Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
File: sz3NILWulcFy0y7XKevzBhl7I-c.mft (raw, json)
Hash identifier: buIRAwXOhcygIzmUXekm6NYiM23KcDTZRf0vKdjXpsY=
Subject key identifier: D4:C1:DB:CC:E0:89:BC:7B:36:35:2D:3C:60:8D:74:C4:A4:5B:B6:C5
Authority key identifier: B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
Certificate issuer: /CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Certificate serial: 01961FC9CA14FB9059F8277ACFC47ED0F857
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
Manifest number: 14E3
Signing time: Thu 10 Apr 2025 13:00:40 +0000
Manifest this update: Thu 10 Apr 2025 13:00:40 +0000
Manifest next update: Fri 11 Apr 2025 13:00:40 +0000
Files and hashes: 1: CIm7PdRT4tGc0ohUd0vMkXyk2Z4.roa (hash: bKi9ERQ3HDvQWS3A9n+SnlJFymCAx7E6eQcIAFgcP7o=)
2: sz3NILWulcFy0y7XKevzBhl7I-c.crl (hash: ZLDRTIalgaPIEOOx9+cuNYKhSXsV7iy4fGfMevTq9i4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 13:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:c9:ca:14:fb:90:59:f8:27:7a:cf:c4:7e:d0:f8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Validity
Not Before: Apr 10 13:00:40 2025 GMT
Not After : Apr 11 13:00:40 2025 GMT
Subject: CN=d4c1dbcce089bc7b36352d3c608d74c4a45bb6c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4e:4c:54:20:9a:a8:79:00:d2:13:c6:0d:d5:
f6:c2:2e:e7:43:fa:94:d8:92:de:7e:79:28:5c:5d:
8e:6a:c9:ee:39:5e:d2:63:b6:d6:12:ac:aa:13:85:
b0:b5:15:14:f6:78:89:d4:8c:9c:73:a2:d6:2a:f0:
34:a2:7c:9f:11:d9:a7:e9:40:76:27:e2:dc:d0:04:
8f:71:89:ad:44:fa:36:cd:9e:d6:a4:fe:e2:23:17:
bd:ee:17:24:3d:82:60:60:6a:88:07:bb:97:c7:9d:
35:17:ca:af:7b:ac:af:43:c3:de:f4:17:98:b3:ca:
63:93:0f:f5:11:7f:75:2b:4e:49:52:27:b6:a8:b9:
a8:cf:43:5c:0f:ec:42:ad:ea:d0:3a:c7:f0:59:a9:
be:b5:25:5e:c1:ca:0a:3d:45:a7:a6:d1:e6:2c:9b:
18:4e:0e:04:04:0d:d2:22:5a:31:6f:48:8d:95:16:
2b:de:ed:75:eb:e9:9e:13:6b:77:71:55:84:cb:14:
e2:6f:e9:4e:df:a2:0f:8d:ab:6c:90:db:e4:1d:7d:
e3:36:dd:de:d1:4d:79:36:30:1c:77:69:b1:19:f6:
67:a1:09:24:23:e2:8a:a7:81:bc:38:20:17:bd:d8:
4f:bf:f2:da:0e:9d:8a:cc:88:b7:5f:04:96:31:74:
f6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C1:DB:CC:E0:89:BC:7B:36:35:2D:3C:60:8D:74:C4:A4:5B:B6:C5
X509v3 Authority Key Identifier:
keyid:B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:74:6d:96:6c:0a:8b:eb:7d:76:62:93:6d:f5:18:c6:63:74:
a6:8d:eb:d6:3b:c4:fa:42:2b:5e:94:da:0f:dc:cd:93:15:8e:
4f:37:ae:49:6e:ed:8d:75:a1:73:bc:3c:36:60:07:0c:36:9e:
1f:0c:4f:d9:50:3a:05:e5:59:06:8c:9a:66:b8:45:85:e1:dc:
70:11:49:25:8d:f7:1e:d0:29:f4:a1:c7:81:cf:8d:76:5a:fc:
4d:8d:09:82:ec:6d:ef:7e:ef:6e:a9:3b:88:e8:c3:7a:8e:80:
da:17:75:be:b6:7e:fc:85:c0:a7:c2:06:ff:e9:bb:48:59:17:
1c:34:17:fa:76:58:b7:94:f5:e5:81:a7:72:a9:78:43:ba:70:
01:db:eb:df:10:b1:ee:94:75:65:c2:db:7b:3f:93:fb:86:bb:
1d:d7:3b:b5:f3:cc:3d:db:9d:9a:2e:c2:9d:39:b8:97:79:d4:
e4:e3:ca:3f:6a:d6:ec:30:67:21:43:48:7e:36:dc:66:f8:a2:
e7:63:6a:26:b9:79:5e:a1:0a:ef:02:84:78:d2:14:e8:61:75:
20:e3:1b:2e:01:c1:18:a1:07:b6:9e:7e:b6:25:c9:32:6c:0c:
77:ce:44:18:d6:15:ba:0b:dc:54:14:47:a1:62:12:41:4e:8a:
53:1a:8c:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYfycoU+5BZ+Cd6z8R+0PhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzM2RjZDIwYjVhZTk1YzE3MmQzMmVkNzI5ZWJmMzA2MTk3
YjIzZTcwHhcNMjUwNDEwMTMwMDQwWhcNMjUwNDExMTMwMDQwWjAzMTEwLwYDVQQD
EyhkNGMxZGJjY2UwODliYzdiMzYzNTJkM2M2MDhkNzRjNGE0NWJiNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU5MVCCaqHkA0hPGDdX2wi7nQ/qU
2JLefnkoXF2OasnuOV7SY7bWEqyqE4WwtRUU9niJ1Iycc6LWKvA0onyfEdmn6UB2
J+Lc0ASPcYmtRPo2zZ7WpP7iIxe97hckPYJgYGqIB7uXx501F8qve6yvQ8Pe9BeY
s8pjkw/1EX91K05JUie2qLmoz0NcD+xCrerQOsfwWam+tSVewcoKPUWnptHmLJsY
Tg4EBA3SIloxb0iNlRYr3u116+meE2t3cVWEyxTib+lO36IPjatskNvkHX3jNt3e
0U15NjAcd2mxGfZnoQkkI+KKp4G8OCAXvdhPv/LaDp2KzIi3XwSWMXT2owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTB28zgibx7NjUtPGCNdMSkW7bFMB8GA1UdIwQY
MBaAFLM9zSC1rpXBctMu1ynr8wYZeyPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgt
NTU1YTE5ODMzZDhlLzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgtNTU1YTE5ODMzZDhl
LzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnRtlmwK
i+t9dmKTbfUYxmN0po3r1jvE+kIrXpTaD9zNkxWOTzeuSW7tjXWhc7w8NmAHDDae
HwxP2VA6BeVZBoyaZrhFheHccBFJJY33HtAp9KHHgc+Ndlr8TY0Jguxt737vbqk7
iOjDeo6A2hd1vrZ+/IXAp8IG/+m7SFkXHDQX+nZYt5T15YGncql4Q7pwAdvr3xCx
7pR1ZcLbez+T+4a7Hdc7tfPMPdudmi7CnTm4l3nU5OPKP2rW7DBnIUNIfjbcZvii
52NqJrl5XqEK7wKEeNIU6GF1IOMbLgHBGKEHtp5+tiXJMmwMd85EGNYVugvcVBRH
oWISQU6KUxqM6g==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:15 2025 by rpki-client