Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
File: nSh1M866BkWhSM8QyMJ-qachoJ0.mft (raw, json)
Hash identifier: WgGOqQPSTKZd5fmhhx0VADR25iOXOKCZsIuYz9GDVuQ=
Subject key identifier: CD:F5:BB:FD:75:6D:A0:3F:D0:DB:92:69:D0:01:C9:65:84:02:66:05
Authority key identifier: 9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
Certificate issuer: /CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Certificate serial: 0196293B52D1D6AA5476E1D9EF0CC01A6DEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
Manifest number: 14E6
Signing time: Sat 12 Apr 2025 09:01:15 +0000
Manifest this update: Sat 12 Apr 2025 09:01:15 +0000
Manifest next update: Sun 13 Apr 2025 09:01:15 +0000
Files and hashes: 1: MEQtA-51-LVqFHEVZDRMjfjnudY.roa (hash: mP68hXGlyjMnNhpMDZaBlI/pFMVdjYCWoJ7Gpxv9o84=)
2: Re1CMq4a8GRTlVAhciRLdjmNzME.roa (hash: e1LlxuTfucQ1ynw/jUhK7unO/vlcuYPu64TBZ3UmBVk=)
3: nSh1M866BkWhSM8QyMJ-qachoJ0.crl (hash: L4e/Mub/2KoYa4jEQVE+6qJhSCUB/VhJJ4I9WIJuweg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 09:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:29:3b:52:d1:d6:aa:54:76:e1:d9:ef:0c:c0:1a:6d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d287533ceba0645a148cf10c8c27ea9a721a09d
Validity
Not Before: Apr 12 09:01:15 2025 GMT
Not After : Apr 13 09:01:15 2025 GMT
Subject: CN=cdf5bbfd756da03fd0db9269d001c96584026605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a1:84:34:cf:4f:58:8d:0b:e4:0b:2c:13:57:
4f:e9:b6:ce:f0:40:68:43:b5:57:11:63:fe:d8:a4:
56:55:0c:7c:88:41:bd:8e:05:33:60:53:73:3f:66:
da:fb:47:75:8a:b6:2d:cb:38:48:23:76:77:66:f1:
0e:c8:b9:a5:0b:cb:4b:da:8f:dc:3a:b6:2e:ce:bd:
d2:2d:4b:4a:24:88:8c:1c:23:df:4d:86:2b:a3:bc:
4e:61:e8:3e:43:1f:6a:49:fb:f4:83:f2:0a:7d:ae:
c1:16:3b:58:c9:8c:cc:8a:c5:67:9e:72:b6:f1:54:
6f:19:c0:3e:b7:cd:b8:ef:92:8e:09:f0:12:0f:2c:
e5:bc:75:f5:23:c2:fa:f2:4b:d8:6a:d6:9b:20:ca:
d4:84:3c:0b:18:41:fd:2f:75:f1:ed:cf:77:95:15:
a9:2c:ae:4f:56:65:90:58:43:d1:f6:5a:5f:c3:e9:
c9:67:3a:34:14:96:a0:32:f4:a7:58:ed:96:cb:f6:
de:2b:ba:c7:8b:c1:70:34:72:48:30:0b:bf:8a:ef:
08:da:e6:e0:8e:15:d2:f1:db:7c:c2:4a:1f:86:fa:
bd:46:ae:26:09:3e:e2:c5:25:67:f1:16:d2:0e:2c:
d7:47:4f:84:7f:3a:f5:3f:2d:93:77:bb:de:f7:f7:
8f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F5:BB:FD:75:6D:A0:3F:D0:DB:92:69:D0:01:C9:65:84:02:66:05
X509v3 Authority Key Identifier:
keyid:9D:28:75:33:CE:BA:06:45:A1:48:CF:10:C8:C2:7E:A9:A7:21:A0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSh1M866BkWhSM8QyMJ-qachoJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8a6692-f646-49f0-8821-0212b3eae97c/1/nSh1M866BkWhSM8QyMJ-qachoJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:e8:d1:e0:07:a5:f9:4b:1b:66:32:2b:d8:e8:83:90:2a:09:
71:88:c8:1a:bd:c8:b5:1f:96:78:f5:62:44:6e:69:5e:95:63:
ee:a3:78:52:39:f4:97:6b:5a:cc:47:98:36:2e:25:c3:28:8d:
3d:fb:88:06:45:d1:6d:96:2c:71:bb:6f:ca:c9:6a:f7:b0:7b:
33:1f:11:71:7b:39:58:e3:89:44:cb:5d:23:e5:2f:98:aa:45:
98:ee:75:d1:a0:3d:e5:82:bc:e3:df:e6:91:5a:3b:78:31:c3:
37:a9:78:44:52:fe:18:e8:15:05:93:42:17:0e:70:54:db:6d:
11:ba:ff:e6:1a:29:90:e8:c5:a0:dd:a9:0f:0f:ac:c3:ba:26:
e1:be:e0:3e:4b:3f:9b:04:1a:5b:dc:39:1d:79:be:75:bd:0f:
62:ea:46:47:a7:39:79:7f:80:69:04:f5:be:ac:bb:d0:1b:4a:
03:2a:e0:8c:10:b0:29:54:90:9d:c9:62:f6:5f:1e:20:d6:dc:
fd:38:07:49:a8:e8:d3:53:70:38:f8:ec:47:35:e2:cb:8f:d3:
1f:79:aa:8d:65:02:0e:fd:0c:ee:67:83:87:3a:10:69:d4:aa:
52:e4:75:d9:41:b1:34:aa:c2:e6:19:86:e5:1f:9f:ab:6e:2f:
19:9f:d4:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYpO1LR1qpUduHZ7wzAGm3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjg3NTMzY2ViYTA2NDVhMTQ4Y2YxMGM4YzI3ZWE5YTcy
MWEwOWQwHhcNMjUwNDEyMDkwMTE1WhcNMjUwNDEzMDkwMTE1WjAzMTEwLwYDVQQD
EyhjZGY1YmJmZDc1NmRhMDNmZDBkYjkyNjlkMDAxYzk2NTg0MDI2NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKGENM9PWI0L5AssE1dP6bbO8EBo
Q7VXEWP+2KRWVQx8iEG9jgUzYFNzP2ba+0d1irYtyzhII3Z3ZvEOyLmlC8tL2o/c
OrYuzr3SLUtKJIiMHCPfTYYro7xOYeg+Qx9qSfv0g/IKfa7BFjtYyYzMisVnnnK2
8VRvGcA+t82475KOCfASDyzlvHX1I8L68kvYatabIMrUhDwLGEH9L3Xx7c93lRWp
LK5PVmWQWEPR9lpfw+nJZzo0FJagMvSnWO2Wy/beK7rHi8FwNHJIMAu/iu8I2ubg
jhXS8dt8wkofhvq9Rq4mCT7ixSVn8RbSDizXR0+Efzr1Py2Td7ve9/ePCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM31u/11baA/0NuSadAByWWEAmYFMB8GA1UdIwQY
MBaAFJ0odTPOugZFoUjPEMjCfqmnIaCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEt
MDIxMmIzZWFlOTdjLzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84YTY2OTItZjY0Ni00OWYwLTg4MjEtMDIxMmIzZWFlOTdj
LzEvblNoMU04NjZCa1doU004UXlNSi1xYWNob0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOjR4Ael
+UsbZjIr2OiDkCoJcYjIGr3ItR+WePViRG5pXpVj7qN4Ujn0l2tazEeYNi4lwyiN
PfuIBkXRbZYscbtvyslq97B7Mx8RcXs5WOOJRMtdI+UvmKpFmO510aA95YK849/m
kVo7eDHDN6l4RFL+GOgVBZNCFw5wVNttEbr/5hopkOjFoN2pDw+sw7om4b7gPks/
mwQaW9w5HXm+db0PYupGR6c5eX+AaQT1vqy70BtKAyrgjBCwKVSQncli9l8eINbc
/TgHSajo01NwOPjsRzXiy4/TH3mqjWUCDv0M7meDhzoQadSqUuR12UGxNKrC5hmG
5R+fq24vGZ/UoQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:34:33 2025 by rpki-client