Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: tMsm4wiaiVbUAukxqWGfQ/FGoQxUGG2PvCS3cXQrWOo=
Subject key identifier: 03:F7:59:1D:6F:12:DE:B1:2C:07:08:9F:81:4D:3D:50:C5:AE:C3:36
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 0196515AE914B831A0E5D3E225AAEA956C05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 1500
Signing time: Sun 20 Apr 2025 04:00:34 +0000
Manifest this update: Sun 20 Apr 2025 04:00:34 +0000
Manifest next update: Mon 21 Apr 2025 04:00:34 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: uSLQELoZP6YwTgJPA1+v8DNDqs3Yzo2u6x5RLL45Ilw=)
2: lr5jbDjaqu0iW63nm_TgYe8r0I0.roa (hash: T3EVn+q8uKMPho7QfZp0crU+xrdxlEjJ2MkqJEKn8k4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 04:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:5a:e9:14:b8:31:a0:e5:d3:e2:25:aa:ea:95:6c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Apr 20 04:00:34 2025 GMT
Not After : Apr 21 04:00:34 2025 GMT
Subject: CN=03f7591d6f12deb12c07089f814d3d50c5aec336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a4:6f:bc:1e:df:65:24:87:0c:07:2b:7f:38:
63:57:23:a8:95:b4:c2:26:29:a0:c0:16:3c:e9:3f:
b6:2f:80:64:a6:23:ce:cf:54:13:66:42:87:42:61:
f8:e2:40:7a:6d:5a:54:38:a0:f6:b6:78:12:a5:49:
a6:cd:86:4f:59:1f:ce:3e:2f:ab:7e:db:fd:0f:a5:
8f:88:79:3d:84:3f:c2:4b:8e:b8:3d:5a:c5:8b:c4:
3f:22:ff:56:a0:56:3a:34:d0:84:fb:3e:fe:9e:2d:
a8:7a:58:b7:53:cc:1b:2b:ee:e0:e4:de:e4:74:8a:
20:4e:de:cc:41:e7:4f:e3:7f:af:22:f6:7a:f3:d5:
0e:8f:4f:32:46:f6:91:e7:10:2f:f7:6a:ba:63:36:
a9:80:3e:0b:dc:ee:fe:0d:9f:77:74:dd:8b:8e:ff:
63:76:08:ce:45:31:30:57:7c:54:fe:85:e6:f0:4e:
31:8d:79:eb:ec:34:85:3c:ea:c7:ba:6c:bf:4f:69:
e2:ed:44:a7:28:12:1c:e2:9d:4d:72:1a:dd:c5:87:
19:3f:6e:c5:e7:31:e5:a8:15:39:81:4a:bc:1a:d0:
db:8f:cb:b2:01:72:2d:f4:b9:4d:f5:72:21:00:91:
46:3e:5b:f9:f2:1a:61:9e:94:75:84:c6:cf:c7:78:
60:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F7:59:1D:6F:12:DE:B1:2C:07:08:9F:81:4D:3D:50:C5:AE:C3:36
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:b1:d9:ff:01:63:4f:8b:fd:42:f3:7c:38:02:7f:3e:1c:47:
6e:62:ad:f5:d9:71:bd:5f:a4:97:a4:da:53:2b:16:5a:90:35:
8a:87:18:e5:27:e9:df:f0:8e:5e:bd:be:c4:82:e7:87:6d:80:
64:a2:a3:95:52:84:83:be:98:82:6c:11:79:d7:b7:98:eb:db:
d8:6f:2f:3b:af:b0:67:fc:f2:5b:f4:06:a9:d3:8f:d7:43:86:
09:99:ab:0c:e8:d2:63:5c:44:c4:86:05:9c:55:2e:0c:69:45:
7d:ef:e8:6f:1e:42:8b:f3:50:67:bb:cb:c3:3c:e0:e1:0e:ca:
3a:ce:47:cb:8e:0b:5d:f8:c5:bd:92:57:e2:e3:83:03:ec:dd:
49:3b:c7:77:0c:ac:66:f3:6d:9b:c2:c1:fd:19:5e:e8:14:7d:
8d:a7:23:db:1b:c9:6f:3c:45:0f:e6:cb:83:d3:2e:4b:52:ea:
32:67:40:ec:8c:1c:8b:b4:0d:b9:77:60:6d:69:42:f9:cf:8f:
cd:4e:a8:35:af:f5:0d:11:66:cc:0b:c0:3b:de:12:8e:21:f5:
55:07:0b:f2:3f:cb:99:69:6a:c5:00:2c:23:e5:7c:81:a4:27:
a8:28:a6:5b:2d:b4:ea:39:a9:63:b3:fc:31:f9:67:3e:90:db:
8b:30:47:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWukUuDGg5dPiJarqlWwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjUwNDIwMDQwMDM0WhcNMjUwNDIxMDQwMDM0WjAzMTEwLwYDVQQD
EygwM2Y3NTkxZDZmMTJkZWIxMmMwNzA4OWY4MTRkM2Q1MGM1YWVjMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6RvvB7fZSSHDAcrfzhjVyOolbTC
JimgwBY86T+2L4BkpiPOz1QTZkKHQmH44kB6bVpUOKD2tngSpUmmzYZPWR/OPi+r
ftv9D6WPiHk9hD/CS464PVrFi8Q/Iv9WoFY6NNCE+z7+ni2oeli3U8wbK+7g5N7k
dIogTt7MQedP43+vIvZ689UOj08yRvaR5xAv92q6YzapgD4L3O7+DZ93dN2Ljv9j
dgjORTEwV3xU/oXm8E4xjXnr7DSFPOrHumy/T2ni7USnKBIc4p1NchrdxYcZP27F
5zHlqBU5gUq8GtDbj8uyAXIt9LlN9XIhAJFGPlv58hphnpR1hMbPx3hgdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAP3WR1vEt6xLAcIn4FNPVDFrsM2MB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAerHZ/wFj
T4v9QvN8OAJ/PhxHbmKt9dlxvV+kl6TaUysWWpA1iocY5Sfp3/COXr2+xILnh22A
ZKKjlVKEg76YgmwRede3mOvb2G8vO6+wZ/zyW/QGqdOP10OGCZmrDOjSY1xExIYF
nFUuDGlFfe/obx5Ci/NQZ7vLwzzg4Q7KOs5Hy44LXfjFvZJX4uODA+zdSTvHdwys
ZvNtm8LB/Rle6BR9jacj2xvJbzxFD+bLg9MuS1LqMmdA7Iwci7QNuXdgbWlC+c+P
zU6oNa/1DRFmzAvAO94SjiH1VQcL8j/LmWlqxQAsI+V8gaQnqCimWy206jmpY7P8
MflnPpDbizBHzw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:19:03 2025 by rpki-client