Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
File: nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft (raw, json)
Hash identifier: MRndnkGANeLJAwKhqaSoa1vKZBjZQ+U24jHNJPVC7YI=
Subject key identifier: C5:48:DC:22:63:D5:7A:75:74:AE:87:9D:9B:AD:5A:73:54:5F:14:CB
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 01964FDACB7DDD095EDA665B4DA3AFD021FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
Manifest number: 14FD
Signing time: Sat 19 Apr 2025 21:01:01 +0000
Manifest this update: Sat 19 Apr 2025 21:01:01 +0000
Manifest next update: Sun 20 Apr 2025 21:01:01 +0000
Files and hashes: 1: CPqSq0ytAxDio98lkjeb_dYwRZ4.roa (hash: DBQ2P8ThG/7CNm8RF8WiO7psAqOGJ9hYf3OIiBNBEtw=)
2: nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl (hash: NTznKxo5TNm+QWo4kRQXKjL6FS+5kGOwI001NO2KgjE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 21:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4f:da:cb:7d:dd:09:5e:da:66:5b:4d:a3:af:d0:21:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Apr 19 21:01:01 2025 GMT
Not After : Apr 20 21:01:01 2025 GMT
Subject: CN=c548dc2263d57a7574ae879d9bad5a73545f14cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e7:92:95:15:e9:72:c8:9d:64:34:20:bd:a0:
d2:0e:b1:e1:29:62:3b:0f:fa:41:13:70:1f:60:38:
6c:e1:10:7a:2c:8e:fa:65:75:88:88:28:4e:f2:7e:
bd:ed:b1:ff:94:72:05:c8:3b:f2:6d:62:21:65:b2:
da:fa:4e:87:51:a5:d9:ec:63:7a:2f:9f:d6:d6:97:
80:4c:07:91:cb:25:e9:77:61:1d:83:13:a7:87:8c:
5b:f4:ad:9e:3d:11:0a:1a:74:00:1d:53:2f:ca:fe:
ff:6a:4e:87:c5:9f:2c:5d:02:bb:77:6d:6b:2c:94:
d2:ed:23:c4:ba:45:0e:14:b0:a7:68:90:ff:7f:e6:
e3:64:5e:2b:52:23:5a:24:8f:4d:8c:a1:64:a4:ce:
d2:5a:54:d8:48:09:11:76:e2:c3:a7:eb:f4:35:8b:
62:7c:81:23:3b:c6:fe:74:46:ca:da:d6:f4:23:22:
70:b0:39:b3:43:19:35:b1:5e:cb:eb:84:c8:ef:1c:
42:11:2c:42:be:64:46:a6:3c:6b:94:16:8a:c2:5d:
83:25:12:e2:8b:0b:c9:93:55:57:7b:f4:86:f8:dd:
83:b8:fc:29:08:ef:fe:4e:2b:48:a7:af:96:6a:8d:
4a:4f:89:ed:d0:5a:e3:55:be:87:24:70:ce:c1:38:
c5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:48:DC:22:63:D5:7A:75:74:AE:87:9D:9B:AD:5A:73:54:5F:14:CB
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:ad:ba:c3:cd:ff:fc:41:9f:e7:88:d3:49:30:93:c0:0a:3e:
d0:ac:fa:a2:c4:56:b2:46:4c:aa:62:ff:3d:f8:a3:41:b5:92:
7a:59:c8:2c:5c:e6:5e:cb:fc:c0:f2:dd:e9:8b:6c:59:c0:db:
77:0d:0b:51:e8:a4:65:c8:e2:c2:1f:a4:97:19:28:50:59:05:
cd:fe:43:04:0c:9b:c4:f1:d6:30:08:23:d4:4e:d3:73:b4:81:
2a:1b:4c:82:be:cb:71:ac:99:b0:af:4f:5f:f3:8a:e7:6b:f8:
39:60:67:d2:d2:79:bc:d8:4d:53:6f:83:c9:a4:f5:91:9d:65:
70:55:a9:bd:c5:b8:9c:58:ee:ae:69:c8:97:7b:b1:48:66:04:
1b:f1:dd:37:ea:df:e6:17:30:9a:95:72:b2:45:40:d0:9c:9b:
3b:3a:42:81:15:29:32:0d:1a:44:7c:2b:35:77:7b:7d:6c:02:
a6:2a:b6:6d:06:c4:f8:62:b8:18:2f:bf:1b:e0:9e:2e:02:9b:
2b:ee:57:07:ca:72:fd:48:6d:3b:80:1c:0c:8c:75:7c:f2:dc:
00:85:52:1c:da:7f:44:ac:e2:8b:5f:9f:cc:b4:cb:fa:4a:c6:
24:b6:24:78:ed:b8:a2:9c:e7:a7:f3:83:47:d5:65:53:08:2e:
f3:42:2d:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2st93Qle2mZbTaOv0CH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjUwNDE5MjEwMTAxWhcNMjUwNDIwMjEwMTAxWjAzMTEwLwYDVQQD
EyhjNTQ4ZGMyMjYzZDU3YTc1NzRhZTg3OWQ5YmFkNWE3MzU0NWYxNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeeSlRXpcsidZDQgvaDSDrHhKWI7
D/pBE3AfYDhs4RB6LI76ZXWIiChO8n697bH/lHIFyDvybWIhZbLa+k6HUaXZ7GN6
L5/W1peATAeRyyXpd2EdgxOnh4xb9K2ePREKGnQAHVMvyv7/ak6HxZ8sXQK7d21r
LJTS7SPEukUOFLCnaJD/f+bjZF4rUiNaJI9NjKFkpM7SWlTYSAkRduLDp+v0NYti
fIEjO8b+dEbK2tb0IyJwsDmzQxk1sV7L64TI7xxCESxCvmRGpjxrlBaKwl2DJRLi
iwvJk1VXe/SG+N2DuPwpCO/+TitIp6+Wao1KT4nt0FrjVb6HJHDOwTjFLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVI3CJj1Xp1dK6HnZutWnNUXxTLMB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPa26w83/
/EGf54jTSTCTwAo+0Kz6osRWskZMqmL/PfijQbWSelnILFzmXsv8wPLd6YtsWcDb
dw0LUeikZcjiwh+klxkoUFkFzf5DBAybxPHWMAgj1E7Tc7SBKhtMgr7LcayZsK9P
X/OK52v4OWBn0tJ5vNhNU2+DyaT1kZ1lcFWpvcW4nFjurmnIl3uxSGYEG/HdN+rf
5hcwmpVyskVA0JybOzpCgRUpMg0aRHwrNXd7fWwCpiq2bQbE+GK4GC+/G+CeLgKb
K+5XB8py/UhtO4AcDIx1fPLcAIVSHNp/RKzii1+fzLTL+krGJLYkeO24opznp/OD
R9VlUwgu80ItLw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:25:35 2025 by rpki-client