Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
File: NQtAztNuMfkF4abo4DxiHp-_yyk.mft (raw, json)
Hash identifier: yJ3ysUaE4yrqbjnW+3bUiYHQGyvidVy+fM4cD4Uoizo=
Subject key identifier: 20:C0:12:A7:B4:20:52:17:C7:6D:7C:AF:5E:1C:F7:7E:66:A8:39:CA
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 0196515BBA32C77A68C5766F98AE9CBB94F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
Manifest number: 1239
Signing time: Sun 20 Apr 2025 04:01:28 +0000
Manifest this update: Sun 20 Apr 2025 04:01:28 +0000
Manifest next update: Mon 21 Apr 2025 04:01:28 +0000
Files and hashes: 1: NQtAztNuMfkF4abo4DxiHp-_yyk.crl (hash: GMinrO0DPplpFIJcupxkduvddRePDoGNBszhfDGexxQ=)
2: u7-gL9wSp2bGW7DIF24NVuhmOKc.roa (hash: tP75Wdne3vqUbGN0hrtXpkGNXdZlPHZwjnI3xiXFlak=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 04:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:5b:ba:32:c7:7a:68:c5:76:6f:98:ae:9c:bb:94:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Apr 20 04:01:28 2025 GMT
Not After : Apr 21 04:01:28 2025 GMT
Subject: CN=20c012a7b4205217c76d7caf5e1cf77e66a839ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d2:07:66:80:fa:f5:fc:01:6b:56:e7:c7:b3:
75:79:9b:5f:8f:89:d3:59:57:f2:3f:f8:9c:bc:eb:
19:2e:16:8d:44:10:68:30:79:f1:7b:e2:0c:70:39:
cf:2c:8d:38:9a:90:ef:28:13:e9:a6:c3:d0:88:c8:
b5:0d:6e:17:58:1d:78:19:69:cd:79:2a:7b:c3:fe:
32:c7:76:9d:ff:b8:af:72:5a:90:c9:5b:17:14:46:
3d:18:b4:47:33:c2:69:35:ee:05:d5:72:b3:21:4a:
5c:25:b7:43:02:29:ea:e8:6c:29:c3:f1:89:30:8e:
fe:64:ca:ef:a4:e4:82:e1:21:95:ff:e4:57:f9:69:
5b:d1:23:05:4f:b2:ee:17:c4:4f:95:d2:dc:8c:06:
ba:13:17:29:ef:91:3b:04:6f:c3:c8:16:db:46:35:
52:1a:34:46:ba:b4:cb:1f:bf:6a:58:6e:e5:40:3f:
f2:81:85:a8:8c:2a:20:36:dc:40:f5:24:e3:e4:b3:
7a:2e:30:3a:ef:fc:c3:17:fb:45:27:52:02:cb:8a:
c2:c5:00:92:c5:3e:70:62:71:86:90:7e:51:13:1e:
b5:b9:36:54:7b:b1:47:49:9b:1d:f4:7c:ae:45:c2:
72:82:d9:f9:68:e2:f4:fa:44:15:15:f9:e9:4e:ad:
2e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C0:12:A7:B4:20:52:17:C7:6D:7C:AF:5E:1C:F7:7E:66:A8:39:CA
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:51:08:de:59:53:84:bb:c2:dc:f2:36:6e:fd:10:2d:89:09:
59:44:69:88:e6:c9:22:c9:28:5d:38:1b:5e:43:a3:2b:9d:70:
c2:58:48:1c:ad:bb:bb:06:fa:de:48:7b:c9:5f:97:c9:c6:0e:
4e:0b:34:4c:f0:4e:4e:b7:c7:d5:9a:ee:bf:35:62:f9:92:79:
be:3a:4c:25:df:6e:3a:36:e3:07:47:c5:77:df:30:f1:7e:9a:
90:e3:6a:55:c4:c9:3f:c5:f8:46:fb:a2:7f:7a:21:11:9a:97:
43:7a:7c:a6:c2:0c:16:b1:96:73:44:14:cf:6c:b4:0b:65:b2:
ff:9a:d8:56:25:2e:f8:da:27:6f:ff:a0:00:fc:94:68:aa:49:
e1:7f:11:b1:dd:48:fa:20:7f:e7:90:d7:47:19:4b:33:38:5c:
b2:7a:32:2a:30:e0:62:4e:f9:4d:5d:01:3f:b9:e3:3c:fe:a6:
08:66:9d:5a:6b:26:3e:ed:fd:d5:24:68:6d:d6:4c:52:6b:91:
c3:8f:72:85:a3:e4:d5:96:1a:a9:54:df:18:b3:54:3f:2b:c1:
75:6a:95:16:82:73:0a:57:39:1b:95:05:47:45:ef:c2:12:9e:
9b:30:6d:ea:5b:26:a7:cc:44:a9:3a:ac:32:4a:72:37:87:22:
f5:21:ee:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRW7oyx3poxXZvmK6cu5T0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjUwNDIwMDQwMTI4WhcNMjUwNDIxMDQwMTI4WjAzMTEwLwYDVQQD
EygyMGMwMTJhN2I0MjA1MjE3Yzc2ZDdjYWY1ZTFjZjc3ZTY2YTgzOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNIHZoD69fwBa1bnx7N1eZtfj4nT
WVfyP/icvOsZLhaNRBBoMHnxe+IMcDnPLI04mpDvKBPppsPQiMi1DW4XWB14GWnN
eSp7w/4yx3ad/7ivclqQyVsXFEY9GLRHM8JpNe4F1XKzIUpcJbdDAinq6Gwpw/GJ
MI7+ZMrvpOSC4SGV/+RX+Wlb0SMFT7LuF8RPldLcjAa6Excp75E7BG/DyBbbRjVS
GjRGurTLH79qWG7lQD/ygYWojCogNtxA9STj5LN6LjA67/zDF/tFJ1ICy4rCxQCS
xT5wYnGGkH5REx61uTZUe7FHSZsd9HyuRcJygtn5aOL0+kQVFfnpTq0usQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDAEqe0IFIXx218r14c935mqDnKMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT1EI3llT
hLvC3PI2bv0QLYkJWURpiObJIskoXTgbXkOjK51wwlhIHK27uwb63kh7yV+XycYO
Tgs0TPBOTrfH1ZruvzVi+ZJ5vjpMJd9uOjbjB0fFd98w8X6akONqVcTJP8X4Rvui
f3ohEZqXQ3p8psIMFrGWc0QUz2y0C2Wy/5rYViUu+Nonb/+gAPyUaKpJ4X8Rsd1I
+iB/55DXRxlLMzhcsnoyKjDgYk75TV0BP7njPP6mCGadWmsmPu391SRobdZMUmuR
w49yhaPk1ZYaqVTfGLNUPyvBdWqVFoJzClc5G5UFR0XvwhKemzBt6lsmp8xEqTqs
MkpyN4ci9SHung==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:08:58 2025 by rpki-client