Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: xEcfkDF6Hat+7F/LTvGgmXFc2F+6MEfNOZtsr6Ye8Vc=
Subject key identifier: DF:D2:FC:C8:B1:73:89:57:D3:C5:C9:AA:69:5F:79:E8:D5:FD:D8:DE
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 01964BFD4C08C809879EEEEBB3205C3D1943
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 14FA
Signing time: Sat 19 Apr 2025 03:00:13 +0000
Manifest this update: Sat 19 Apr 2025 03:00:13 +0000
Manifest next update: Sun 20 Apr 2025 03:00:13 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: 2aOFtZwnPQL+LQhtqbuOHfj/LiDG/gpYKuASUapmOWE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 03:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4b:fd:4c:08:c8:09:87:9e:ee:eb:b3:20:5c:3d:19:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Apr 19 03:00:13 2025 GMT
Not After : Apr 20 03:00:13 2025 GMT
Subject: CN=dfd2fcc8b1738957d3c5c9aa695f79e8d5fdd8de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6b:fd:10:ad:20:1e:a1:48:07:10:a8:83:1f:
47:74:b8:19:7f:13:45:d6:f9:25:11:03:93:97:7f:
bb:a9:b6:58:da:f1:c1:03:70:37:83:86:2f:5e:7b:
3d:ca:63:9b:08:38:ad:80:fd:59:0a:60:0a:cb:77:
d4:e8:f0:7a:f1:51:88:a6:15:31:87:08:86:13:87:
1d:cd:47:70:46:7b:be:d2:20:28:ce:b6:a5:6d:d7:
5c:b9:6c:97:2f:a7:ad:81:fb:3a:45:08:9d:04:68:
65:a3:3d:a5:52:24:39:5c:25:c9:97:1c:88:9f:c8:
83:89:ef:ee:84:fd:a5:f0:f5:69:13:58:e2:df:e0:
be:ae:8d:d6:ee:e1:d9:5a:b6:84:59:c1:b0:b4:d8:
b9:75:c2:2f:92:70:44:0e:d8:65:7f:b7:34:43:f6:
9c:b2:fb:bc:59:6a:bb:e8:6c:26:83:03:ed:73:61:
88:a9:26:38:77:21:7a:c9:79:57:69:7d:4f:ff:99:
bd:76:b2:02:0b:4b:3d:07:20:76:15:78:47:b0:90:
54:6f:be:0c:06:9e:66:20:96:23:2b:3f:95:32:3f:
d2:fd:32:ed:ba:c1:17:2e:53:7e:ae:09:4f:4a:0b:
e6:24:4f:4a:d6:87:85:22:65:3a:3f:72:58:a2:09:
ac:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D2:FC:C8:B1:73:89:57:D3:C5:C9:AA:69:5F:79:E8:D5:FD:D8:DE
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:bb:7c:ce:7c:55:4c:47:e8:61:28:28:1c:5e:b0:4e:04:b0:
af:1d:28:b0:17:92:5e:61:65:69:bb:29:d5:96:d1:8d:78:c3:
27:f8:4e:92:5b:e0:01:83:d1:eb:9e:2e:c4:95:cf:45:36:eb:
07:2d:83:ac:02:09:fb:a2:64:96:55:5b:b6:4e:05:53:9c:92:
ec:3d:b1:1c:5d:39:5d:cf:16:c5:18:c2:7c:a0:b4:2e:b3:9a:
a1:05:f4:8d:7f:33:e7:a7:b0:a5:d9:be:50:78:a5:ce:40:7c:
4b:02:ac:d3:29:97:92:0d:67:c3:52:96:ed:fd:df:21:df:fd:
ea:9e:b4:9c:0c:dd:50:a7:c5:2a:37:b6:d5:5e:48:2b:7c:1d:
94:fa:3f:1a:2e:42:43:a2:ff:36:ec:5e:05:a9:69:b8:46:af:
d1:7a:85:e0:38:bc:11:24:e8:92:3d:8f:0b:6d:f7:04:72:11:
5a:1f:e7:8b:0c:5f:9e:5d:e4:ca:88:57:3a:a4:59:c3:f4:27:
84:99:34:8c:56:20:5f:6c:fd:ad:b9:ca:b2:3a:e4:02:d0:0a:
3b:dc:db:64:66:55:42:af:37:18:96:c0:5e:59:9c:00:93:f6:
37:80:2b:7a:97:b7:7e:eb:5e:d9:0c:81:60:54:55:cc:2e:9e:
cc:9e:7e:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZL/UwIyAmHnu7rsyBcPRlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwNDE5MDMwMDEzWhcNMjUwNDIwMDMwMDEzWjAzMTEwLwYDVQQD
EyhkZmQyZmNjOGIxNzM4OTU3ZDNjNWM5YWE2OTVmNzllOGQ1ZmRkOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWv9EK0gHqFIBxCogx9HdLgZfxNF
1vklEQOTl3+7qbZY2vHBA3A3g4YvXns9ymObCDitgP1ZCmAKy3fU6PB68VGIphUx
hwiGE4cdzUdwRnu+0iAozralbddcuWyXL6etgfs6RQidBGhloz2lUiQ5XCXJlxyI
n8iDie/uhP2l8PVpE1ji3+C+ro3W7uHZWraEWcGwtNi5dcIvknBEDthlf7c0Q/ac
svu8WWq76GwmgwPtc2GIqSY4dyF6yXlXaX1P/5m9drICC0s9ByB2FXhHsJBUb74M
Bp5mIJYjKz+VMj/S/TLtusEXLlN+rglPSgvmJE9K1oeFImU6P3JYogmsVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/S/Mixc4lX08XJqmlfeejV/djeMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGrt8znxV
TEfoYSgoHF6wTgSwrx0osBeSXmFlabsp1ZbRjXjDJ/hOklvgAYPR654uxJXPRTbr
By2DrAIJ+6JkllVbtk4FU5yS7D2xHF05Xc8WxRjCfKC0LrOaoQX0jX8z56ewpdm+
UHilzkB8SwKs0ymXkg1nw1KW7f3fId/96p60nAzdUKfFKje21V5IK3wdlPo/Gi5C
Q6L/NuxeBalpuEav0XqF4Di8ESTokj2PC233BHIRWh/niwxfnl3kyohXOqRZw/Qn
hJk0jFYgX2z9rbnKsjrkAtAKO9zbZGZVQq83GJbAXlmcAJP2N4Arepe3fute2QyB
YFRVzC6ezJ5+XQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:05:55 2025 by rpki-client