Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
File: D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft (raw, json)
Hash identifier: FCnEWfEC5k5t3pMrHxxnHjdQsJk6j0HS9B1sgOK+Lrs=
Subject key identifier: AC:88:BF:9F:A9:AB:E3:1B:78:2C:9D:EB:D0:06:CC:9F:A4:5E:41:51
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 01964E5A518C8BD740E4EF23FB0D6B9C79F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
Manifest number: 12D8
Signing time: Sat 19 Apr 2025 14:01:04 +0000
Manifest this update: Sat 19 Apr 2025 14:01:04 +0000
Manifest next update: Sun 20 Apr 2025 14:01:04 +0000
Files and hashes: 1: 5_kOrk9oP3_8LpHa04lopaDNoOs.roa (hash: taYYwA5WRT4de9qoNl6GeZp2wx5lTLgYK1KxyY9IZPk=)
2: D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl (hash: NUTDvAh3EwUgPmHMK7nVb8GGXD0U8n2oJUfUUs9sGAw=)
3: _MZl5mAk0VStSl6-Iutzl1XZEmc.roa (hash: GAxNehsNlSM4VBui+WLkl0ufFvlsHnC2diPLD2P3m8s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4e:5a:51:8c:8b:d7:40:e4:ef:23:fb:0d:6b:9c:79:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Apr 19 14:01:04 2025 GMT
Not After : Apr 20 14:01:04 2025 GMT
Subject: CN=ac88bf9fa9abe31b782c9debd006cc9fa45e4151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a4:7b:36:27:02:8f:00:c8:6a:5f:7b:4b:d3:
12:06:8e:33:d4:99:b9:2d:78:e0:a8:a5:4f:31:bb:
ba:a8:77:99:2a:8a:88:54:95:7d:32:94:ce:88:0c:
70:8b:0d:6e:d0:5a:16:dc:05:f5:94:1f:e3:14:b0:
6f:7f:af:e5:23:28:d8:f3:e7:26:9b:f6:66:b9:e9:
20:c6:f1:4e:11:e5:16:af:00:4c:f6:c6:cf:18:0c:
0a:eb:42:67:a2:5a:17:40:3c:1d:f4:32:78:46:47:
8f:1b:1f:56:d8:4b:60:00:11:9a:76:b2:96:f1:3d:
a9:ba:d5:d2:81:0d:3b:93:5a:a1:2e:dc:17:91:57:
89:ca:74:bb:14:c6:45:21:0c:00:d9:6a:17:94:3c:
22:bd:9b:c0:d6:4d:67:8a:9a:41:9c:56:b8:77:d2:
7e:98:a6:53:f3:d7:09:0d:35:56:43:79:86:6e:5a:
26:7b:23:9a:64:28:6d:f7:c1:af:81:b9:15:f2:d5:
01:9c:5c:0f:1d:f1:20:a1:77:22:23:b6:65:bf:34:
f9:f5:42:38:09:b4:29:fb:68:3c:83:2e:28:52:72:
a4:fe:d3:d1:b8:36:ab:e4:0f:ed:d5:f1:8c:d3:8f:
a0:87:ee:56:35:c7:28:46:88:ff:4d:12:22:36:18:
09:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:88:BF:9F:A9:AB:E3:1B:78:2C:9D:EB:D0:06:CC:9F:A4:5E:41:51
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:1e:a2:e3:0a:24:6d:f0:09:f0:38:b7:07:73:9e:2a:b6:52:
85:d5:4c:12:ec:5e:2d:4c:7f:c7:17:75:40:3c:6b:4f:d8:b5:
fd:91:b3:c8:3f:c0:4f:93:70:69:88:40:db:d7:3d:91:b8:cd:
62:f2:14:4d:95:81:0b:e1:23:55:b6:ed:f8:7d:ba:74:73:77:
9f:63:5d:45:cd:da:6d:dc:73:bb:2f:33:b0:ce:27:ec:b1:e9:
27:87:96:ac:2b:87:b5:6e:e3:68:59:53:d7:26:02:e4:2c:57:
34:2b:bc:78:ae:77:44:b9:da:6d:8e:25:fe:0d:36:17:43:7f:
8b:51:90:ba:96:ac:de:93:35:89:69:af:39:94:ca:3d:33:c8:
30:8d:44:84:fe:a5:c8:43:3a:a7:5e:b8:ed:ec:33:ea:ad:ed:
d4:72:a9:ec:06:cb:69:a2:1e:69:26:9e:b2:d3:b6:9a:0c:6a:
75:d9:ab:63:67:a5:1d:c3:2b:f6:f7:c0:0f:b8:15:57:93:67:
16:a9:27:d3:aa:36:fe:7b:54:63:73:17:1d:36:69:27:94:03:
1d:cd:6e:8c:a0:54:46:86:a7:a5:36:84:2e:bf:46:65:5b:dc:
91:d2:d3:5c:f7:b4:5b:eb:5f:de:b8:75:14:c6:40:d2:57:72:
cb:90:0d:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOWlGMi9dA5O8j+w1rnHn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjViZDIxYzY4MzIwN2RhMGMzOWZiMzc5ODUzNWFmNDll
MGJmZjUwHhcNMjUwNDE5MTQwMTA0WhcNMjUwNDIwMTQwMTA0WjAzMTEwLwYDVQQD
EyhhYzg4YmY5ZmE5YWJlMzFiNzgyYzlkZWJkMDA2Y2M5ZmE0NWU0MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqR7NicCjwDIal97S9MSBo4z1Jm5
LXjgqKVPMbu6qHeZKoqIVJV9MpTOiAxwiw1u0FoW3AX1lB/jFLBvf6/lIyjY8+cm
m/ZmuekgxvFOEeUWrwBM9sbPGAwK60JnoloXQDwd9DJ4RkePGx9W2EtgABGadrKW
8T2putXSgQ07k1qhLtwXkVeJynS7FMZFIQwA2WoXlDwivZvA1k1nippBnFa4d9J+
mKZT89cJDTVWQ3mGblomeyOaZCht98GvgbkV8tUBnFwPHfEgoXciI7ZlvzT59UI4
CbQp+2g8gy4oUnKk/tPRuDar5A/t1fGM04+gh+5WNccoRoj/TRIiNhgJKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyIv5+pq+MbeCyd69AGzJ+kXkFRMB8GA1UdIwQY
MBaAFA9lvSHGgyB9oMOfs3mFNa9J4L/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgt
ZTIzZjEwZTRiOTFjLzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgtZTIzZjEwZTRiOTFj
LzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAah6i4wok
bfAJ8Di3B3OeKrZShdVMEuxeLUx/xxd1QDxrT9i1/ZGzyD/AT5NwaYhA29c9kbjN
YvIUTZWBC+EjVbbt+H26dHN3n2NdRc3abdxzuy8zsM4n7LHpJ4eWrCuHtW7jaFlT
1yYC5CxXNCu8eK53RLnabY4l/g02F0N/i1GQupas3pM1iWmvOZTKPTPIMI1EhP6l
yEM6p1647ewz6q3t1HKp7AbLaaIeaSaestO2mgxqddmrY2elHcMr9vfAD7gVV5Nn
Fqkn06o2/ntUY3MXHTZpJ5QDHc1ujKBURoanpTaELr9GZVvckdLTXPe0W+tf3rh1
FMZA0ldyy5ANaQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:00:07 2025 by rpki-client