Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.mft
File: ug4SZOB7Nwi8udtaFOfMknCGOVg.mft (raw, json)
Hash identifier: X0b3cYnNn4+uWFDzgKfpy5MjG1OhMq7urMCj+h3sttg=
Subject key identifier: DB:0B:9B:79:65:57:73:DF:25:F7:EF:3C:84:17:78:36:D8:73:61:C1
Authority key identifier: BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
Certificate issuer: /CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Certificate serial: 019655A5D560980401A08D3F4086352AB1B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.mft
Manifest number: 1505
Signing time: Mon 21 Apr 2025 00:00:53 +0000
Manifest this update: Mon 21 Apr 2025 00:00:53 +0000
Manifest next update: Tue 22 Apr 2025 00:00:53 +0000
Files and hashes: 1: ug4SZOB7Nwi8udtaFOfMknCGOVg.crl (hash: zaFkhmYKZGWvSQCgfHyRlSE2VzyIFh3iyAl5o4vYjiQ=)
2: xXvm8v3Fqzu_dszdmjsgqNl1Hcw.roa (hash: Nh/ftcdTWsREAPkqBZbyfany4F8e1nXpYHmf8szSz/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 00:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:a5:d5:60:98:04:01:a0:8d:3f:40:86:35:2a:b1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Validity
Not Before: Apr 21 00:00:53 2025 GMT
Not After : Apr 22 00:00:53 2025 GMT
Subject: CN=db0b9b79655773df25f7ef3c84177836d87361c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:53:50:f8:23:08:12:47:d2:be:50:4a:be:
d7:46:2b:ca:d3:0c:98:a7:f8:c5:40:26:93:e9:e4:
52:64:39:65:9a:d7:1c:e8:10:1d:a4:bc:61:f0:89:
09:7f:7d:fc:57:a6:28:61:6b:77:6d:7a:d6:8d:e5:
d0:10:7b:c0:94:1c:d2:9c:70:f3:4b:d9:b1:37:92:
58:bf:1a:c0:8d:6b:1a:99:90:e3:48:31:39:e8:69:
ba:cb:78:c6:b5:a0:b1:cc:fd:a4:ba:d9:e5:0a:de:
8d:75:45:99:03:ad:2c:42:34:da:b3:39:7d:1a:b3:
45:57:47:62:cf:8f:0a:ea:03:85:19:10:b9:20:91:
fc:a6:1a:5d:3a:5e:b2:a6:8d:4c:b0:81:33:88:c6:
d0:3d:24:ac:4b:29:14:42:af:03:b6:fc:86:85:7e:
e5:56:49:a6:95:29:bc:e4:86:e7:fb:ca:40:3f:2a:
04:e5:7d:9c:f6:f3:df:d9:f4:4e:c7:dc:9a:62:0b:
a7:e3:1f:b5:7c:62:f6:61:c6:fb:e5:7c:21:a8:c0:
27:52:db:d4:9d:40:23:02:ae:05:72:df:c1:da:da:
b8:fb:63:26:64:e3:de:92:65:f2:00:57:45:cb:3f:
37:52:a3:d3:dd:bf:4f:b6:60:ad:3a:da:b5:92:f6:
a3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0B:9B:79:65:57:73:DF:25:F7:EF:3C:84:17:78:36:D8:73:61:C1
X509v3 Authority Key Identifier:
keyid:BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:2d:88:bd:5f:f9:1b:bb:c8:63:81:c1:3b:9c:24:0b:1a:31:
b2:22:60:df:e4:cf:48:fd:1c:2e:2b:6f:83:74:91:cc:c8:2f:
c5:af:5f:37:01:4d:b1:f7:5c:da:28:58:67:3a:d0:73:6d:8e:
ff:1e:43:9c:12:31:0b:fc:6c:e0:3b:a6:5f:a8:c2:47:12:fa:
7f:63:e5:27:f3:07:f3:38:1f:53:b8:8d:52:fd:5f:58:e9:82:
56:e5:25:ad:e2:f4:34:1a:69:62:8d:d4:71:ca:69:43:cf:33:
5d:89:f2:fa:a9:35:6a:bd:2c:73:c9:68:e3:32:a3:34:8b:35:
03:d1:2e:49:ed:02:b3:92:90:8f:0a:b1:b8:9f:40:c8:6b:7c:
86:45:16:87:43:26:ec:b9:ea:e2:13:30:40:4d:57:78:bb:7b:
8a:e5:a1:fd:ea:c7:7d:32:2f:ec:02:42:a7:2a:8f:bd:aa:aa:
ef:04:b8:2c:57:50:d5:dc:03:a4:48:c5:53:58:1e:e1:71:07:
93:26:f2:b5:fe:e2:1d:2c:4a:ea:98:da:08:fd:27:1b:09:b3:
78:c4:e1:5b:7b:b8:b5:f3:d6:0c:9e:89:e7:fb:5d:b6:fb:4f:
7d:21:27:52:69:f4:47:2b:a4:4f:db:15:34:e3:35:ff:97:de:
96:2f:fe:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpdVgmAQBoI0/QIY1KrGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGUxMjY0ZTA3YjM3MDhiY2I5ZGI1YTE0ZTdjYzkyNzA4
NjM5NTgwHhcNMjUwNDIxMDAwMDUzWhcNMjUwNDIyMDAwMDUzWjAzMTEwLwYDVQQD
EyhkYjBiOWI3OTY1NTc3M2RmMjVmN2VmM2M4NDE3NzgzNmQ4NzM2MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu01TUPgjCBJH0r5QSr7XRivK0wyY
p/jFQCaT6eRSZDllmtcc6BAdpLxh8IkJf338V6YoYWt3bXrWjeXQEHvAlBzSnHDz
S9mxN5JYvxrAjWsamZDjSDE56Gm6y3jGtaCxzP2kutnlCt6NdUWZA60sQjTaszl9
GrNFV0diz48K6gOFGRC5IJH8phpdOl6ypo1MsIEziMbQPSSsSykUQq8DtvyGhX7l
VkmmlSm85Ibn+8pAPyoE5X2c9vPf2fROx9yaYgun4x+1fGL2Ycb75XwhqMAnUtvU
nUAjAq4Fct/B2tq4+2MmZOPekmXyAFdFyz83UqPT3b9PtmCtOtq1kvajHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsLm3llV3PfJffvPIQXeDbYc2HBMB8GA1UdIwQY
MBaAFLoOEmTgezcIvLnbWhTnzJJwhjlYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWc0U1pPQjdOd2k4dWR0YUZPZk1rbkNHT1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82NGMyZmEtZGY1NC00N2ZmLWE4Yzkt
YmZlMGNjYjc5ZmNjLzEvdWc0U1pPQjdOd2k4dWR0YUZPZk1rbkNHT1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82NGMyZmEtZGY1NC00N2ZmLWE4YzktYmZlMGNjYjc5ZmNj
LzEvdWc0U1pPQjdOd2k4dWR0YUZPZk1rbkNHT1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUC2IvV/5
G7vIY4HBO5wkCxoxsiJg3+TPSP0cLitvg3SRzMgvxa9fNwFNsfdc2ihYZzrQc22O
/x5DnBIxC/xs4DumX6jCRxL6f2PlJ/MH8zgfU7iNUv1fWOmCVuUlreL0NBppYo3U
ccppQ88zXYny+qk1ar0sc8lo4zKjNIs1A9EuSe0Cs5KQjwqxuJ9AyGt8hkUWh0Mm
7Lnq4hMwQE1XeLt7iuWh/erHfTIv7AJCpyqPvaqq7wS4LFdQ1dwDpEjFU1ge4XEH
kybytf7iHSxK6pjaCP0nGwmzeMThW3u4tfPWDJ6J5/tdtvtPfSEnUmn0RyukT9sV
NOM1/5feli/+Ew==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:27:47 2025 by rpki-client