Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
File: aFeXIsOgywwzUcWV36PX6tgfFr8.mft (raw, json)
Hash identifier: fOMDfXELPpKwT8oeorNKyURpPTfcrulntkJ9L4awr/0=
Subject key identifier: B5:B4:38:58:A0:9E:B2:20:D3:F5:EF:F4:4C:F0:42:8B:77:ED:E4:48
Authority key identifier: 68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
Certificate issuer: /CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Certificate serial: 019655DD383E192362C92BB7C5760A97F886
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
Manifest number: 1504
Signing time: Mon 21 Apr 2025 01:01:23 +0000
Manifest this update: Mon 21 Apr 2025 01:01:23 +0000
Manifest next update: Tue 22 Apr 2025 01:01:23 +0000
Files and hashes: 1: 5kpPrp0PsQaLwN-0f4M5ORyJaIo.roa (hash: sRLtBcmB7NMgyGt87xrsnTDd/kvjgxEDyhMytt8u1mY=)
2: aFeXIsOgywwzUcWV36PX6tgfFr8.crl (hash: QVT9ypskylIOv945bwU4ThHIC7HLPCxeTPvtbzIyO2Q=)
3: gAJowYToxXMF7RF5vvsMOYJumzQ.roa (hash: YtzVb80baHUBbI1OM11pUhHuNDyKujzR+uDb+twlqdI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:dd:38:3e:19:23:62:c9:2b:b7:c5:76:0a:97:f8:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Validity
Not Before: Apr 21 01:01:23 2025 GMT
Not After : Apr 22 01:01:23 2025 GMT
Subject: CN=b5b43858a09eb220d3f5eff44cf0428b77ede448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:65:1a:10:09:2b:e0:67:e3:3e:83:68:d1:09:
c7:2f:78:9b:eb:3e:b3:33:e8:e3:0c:24:11:75:30:
46:4e:9b:88:64:cd:2f:62:f4:6b:89:eb:13:fe:07:
17:29:ae:d5:9c:35:41:72:d1:15:9c:9f:60:3c:e2:
8c:63:bf:54:7c:31:d1:86:47:63:1b:5f:8d:24:f2:
e2:42:21:22:ff:1a:57:ef:8b:a1:13:d8:84:48:d9:
66:4c:0b:68:fc:eb:be:81:6b:34:e4:a2:3c:bc:84:
88:97:17:82:01:0b:87:62:7b:a5:33:2f:36:a0:97:
6c:dd:3f:34:9c:f4:55:2a:43:13:70:b7:bb:5b:82:
43:e4:36:35:84:ae:86:6f:0e:20:67:12:13:ed:4a:
f3:4f:cd:3f:b1:77:1b:96:71:38:83:0e:4f:fb:61:
6c:97:7b:ea:a8:73:1b:c7:5f:00:d3:7a:7e:ec:dc:
9e:25:0b:a3:1d:a3:26:78:15:51:34:41:10:65:d4:
0f:ee:a3:69:78:7a:2d:a6:d1:6e:53:3d:59:4e:ca:
80:0b:43:d7:b0:55:7f:59:d9:83:8e:3f:ed:75:0f:
3f:6d:7d:8c:df:72:85:12:a0:b7:3e:3f:10:63:c3:
29:49:bf:cf:28:4f:63:74:c1:ed:bd:99:e0:e1:f4:
a8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B4:38:58:A0:9E:B2:20:D3:F5:EF:F4:4C:F0:42:8B:77:ED:E4:48
X509v3 Authority Key Identifier:
keyid:68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:21:50:06:9d:65:22:00:f4:87:0a:1e:37:24:ad:82:a1:5a:
84:04:34:a0:7c:7a:5d:18:01:9d:e5:e0:32:f6:4b:9b:d7:e8:
35:2b:c6:d6:7d:b1:5f:98:95:f7:b0:41:90:6d:d2:ea:40:a7:
03:cf:33:83:5d:fa:4a:d3:ad:23:b8:05:c2:13:70:83:40:2c:
ee:98:10:4b:c8:f4:e0:8e:49:66:c9:39:4f:28:f4:30:08:a9:
17:71:ca:56:63:2b:cd:c9:1b:62:df:65:97:22:77:80:da:9d:
74:72:68:b2:de:7e:f0:76:df:bc:cc:71:02:9c:bf:f5:19:b0:
2b:d9:61:1a:81:28:51:ef:bd:5f:d8:7e:fe:18:be:60:27:d5:
2f:1e:45:ed:3f:ae:bc:a8:30:b6:fc:d4:dd:f0:c0:74:c5:4a:
4e:61:d4:b1:ee:e3:9a:b9:71:76:22:c1:ae:c9:89:01:49:23:
72:d6:5d:09:33:d7:5c:a1:73:8d:11:21:d3:76:61:f8:76:bf:
92:b5:a7:f0:e8:bd:e4:dc:d1:0d:80:e3:79:f8:71:cc:e1:7b:
35:9a:2e:a2:53:6d:18:8f:29:56:90:cd:2e:b8:5f:f3:a8:34:
8b:77:49:be:d3:f1:8f:99:2f:26:de:f5:1c:68:5c:e7:81:0e:
00:42:2c:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3Tg+GSNiySu3xXYKl/iGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTc5NzIyYzNhMGNiMGMzMzUxYzU5NWRmYTNkN2VhZDgx
ZjE2YmYwHhcNMjUwNDIxMDEwMTIzWhcNMjUwNDIyMDEwMTIzWjAzMTEwLwYDVQQD
EyhiNWI0Mzg1OGEwOWViMjIwZDNmNWVmZjQ0Y2YwNDI4Yjc3ZWRlNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mUaEAkr4GfjPoNo0QnHL3ib6z6z
M+jjDCQRdTBGTpuIZM0vYvRriesT/gcXKa7VnDVBctEVnJ9gPOKMY79UfDHRhkdj
G1+NJPLiQiEi/xpX74uhE9iESNlmTAto/Ou+gWs05KI8vISIlxeCAQuHYnulMy82
oJds3T80nPRVKkMTcLe7W4JD5DY1hK6Gbw4gZxIT7UrzT80/sXcblnE4gw5P+2Fs
l3vqqHMbx18A03p+7NyeJQujHaMmeBVRNEEQZdQP7qNpeHotptFuUz1ZTsqAC0PX
sFV/WdmDjj/tdQ8/bX2M33KFEqC3Pj8QY8MpSb/PKE9jdMHtvZng4fSo+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLW0OFignrIg0/Xv9EzwQot37eRIMB8GA1UdIwQY
MBaAFGhXlyLDoMsMM1HFld+j1+rYHxa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgt
OWY1NTk3YjU2Yjc2LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgtOWY1NTk3YjU2Yjc2
LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArSFQBp1l
IgD0hwoeNyStgqFahAQ0oHx6XRgBneXgMvZLm9foNSvG1n2xX5iV97BBkG3S6kCn
A88zg136StOtI7gFwhNwg0As7pgQS8j04I5JZsk5Tyj0MAipF3HKVmMrzckbYt9l
lyJ3gNqddHJost5+8HbfvMxxApy/9RmwK9lhGoEoUe+9X9h+/hi+YCfVLx5F7T+u
vKgwtvzU3fDAdMVKTmHUse7jmrlxdiLBrsmJAUkjctZdCTPXXKFzjREh03Zh+Ha/
krWn8Oi95NzRDYDjefhxzOF7NZouolNtGI8pVpDNLrhf86g0i3dJvtPxj5kvJt71
HGhc54EOAEIsRA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:27:47 2025 by rpki-client