Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: bY8XxtnfdKm1ICN3oyI52mclWIVvgySijbeDT6mzMkU=
Subject key identifier: AE:83:06:73:2D:06:CD:B6:99:4C:10:5C:6E:74:33:EF:2C:57:B2:12
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019613FD659C39FDFEA868E68785EC07DC4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 036C
Signing time: Tue 08 Apr 2025 06:01:35 +0000
Manifest this update: Tue 08 Apr 2025 06:01:35 +0000
Manifest next update: Wed 09 Apr 2025 06:01:35 +0000
Files and hashes: 1: EAD0diuoZK02qxxsVWWiclAVX5I.roa (hash: kzXgijoQ+OFnt0McFOmyH17ijOy9UUEek/dQbYMoKFU=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: uQE/AohMLmNl5tzQMOLQgoGu1JgVF8kd4mSIMXcD1JY=)
3: nyGLR8VZWMaY-kU1NUM_fc4iRjM.roa (hash: voylSjHlayiNYZNWUzC6whbKd8QLUjoGC1qGpaQazoM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:13:fd:65:9c:39:fd:fe:a8:68:e6:87:85:ec:07:dc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Apr 8 06:01:35 2025 GMT
Not After : Apr 9 06:01:35 2025 GMT
Subject: CN=ae8306732d06cdb6994c105c6e7433ef2c57b212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:ee:36:d7:4e:08:4e:8e:70:c8:23:17:00:
01:67:d2:db:95:49:4f:55:c0:cb:08:19:42:cb:f3:
1b:30:14:31:a3:da:da:c1:3c:b0:47:d2:13:3d:ee:
ad:31:a9:11:6c:7a:67:e7:03:6c:00:b1:64:dd:5c:
12:3b:03:86:df:62:49:62:90:43:76:cc:29:36:46:
e9:23:ed:e9:a4:54:0e:05:6e:d3:52:c9:a8:85:5d:
61:ba:55:ca:cd:a3:15:4b:08:88:91:13:2c:14:c6:
3e:53:98:6c:4f:9e:31:04:bf:d7:7a:20:5f:8f:d2:
f3:b2:89:94:f6:8a:45:ac:84:4e:9d:c6:90:f2:90:
4a:40:24:7d:2e:1b:5b:e0:bf:65:08:4a:f4:1d:2a:
cc:cd:8a:99:88:61:19:64:9d:0e:ab:7d:1b:f9:f6:
d5:da:73:85:8d:1e:dc:60:02:c1:20:6f:2d:c4:f8:
60:59:4f:6e:ff:0f:5f:84:ca:d9:17:0a:52:82:48:
43:85:ba:b2:43:9a:d8:13:4b:7f:5e:8f:6d:6f:53:
48:44:57:f0:31:35:d2:e1:3d:6a:48:82:69:ec:1d:
9c:9e:a5:9b:68:b4:b8:00:fc:62:64:16:27:6c:5c:
58:32:31:82:6f:83:af:71:3e:5b:35:19:c8:6e:2d:
d7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:83:06:73:2D:06:CD:B6:99:4C:10:5C:6E:74:33:EF:2C:57:B2:12
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:07:80:65:dd:b3:39:f3:92:92:1a:b4:e0:b3:56:e2:c1:e7:
a1:17:8f:de:55:f3:0a:88:71:21:31:74:df:a6:06:32:45:49:
15:51:f6:86:fc:b7:7b:3a:1b:6f:ea:31:ef:87:d9:3a:ad:f4:
37:64:30:b2:e2:38:9c:51:cf:e5:2d:66:e3:2f:f5:6f:ae:e6:
dd:85:fe:31:dd:73:02:07:4a:c0:20:1e:ba:55:f1:57:c1:fb:
b2:87:e2:d9:19:67:94:b7:bc:99:21:21:9b:83:b4:dc:06:dd:
f9:36:c7:c5:b2:61:38:16:11:f8:f3:6f:7b:89:e1:41:af:ce:
49:26:d6:f5:c0:03:f5:1a:a3:7b:c9:65:3e:ed:3f:19:ad:5d:
62:c9:1e:63:f2:8a:bd:56:e4:78:6e:7f:e3:31:51:7c:52:24:
3d:2d:80:8b:de:22:f3:b8:54:da:c2:e8:86:56:0a:5e:97:a2:
8b:ec:de:0e:27:1c:67:b6:6a:08:05:83:31:2d:f4:01:f2:3d:
9d:7f:61:11:1f:e7:e3:63:d5:84:3d:d1:fe:e6:7c:d9:69:6c:
76:26:21:bd:19:99:e0:46:bb:56:ec:e2:16:0c:3f:be:70:06:
be:5b:89:1e:a4:af:89:ca:6f:a6:c0:eb:45:00:c0:1b:1a:02:
7b:4b:a4:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYT/WWcOf3+qGjmh4XsB9xMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjUwNDA4MDYwMTM1WhcNMjUwNDA5MDYwMTM1WjAzMTEwLwYDVQQD
EyhhZTgzMDY3MzJkMDZjZGI2OTk0YzEwNWM2ZTc0MzNlZjJjNTdiMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidPuNtdOCE6OcMgjFwABZ9LblUlP
VcDLCBlCy/MbMBQxo9rawTywR9ITPe6tMakRbHpn5wNsALFk3VwSOwOG32JJYpBD
dswpNkbpI+3ppFQOBW7TUsmohV1hulXKzaMVSwiIkRMsFMY+U5hsT54xBL/XeiBf
j9LzsomU9opFrIROncaQ8pBKQCR9Lhtb4L9lCEr0HSrMzYqZiGEZZJ0Oq30b+fbV
2nOFjR7cYALBIG8txPhgWU9u/w9fhMrZFwpSgkhDhbqyQ5rYE0t/Xo9tb1NIRFfw
MTXS4T1qSIJp7B2cnqWbaLS4APxiZBYnbFxYMjGCb4OvcT5bNRnIbi3XuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6DBnMtBs22mUwQXG50M+8sV7ISMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATweAZd2z
OfOSkhq04LNW4sHnoReP3lXzCohxITF036YGMkVJFVH2hvy3ezobb+ox74fZOq30
N2QwsuI4nFHP5S1m4y/1b67m3YX+Md1zAgdKwCAeulXxV8H7sofi2RlnlLe8mSEh
m4O03Abd+TbHxbJhOBYR+PNve4nhQa/OSSbW9cAD9Rqje8llPu0/Ga1dYskeY/KK
vVbkeG5/4zFRfFIkPS2Ai94i87hU2sLohlYKXpeii+zeDiccZ7ZqCAWDMS30AfI9
nX9hER/n42PVhD3R/uZ82WlsdiYhvRmZ4Ea7VuziFgw/vnAGvluJHqSvicpvpsDr
RQDAGxoCe0uk4A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:28:21 2025 by rpki-client