Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
File: p7He9pWIXq3lzMi0vioCuxYHnpw.mft (raw, json)
Hash identifier: eaZM+esonEBl7mVNcJtxjMXwfPXqbs/Yp8HUE/H3Y3Y=
Subject key identifier: F2:84:9B:BA:39:17:B8:08:75:BC:8F:29:5F:48:E0:61:2C:06:D4:C5
Authority key identifier: A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
Certificate issuer: /CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Certificate serial: 0196523728A911328750ECCEEF20C6B6D7A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
Manifest number: 074D
Signing time: Sun 20 Apr 2025 08:01:08 +0000
Manifest this update: Sun 20 Apr 2025 08:01:08 +0000
Manifest next update: Mon 21 Apr 2025 08:01:08 +0000
Files and hashes: 1: 2ZXONPsq8Wq-C73Y4ZOdG8CP47o.roa (hash: 23qtSB8U1yvtJIhVOx0ex1wgA9IS3rvYP3HTfvaa5cc=)
2: p7He9pWIXq3lzMi0vioCuxYHnpw.crl (hash: no/JIZHCTEyRFsHkcNNClrM/pXBCPorIct09/PgZ4oQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:37:28:a9:11:32:87:50:ec:ce:ef:20:c6:b6:d7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Validity
Not Before: Apr 20 08:01:08 2025 GMT
Not After : Apr 21 08:01:08 2025 GMT
Subject: CN=f2849bba3917b80875bc8f295f48e0612c06d4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:00:56:ce:e9:eb:ee:e8:cc:f7:8c:0d:28:a3:
91:c6:24:b0:80:cd:29:a5:60:f9:14:5d:60:d8:fc:
ee:90:26:7d:6f:86:0b:95:ac:bb:74:f3:5c:f1:d5:
15:41:0d:26:8e:52:1c:36:08:91:1a:5b:0a:28:97:
ea:92:c1:2e:fc:72:b2:1a:99:f1:6d:c8:99:3d:dc:
4d:b3:17:d2:3e:00:87:16:b4:f4:89:45:9b:78:cc:
0e:6d:9d:df:8b:d1:52:f4:a2:72:0d:6f:5e:c4:b5:
1f:39:6d:9d:82:eb:8c:f7:8f:af:02:45:12:7c:35:
c9:b3:44:f5:bb:38:33:bf:3a:35:91:1e:c1:48:6f:
26:5e:f7:cc:61:ee:13:c0:2d:4f:e5:7f:3d:fc:bf:
ed:1f:00:86:e3:96:72:b0:fd:53:9f:7e:f1:2b:64:
08:2c:a9:12:11:f9:28:1a:3a:17:f0:6d:17:ed:30:
34:27:e6:b1:88:4c:8e:1e:f2:9a:92:70:b9:a8:08:
55:ac:16:3e:b9:9f:d8:17:56:2c:5e:ea:20:32:6a:
f7:72:1f:f2:15:65:4d:86:e7:0f:9f:76:b7:26:00:
f2:73:f3:07:a5:44:cd:3c:e4:ed:96:fc:e6:36:8d:
d7:ea:b9:40:a9:c6:e1:d3:74:49:e2:69:5f:9b:59:
53:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:84:9B:BA:39:17:B8:08:75:BC:8F:29:5F:48:E0:61:2C:06:D4:C5
X509v3 Authority Key Identifier:
keyid:A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:8a:fd:2f:39:6e:b3:16:0f:e5:71:df:d8:e8:b3:42:dc:f9:
67:98:41:9b:e4:ec:95:b6:31:c6:b2:49:d5:0f:37:ce:7d:db:
fe:d2:08:65:c2:af:8c:c4:a7:36:bc:47:2a:ec:69:aa:54:44:
04:93:f8:1a:ba:b6:54:59:22:28:1e:c6:95:55:41:73:3c:f7:
da:ac:7a:50:92:8c:a2:b9:f0:aa:e8:44:07:5a:dd:aa:e7:70:
4b:b6:d6:9c:70:5f:4e:0f:47:28:12:62:76:30:75:13:27:09:
62:59:ce:0b:1a:ad:9a:38:bf:07:c0:7a:ca:9c:70:66:28:1c:
a9:6c:45:51:94:fe:f6:03:6f:df:29:a9:2e:16:46:0f:ff:19:
83:d2:4c:01:05:90:95:f6:7a:f5:06:e5:c2:cd:f0:2a:e4:68:
fd:f4:5d:4d:60:89:8c:02:d4:8d:ff:04:19:c0:c6:a6:04:11:
5f:a1:7f:1d:52:d6:9a:de:1a:70:9a:a8:46:18:fa:37:a1:06:
fe:8a:40:33:99:38:06:28:da:a1:3b:dc:85:de:fb:54:78:b3:
fc:9f:11:ac:91:ba:53:4a:a9:bf:cc:42:4e:0a:c2:9c:31:5a:
c9:07:76:ea:d0:c1:0f:3a:df:80:0d:58:f8:01:ba:fd:f5:05:
c9:e4:f3:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSNyipETKHUOzO7yDGttejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YjFkZWY2OTU4ODVlYWRlNWNjYzhiNGJlMmEwMmJiMTYw
NzllOWMwHhcNMjUwNDIwMDgwMTA4WhcNMjUwNDIxMDgwMTA4WjAzMTEwLwYDVQQD
EyhmMjg0OWJiYTM5MTdiODA4NzViYzhmMjk1ZjQ4ZTA2MTJjMDZkNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QBWzunr7ujM94wNKKORxiSwgM0p
pWD5FF1g2PzukCZ9b4YLlay7dPNc8dUVQQ0mjlIcNgiRGlsKKJfqksEu/HKyGpnx
bciZPdxNsxfSPgCHFrT0iUWbeMwObZ3fi9FS9KJyDW9exLUfOW2dguuM94+vAkUS
fDXJs0T1uzgzvzo1kR7BSG8mXvfMYe4TwC1P5X89/L/tHwCG45ZysP1Tn37xK2QI
LKkSEfkoGjoX8G0X7TA0J+axiEyOHvKaknC5qAhVrBY+uZ/YF1YsXuogMmr3ch/y
FWVNhucPn3a3JgDyc/MHpUTNPOTtlvzmNo3X6rlAqcbh03RJ4mlfm1lTDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKEm7o5F7gIdbyPKV9I4GEsBtTFMB8GA1UdIwQY
MBaAFKex3vaViF6t5czItL4qArsWB56cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ODhjYWUtNWY5Ni00ODc1LTg3MDEt
OTQ0ZWNlYzdhNDIzLzEvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ODhjYWUtNWY5Ni00ODc1LTg3MDEtOTQ0ZWNlYzdhNDIz
LzEvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXYr9Lzlu
sxYP5XHf2OizQtz5Z5hBm+TslbYxxrJJ1Q83zn3b/tIIZcKvjMSnNrxHKuxpqlRE
BJP4Grq2VFkiKB7GlVVBczz32qx6UJKMornwquhEB1rdqudwS7bWnHBfTg9HKBJi
djB1EycJYlnOCxqtmji/B8B6ypxwZigcqWxFUZT+9gNv3ympLhZGD/8Zg9JMAQWQ
lfZ69Qblws3wKuRo/fRdTWCJjALUjf8EGcDGpgQRX6F/HVLWmt4acJqoRhj6N6EG
/opAM5k4BijaoTvchd77VHiz/J8RrJG6U0qpv8xCTgrCnDFayQd26tDBDzrfgA1Y
+AG6/fUFyeTzZQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:16 2025 by rpki-client