Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
File: bd1AUuD8dlNjYcu9x3UId93zYK0.mft (raw, json)
Hash identifier: bxyHPr433Eitdkev0zDSCkPNcKHNn5oSUhYtB1DYzJg=
Subject key identifier: 3D:8B:C8:44:3A:E5:F9:03:6B:CC:3C:14:57:25:0E:8F:2E:04:FE:3A
Authority key identifier: 6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD
Certificate issuer: /CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
Certificate serial: 01963D9CE172F3A0896C8A0690586DC66116
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
Manifest number: 0E01
Signing time: Wed 16 Apr 2025 08:00:13 +0000
Manifest this update: Wed 16 Apr 2025 08:00:13 +0000
Manifest next update: Thu 17 Apr 2025 08:00:13 +0000
Files and hashes: 1: PBeiTxVVl13KulRPara1RXYVicA.roa (hash: RXsTBTBPcZfgBdF/8hAfnipircCVtF7KKV+ZAN7eFr0=)
2: bd1AUuD8dlNjYcu9x3UId93zYK0.crl (hash: y8TSFM/PEBYRCbPzqelQR6eJNPCg54AoLrh8L0U2A98=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:9c:e1:72:f3:a0:89:6c:8a:06:90:58:6d:c6:61:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
Validity
Not Before: Apr 16 08:00:13 2025 GMT
Not After : Apr 17 08:00:13 2025 GMT
Subject: CN=3d8bc8443ae5f9036bcc3c1457250e8f2e04fe3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:98:e8:7e:24:d9:d3:fa:cc:7b:84:9b:ff:99:
bc:3d:64:f1:11:a1:7c:49:66:ea:4c:b7:d7:71:0f:
04:b0:a2:8f:06:ec:4d:d3:73:f4:e3:c8:bf:11:7b:
76:e1:2c:4b:9b:86:b3:28:18:7e:25:d4:ab:b9:14:
4f:30:92:e6:6c:d2:17:a0:6b:b0:7f:9b:76:36:37:
ce:05:67:27:7b:c7:ed:42:02:47:1d:30:49:a8:ef:
08:ac:91:6a:d4:fb:db:98:db:1b:97:03:b3:5e:45:
5a:00:fe:39:48:e2:f9:18:fa:54:7f:43:d0:63:90:
a8:28:be:cb:f5:d5:ea:68:0d:4c:8c:d2:15:6c:8b:
dd:f3:30:1f:7c:38:3c:fe:1b:75:46:83:1f:85:0a:
64:be:1e:dc:d4:26:fc:34:26:61:ea:01:51:09:93:
29:dc:bf:d2:6c:77:77:e6:4c:fc:4c:5c:22:27:40:
d9:39:4b:38:ed:7f:9c:a1:eb:0a:fb:f8:69:85:58:
c1:31:e3:a2:b8:ac:63:4c:1e:ef:0d:d0:b7:b5:70:
20:8b:74:98:ac:34:a5:33:0f:77:37:01:20:e9:f2:
81:16:40:6e:5b:5c:72:f8:fa:fd:53:7b:9a:b7:1c:
77:ac:73:78:0c:92:7d:63:7b:38:e5:da:ed:c1:b1:
5e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:C8:44:3A:E5:F9:03:6B:CC:3C:14:57:25:0E:8F:2E:04:FE:3A
X509v3 Authority Key Identifier:
keyid:6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:9b:38:1d:58:b7:40:38:a0:85:41:5c:82:b4:15:d3:f7:55:
8f:d6:ef:d1:f6:83:3e:52:9f:23:5e:e5:a3:c9:ac:57:8a:4a:
69:e2:ad:b4:26:10:a8:54:77:57:b4:00:94:17:4f:3f:91:5b:
28:96:a5:d6:d9:c6:a3:29:76:59:4a:c3:a5:f5:e6:78:73:44:
09:21:cf:da:56:4b:ac:55:ba:1a:8c:14:be:a5:c7:c3:d2:53:
cd:6f:ad:4b:c0:bc:d5:75:d6:2a:1a:c2:a6:89:55:a1:ad:6e:
31:f9:40:c3:7c:85:17:78:e2:78:20:ff:4c:cb:d0:0d:58:b6:
79:91:4b:d7:a7:1e:6c:85:c6:b6:8b:55:5b:cc:54:20:9d:f8:
7d:31:13:ca:be:de:a4:ba:8f:d6:22:96:e8:4c:fc:24:a1:0e:
5d:a7:e2:3a:00:b0:ee:f6:e2:95:9a:14:a4:ae:6e:20:45:cc:
5d:a3:16:d1:f7:d6:3d:90:40:05:e6:6a:19:3e:6c:44:7f:be:
5a:3b:cd:b0:1d:5f:3a:ed:8b:67:9e:ee:a0:1e:65:5d:eb:9f:
e3:5c:f2:6e:59:f0:3f:05:ad:a1:fc:51:e0:e7:c1:86:14:01:
14:b0:ee:0f:df:d1:f6:04:67:7f:d0:92:d8:24:32:a7:34:e4:
e6:50:e5:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY9nOFy86CJbIoGkFhtxmEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ0MDUyZTBmYzc2NTM2MzYxY2JiZGM3NzUwODc3ZGRm
MzYwYWQwHhcNMjUwNDE2MDgwMDEzWhcNMjUwNDE3MDgwMDEzWjAzMTEwLwYDVQQD
EygzZDhiYzg0NDNhZTVmOTAzNmJjYzNjMTQ1NzI1MGU4ZjJlMDRmZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJjofiTZ0/rMe4Sb/5m8PWTxEaF8
SWbqTLfXcQ8EsKKPBuxN03P048i/EXt24SxLm4azKBh+JdSruRRPMJLmbNIXoGuw
f5t2NjfOBWcne8ftQgJHHTBJqO8IrJFq1PvbmNsblwOzXkVaAP45SOL5GPpUf0PQ
Y5CoKL7L9dXqaA1MjNIVbIvd8zAffDg8/ht1RoMfhQpkvh7c1Cb8NCZh6gFRCZMp
3L/SbHd35kz8TFwiJ0DZOUs47X+coesK+/hphVjBMeOiuKxjTB7vDdC3tXAgi3SY
rDSlMw93NwEg6fKBFkBuW1xy+Pr9U3uatxx3rHN4DJJ9Y3s45drtwbFeJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2LyEQ65fkDa8w8FFclDo8uBP46MB8GA1UdIwQY
MBaAFG3dQFLg/HZTY2HLvcd1CHfd82CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQt
YmE3YjFmMzc2OWUzLzEvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQtYmE3YjFmMzc2OWUz
LzEvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADJs4HVi3
QDighUFcgrQV0/dVj9bv0faDPlKfI17lo8msV4pKaeKttCYQqFR3V7QAlBdPP5Fb
KJal1tnGoyl2WUrDpfXmeHNECSHP2lZLrFW6GowUvqXHw9JTzW+tS8C81XXWKhrC
polVoa1uMflAw3yFF3jieCD/TMvQDVi2eZFL16cebIXGtotVW8xUIJ34fTETyr7e
pLqP1iKW6Ez8JKEOXafiOgCw7vbilZoUpK5uIEXMXaMW0ffWPZBABeZqGT5sRH++
WjvNsB1fOu2LZ57uoB5lXeuf41zyblnwPwWtofxR4OfBhhQBFLDuD9/R9gRnf9CS
2CQypzTk5lDl4Q==
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:54:08 2025 by rpki-client