Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.mft
File: Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.mft (raw, json)
Hash identifier: omv3ykx9Jqz2u08R7aYaQUDo1FQn2QrWhvEuvxzCrho=
Subject key identifier: 37:ED:F9:AE:32:50:59:9E:6D:61:CD:9E:30:36:A3:A8:27:C8:9D:7A
Authority key identifier: 4A:1D:20:BE:77:E1:22:32:32:3C:14:22:FB:51:98:FE:A0:08:60:34
Certificate issuer: /CN=4a1d20be77e12232323c1422fb5198fea0086034
Certificate serial: 01960FE958A340E3AB818B95AA054625AF0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.mft
Manifest number: 14DA
Signing time: Mon 07 Apr 2025 11:01:12 +0000
Manifest this update: Mon 07 Apr 2025 11:01:12 +0000
Manifest next update: Tue 08 Apr 2025 11:01:12 +0000
Files and hashes: 1: Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.crl (hash: 6abIc88+ODckAB7mhEEfUWFoe71ndSzf53ehpkwU1CY=)
2: mN2qB1BO4S5r9HWkXJU36eJQAJo.roa (hash: CEQM9W3lMs7LPoWAqhYjN1IkeHCfM/C5tJypbGgHYt4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 11:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:e9:58:a3:40:e3:ab:81:8b:95:aa:05:46:25:af:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a1d20be77e12232323c1422fb5198fea0086034
Validity
Not Before: Apr 7 11:01:12 2025 GMT
Not After : Apr 8 11:01:12 2025 GMT
Subject: CN=37edf9ae3250599e6d61cd9e3036a3a827c89d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e3:4a:c8:ca:94:38:b0:53:78:f7:47:d9:84:
dd:e2:6a:43:17:b0:3d:eb:10:81:65:e1:a9:10:ab:
99:49:d7:c6:bc:14:f8:ab:54:d8:ac:4c:c6:7b:e1:
a0:9e:9c:d8:ab:92:8c:9d:53:9a:d2:11:70:19:e8:
cf:06:39:f6:5d:f0:38:d2:04:03:ea:e1:8b:cf:ef:
e0:32:13:4c:03:08:59:39:f6:35:3a:7d:f5:b3:4b:
41:7b:d5:a0:39:48:8d:7e:73:7e:78:97:5e:2c:c2:
25:ba:d5:c6:6a:28:14:d1:c4:4e:f4:80:51:a2:5b:
59:fc:f0:75:23:03:54:27:60:f1:08:91:c0:be:78:
62:ee:a4:bc:d1:60:7f:ff:17:65:52:93:3b:15:d6:
6a:92:6a:e0:b3:3f:fe:46:f8:56:ad:fb:c0:ce:8d:
75:04:43:a8:71:62:27:fe:2c:8e:8c:13:c0:2f:21:
d6:46:fe:49:08:4d:54:8e:7b:b3:b4:2b:77:0e:0c:
a9:57:c0:bf:0e:45:8b:ed:45:6c:c4:cb:d3:d6:c7:
73:fe:26:34:06:5f:ff:58:d9:a6:f4:0a:09:ee:0e:
52:b1:33:70:32:7a:ed:b6:19:13:37:2e:eb:b3:b8:
18:d1:79:32:30:0e:a7:02:ec:b9:42:ed:b6:28:8f:
17:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:ED:F9:AE:32:50:59:9E:6D:61:CD:9E:30:36:A3:A8:27:C8:9D:7A
X509v3 Authority Key Identifier:
keyid:4A:1D:20:BE:77:E1:22:32:32:3C:14:22:FB:51:98:FE:A0:08:60:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:f1:be:c3:6c:cf:81:48:fc:ef:e4:e6:1b:10:43:c2:21:80:
e6:e1:58:d4:f1:e3:3b:d4:3f:67:5e:cd:c7:ff:4b:0d:7e:a2:
a1:be:91:47:49:cc:07:54:07:86:d7:fa:5a:88:ae:3c:dd:0f:
c5:80:e3:31:e6:3a:ad:a5:f8:a0:51:b5:a9:88:fe:ca:ab:90:
79:8b:8f:f0:66:dc:c2:b7:c8:c8:8b:0e:db:ee:c3:ee:fa:b9:
e6:9f:71:b9:f6:98:ea:7f:97:3d:6a:c2:bd:83:cb:7f:f0:91:
cb:a5:63:79:6e:f2:d5:e6:dd:e0:dd:32:1f:48:64:99:1d:50:
b6:80:ea:cc:b7:c5:71:1b:f1:d8:ea:19:da:f2:75:63:75:00:
af:d8:a1:65:c7:0f:e6:7c:63:f7:2a:01:af:6b:0b:74:b6:af:
b5:a1:5b:2b:2e:e5:ea:eb:37:02:2e:9d:06:b2:d3:04:8e:d8:
42:df:cc:98:52:5b:9a:d2:04:a3:92:4c:23:15:f8:51:4d:9a:
37:a4:d2:43:63:45:23:d8:37:23:28:b7:dc:f6:69:47:3c:88:
fb:c2:69:f2:4a:59:98:64:ca:e3:c2:e9:50:19:6d:59:ed:c3:
0d:f8:33:1a:ce:8a:8b:f0:85:b2:b0:27:b2:fe:d8:ca:2a:d8:
42:cf:c1:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYP6VijQOOrgYuVqgVGJa8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMWQyMGJlNzdlMTIyMzIzMjNjMTQyMmZiNTE5OGZlYTAw
ODYwMzQwHhcNMjUwNDA3MTEwMTEyWhcNMjUwNDA4MTEwMTEyWjAzMTEwLwYDVQQD
EygzN2VkZjlhZTMyNTA1OTllNmQ2MWNkOWUzMDM2YTNhODI3Yzg5ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuNKyMqUOLBTePdH2YTd4mpDF7A9
6xCBZeGpEKuZSdfGvBT4q1TYrEzGe+GgnpzYq5KMnVOa0hFwGejPBjn2XfA40gQD
6uGLz+/gMhNMAwhZOfY1On31s0tBe9WgOUiNfnN+eJdeLMIlutXGaigU0cRO9IBR
oltZ/PB1IwNUJ2DxCJHAvnhi7qS80WB//xdlUpM7FdZqkmrgsz/+RvhWrfvAzo11
BEOocWIn/iyOjBPALyHWRv5JCE1UjnuztCt3DgypV8C/DkWL7UVsxMvT1sdz/iY0
Bl//WNmm9AoJ7g5SsTNwMnrtthkTNy7rs7gY0XkyMA6nAuy5Qu22KI8XAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDft+a4yUFmebWHNnjA2o6gnyJ16MB8GA1UdIwQY
MBaAFEodIL534SIyMjwUIvtRmP6gCGA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2gwZ3ZuZmhJakl5UEJRaS0xR1lfcUFJWURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82M2M5ZGItOGFiOS00YzFlLWFmMjct
ZWQyODg1MWVjYjc2LzEvU2gwZ3ZuZmhJakl5UEJRaS0xR1lfcUFJWURRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82M2M5ZGItOGFiOS00YzFlLWFmMjctZWQyODg1MWVjYjc2
LzEvU2gwZ3ZuZmhJakl5UEJRaS0xR1lfcUFJWURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/G+w2zP
gUj87+TmGxBDwiGA5uFY1PHjO9Q/Z17Nx/9LDX6iob6RR0nMB1QHhtf6WoiuPN0P
xYDjMeY6raX4oFG1qYj+yquQeYuP8GbcwrfIyIsO2+7D7vq55p9xufaY6n+XPWrC
vYPLf/CRy6VjeW7y1ebd4N0yH0hkmR1QtoDqzLfFcRvx2OoZ2vJ1Y3UAr9ihZccP
5nxj9yoBr2sLdLavtaFbKy7l6us3Ai6dBrLTBI7YQt/MmFJbmtIEo5JMIxX4UU2a
N6TSQ2NFI9g3Iyi33PZpRzyI+8Jp8kpZmGTK48LpUBltWe3DDfgzGs6Ki/CFsrAn
sv7YyirYQs/BPQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:07:46 2025 by rpki-client