Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.mft
File: 8nptTTKDKDFyXEjbUYokAPGpJL0.mft (raw, json)
Hash identifier: +zyZvch63yPX1FrhxeZybeytlLJvfhM/jrhvNx4QF9Q=
Subject key identifier: 3A:D9:4B:C5:80:2E:56:E4:76:E3:7B:C9:02:D4:C9:18:13:5D:D0:D8
Authority key identifier: F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
Certificate issuer: /CN=f27a6d4d32832831725c48db518a2400f1a924bd
Certificate serial: 019611D7EAF2C26AE89CFF34E4C29BEFC0AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.mft
Manifest number: 13ED
Signing time: Mon 07 Apr 2025 20:01:25 +0000
Manifest this update: Mon 07 Apr 2025 20:01:25 +0000
Manifest next update: Tue 08 Apr 2025 20:01:25 +0000
Files and hashes: 1: 8nptTTKDKDFyXEjbUYokAPGpJL0.crl (hash: 9cLALJU+R975AtwhG+vqr3zHWVodVr9sRLAMEpJKpfk=)
2: m0jbiHxRktR_kE-i3D3woRX2ZsI.roa (hash: fSOohTJ+oYWg/YD/VykP7b8U7lIYd4B0MDv4mOCNuT8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:d7:ea:f2:c2:6a:e8:9c:ff:34:e4:c2:9b:ef:c0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27a6d4d32832831725c48db518a2400f1a924bd
Validity
Not Before: Apr 7 20:01:25 2025 GMT
Not After : Apr 8 20:01:25 2025 GMT
Subject: CN=3ad94bc5802e56e476e37bc902d4c918135dd0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:b9:0e:8b:37:eb:73:80:28:07:f6:69:4b:c0:
f9:24:89:8c:65:8a:9f:07:1a:a0:8d:45:52:52:7f:
96:08:44:cc:38:90:8a:99:b0:d4:6f:28:0f:8a:d0:
7c:2f:97:2f:50:9a:99:fe:3b:27:db:1a:fa:ba:84:
22:56:e8:87:09:d3:fb:44:23:06:b9:66:00:b6:c8:
f0:2f:e1:ca:29:89:75:cb:c1:ce:9d:f1:6c:0c:84:
85:f7:d9:23:7f:c5:63:36:01:31:dc:2f:04:2e:4c:
54:0a:20:da:00:23:da:cd:b9:73:d6:90:97:72:46:
0c:a5:50:2d:29:cf:f8:d8:ed:f1:78:cc:84:c8:43:
0b:f7:68:16:f0:e6:e0:36:50:08:00:54:83:e5:5f:
33:5d:a8:fb:e8:ba:9a:52:10:d3:c0:2c:8d:4e:ab:
c6:34:1b:4f:3d:c9:b6:08:07:7c:ca:97:1f:2e:4a:
84:bc:6f:46:61:c0:7d:b6:33:02:c8:89:2e:ef:1d:
26:d9:88:17:55:22:f9:3c:ac:e0:2b:85:64:e4:fe:
03:6e:05:46:1b:cb:4a:11:e4:c4:d8:30:e1:25:7d:
4b:ad:3e:0f:4c:37:de:5d:7f:88:79:64:b4:8d:58:
73:57:a7:71:8c:f8:88:fb:7b:53:dc:c4:b0:bc:0c:
82:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D9:4B:C5:80:2E:56:E4:76:E3:7B:C9:02:D4:C9:18:13:5D:D0:D8
X509v3 Authority Key Identifier:
keyid:F2:7A:6D:4D:32:83:28:31:72:5C:48:DB:51:8A:24:00:F1:A9:24:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nptTTKDKDFyXEjbUYokAPGpJL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/28f8ec-e577-4752-8685-1573ef6271eb/1/8nptTTKDKDFyXEjbUYokAPGpJL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:59:1b:34:ad:bc:dd:7f:d0:8b:51:f3:cc:d7:3a:5a:5f:9c:
03:b6:36:81:81:97:54:2d:58:b1:d4:14:89:03:cb:29:34:f9:
8f:85:1f:01:f3:83:24:6c:4c:e5:2b:73:e7:8c:54:6d:95:39:
b4:59:7a:d7:57:6c:f5:79:07:3b:aa:68:f4:3b:e5:48:f3:3e:
81:20:2b:9d:50:00:39:b6:c1:7b:77:47:5a:3d:e1:74:89:f0:
ee:d5:92:1e:5c:a0:a2:61:6d:1a:54:48:12:ce:7e:47:49:b7:
c5:73:9e:9f:1b:1a:31:01:12:1a:43:2c:e2:23:3b:1a:07:c3:
dc:aa:d7:89:9c:89:e1:75:e1:b0:4e:62:ec:fb:f8:f1:14:75:
49:b1:ba:09:4d:8d:26:c6:10:13:eb:f0:a8:bc:f4:a8:f4:64:
14:64:df:8e:01:7a:38:89:c4:f1:c4:cd:40:fb:fd:0c:f7:f7:
0f:18:39:b0:db:4a:20:06:c5:16:03:2a:07:74:c6:07:20:cb:
f1:bb:0e:87:6f:a6:2e:bc:35:df:29:5f:1a:c0:48:b1:f6:19:
a0:c8:d7:ff:ae:91:64:98:00:60:e9:fc:31:36:3b:a3:2e:52:
de:e0:c9:34:ef:62:00:25:8c:a7:67:40:4d:da:9f:73:e6:09:
d0:fd:c4:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYR1+rywmronP805MKb78CuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2E2ZDRkMzI4MzI4MzE3MjVjNDhkYjUxOGEyNDAwZjFh
OTI0YmQwHhcNMjUwNDA3MjAwMTI1WhcNMjUwNDA4MjAwMTI1WjAzMTEwLwYDVQQD
EygzYWQ5NGJjNTgwMmU1NmU0NzZlMzdiYzkwMmQ0YzkxODEzNWRkMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/LkOizfrc4AoB/ZpS8D5JImMZYqf
BxqgjUVSUn+WCETMOJCKmbDUbygPitB8L5cvUJqZ/jsn2xr6uoQiVuiHCdP7RCMG
uWYAtsjwL+HKKYl1y8HOnfFsDISF99kjf8VjNgEx3C8ELkxUCiDaACPazblz1pCX
ckYMpVAtKc/42O3xeMyEyEML92gW8ObgNlAIAFSD5V8zXaj76LqaUhDTwCyNTqvG
NBtPPcm2CAd8ypcfLkqEvG9GYcB9tjMCyIku7x0m2YgXVSL5PKzgK4Vk5P4DbgVG
G8tKEeTE2DDhJX1LrT4PTDfeXX+IeWS0jVhzV6dxjPiI+3tT3MSwvAyCZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrZS8WALlbkduN7yQLUyRgTXdDYMB8GA1UdIwQY
MBaAFPJ6bU0ygygxclxI21GKJADxqSS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUt
MTU3M2VmNjI3MWViLzEvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yOGY4ZWMtZTU3Ny00NzUyLTg2ODUtMTU3M2VmNjI3MWVi
LzEvOG5wdFRUS0RLREZ5WEVqYlVZb2tBUEdwSkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASVkbNK28
3X/Qi1HzzNc6Wl+cA7Y2gYGXVC1YsdQUiQPLKTT5j4UfAfODJGxM5Stz54xUbZU5
tFl611ds9XkHO6po9DvlSPM+gSArnVAAObbBe3dHWj3hdInw7tWSHlygomFtGlRI
Es5+R0m3xXOenxsaMQESGkMs4iM7GgfD3KrXiZyJ4XXhsE5i7Pv48RR1SbG6CU2N
JsYQE+vwqLz0qPRkFGTfjgF6OInE8cTNQPv9DPf3Dxg5sNtKIAbFFgMqB3TGByDL
8bsOh2+mLrw13ylfGsBIsfYZoMjX/66RZJgAYOn8MTY7oy5S3uDJNO9iACWMp2dA
Tdqfc+YJ0P3EBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:36:17 2025 by rpki-client