:aa:52:f9:79:e8:e6:ce:7a:
36:e7:05:2a:49:5b:c3:31:c6:2d:fc:26:89:49:84:
3a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B0:D4:58:41:93:9C:09:44:56:07:EC:F7:99:FC:64:E1:B8:45:73
X509v3 Authority Key Identifier:
keyid:34:DD:40:26:D2:90:F3:20:1D:28:EF:68:4D:3C:5A:C1:3C:96:EC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NN1AJtKQ8yAdKO9oTTxawTyW7G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/72a405-1598-4033-8e2b-878507ed46f7/1/NN1AJtKQ8yAdKO9oTTxawTyW7G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:4d:3b:ed:25:b4:31:86:f4:98:40:57:9f:51:83:35:e5:d3:
6d:58:a4:7a:15:29:24:a3:7b:80:a0:7a:45:6d:33:a2:ac:9d:
59:cf:90:ad:4c:f9:33:17:06:65:9c:cb:5c:76:f3:18:50:c6:
1e:67:f7:87:59:09:68:23:c1:eb:29:d6:5b:11:6e:72:43:f0:
df:a6:46:bf:c7:d2:a1:96:43:92:b7:bd:10:dc:ad:c2:c5:88:
d5:ce:42:f2:25:45:66:37:2e:16:b2:2b:5e:bc:25:8d:a7:6c:
31:ba:45:a6:db:34:6b:6d:08:85:d5:b3:d3:3c:27:80:c1:6f:
2f:b9:f8:58:b4:46:e0:87:9d:80:e9:4d:7d:31:22:4b:bf:2b:
1e:2e:6a:0c:c5:d6:52:4c:4f:15:a7:02:d5:bf:0d:b0:6f:e6:
a4:58:6e:ab:be:82:de:90:c4:13:58:54:3d:98:fc:21:a9:2f:
88:4c:42:e7:0e:ff:dc:14:85:4d:b8:0d:2c:a3:38:d7:c0:31:
e3:22:c9:a1:b2:ea:01:c9:66:2e:65:3a:a8:04:fa:7d:16:0e:
e0:6b:9a:dc:92:0e:1e:5c:48:af:91:7c:24:6b:c2:dd:30:09:
f5:70:88:e5:7a:51:87:a1:41:72:c0:df:a5:41:ad:49:aa:d4:
98:47:d7:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRadupLokwplfv6El0wo3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZGQ0MDI2ZDI5MGYzMjAxZDI4ZWY2ODRkM2M1YWMxM2M5
NmVjNmQwHhcNMjUwNDA3MTgwMTEyWhcNMjUwNDA4MTgwMTEyWjAzMTEwLwYDVQQD
EygxNmIwZDQ1ODQxOTM5YzA5NDQ1NjA3ZWNmNzk5ZmM2NGUxYjg0NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZHT3tMHYy2lM2oLc+S/U/3h2P7p
SpTAvoSlXcHIXQMecAAjV4SKxToiQ6NRzMW73fb85Z+GDKQcyCkKxkI7ofcZ8ANs
RSO1OzUTaTp7sQReCMJxLvZPc33M9+ZDyUcpK+lDM36WJB2viKG/mB2ib8qeX4OQ
R6GMWb9yrBMfF2mONB3S6b1Dan8wLBRsJc35WKFo1LDkQQbBOs1t+dAiA/V41qf0
TCvNPdCpb/U9212zWGw+zhvtBV46/pmrvcuiqkURQRltN5ghHjkbCAfXggtZ9nk9
SAOJQjl0CCi77uw2pSvB5gylqlL5eejmzno25wUqSVvDMcYt/CaJSYQ6UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaw1FhBk5wJRFYH7PeZ/GThuEVzMB8GA1UdIwQY
MBaAFDTdQCbSkPMgHSjvaE08WsE8luxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MmE0MDUtMTU5OC00MDMzLThlMmIt
ODc4NTA3ZWQ0NmY3LzEvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MmE0MDUtMTU5OC00MDMzLThlMmItODc4NTA3ZWQ0NmY3
LzEvTk4xQUp0S1E4eUFkS085b1RUeGF3VHlXN0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvE077SW0
MYb0mEBXn1GDNeXTbVikehUpJKN7gKB6RW0zoqydWc+QrUz5MxcGZZzLXHbzGFDG
Hmf3h1kJaCPB6ynWWxFuckPw36ZGv8fSoZZDkre9ENytwsWI1c5C8iVFZjcuFrIr
XrwljadsMbpFpts0a20IhdWz0zwngMFvL7n4WLRG4IedgOlNfTEiS78rHi5qDMXW
UkxPFacC1b8NsG/mpFhuq76C3pDEE1hUPZj8IakviExC5w7/3BSFTbgNLKM418Ax
4yLJobLqAclmLmU6qAT6fRYO4Gua3JIOHlxIr5F8JGvC3TAJ9XCI5XpRh6FBcsDf
pUGtSarUmEfX4A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:58:12 2025 by rpki-client