Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
File: _KmLHQ7MzE9v8afn24S0uy9VsI0.mft (raw, json)
Hash identifier: oPzKiveWvAWR9Yqtrbd/+/Fay1T+gxbWwzN/2/rK/E8=
Subject key identifier: 14:EE:AE:7B:BF:5B:8E:16:6D:E7:C0:CF:21:00:D1:AC:E1:39:E0:26
Authority key identifier: FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
Certificate issuer: /CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Certificate serial: 019635E3A73666DA9284548EEF26D1006D00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
Manifest number: 14B3
Signing time: Mon 14 Apr 2025 20:00:33 +0000
Manifest this update: Mon 14 Apr 2025 20:00:33 +0000
Manifest next update: Tue 15 Apr 2025 20:00:33 +0000
Files and hashes: 1: MIfmeAoWN0nwDc_PxEMHlVixhH0.roa (hash: BGlglgWDBdgW/hvSdFfJEQ+q//PCVjKwrtXl1XRe9nc=)
2: _KmLHQ7MzE9v8afn24S0uy9VsI0.crl (hash: hctEJAFnVzpRGdudet1bYUzk4YTA5NfrjfCqc17Ow40=)
3: ok0D6AFy1nokMBW7AtTQbtvoy-Q.roa (hash: OI8j87WnUAa44hUR7Jr4hBgPSlGVFL5uAjQD5u8Uzmo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 19:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:35:e3:a7:36:66:da:92:84:54:8e:ef:26:d1:00:6d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Validity
Not Before: Apr 14 20:00:33 2025 GMT
Not After : Apr 15 20:00:33 2025 GMT
Subject: CN=14eeae7bbf5b8e166de7c0cf2100d1ace139e026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:42:37:43:5e:03:4b:be:92:4c:ca:78:8a:
68:a1:b2:79:13:88:be:2b:d1:92:e3:3c:c5:44:58:
e1:c7:7b:dd:6d:dd:da:9b:27:ee:92:a7:7e:b1:50:
3a:df:95:28:c1:32:c1:c7:02:2a:21:e2:25:26:f8:
21:1f:d0:37:bf:99:63:0a:fd:65:34:cc:57:fe:88:
27:c6:8e:8e:fb:b5:62:c4:83:ab:4b:64:f8:89:31:
0c:d1:ea:42:c7:f3:ec:f2:09:21:b2:64:79:b6:03:
eb:f9:bb:48:5b:96:03:8a:8c:f4:65:94:b3:f0:bb:
b3:a2:09:57:05:af:3c:01:fe:87:8c:22:54:d8:dc:
1a:e6:e0:38:42:4c:9f:53:a7:95:f9:a3:0f:03:1a:
1b:df:21:ac:6a:3f:0f:7f:f1:b6:db:cd:dd:ab:d6:
3c:54:1d:57:8f:d7:bf:f1:4b:d6:71:f1:02:70:18:
37:f1:19:8a:51:3d:f4:2e:36:f7:19:79:c6:db:dc:
ab:09:9f:53:f3:05:c2:7f:1a:62:71:6a:06:5e:96:
c2:6b:3f:55:1a:28:0e:66:45:18:60:4e:b8:81:94:
1a:33:af:e2:8e:a2:46:4e:a4:7f:5d:25:04:ae:b2:
27:3a:f1:12:06:7a:8f:68:11:51:9a:f0:9a:d0:ce:
13:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EE:AE:7B:BF:5B:8E:16:6D:E7:C0:CF:21:00:D1:AC:E1:39:E0:26
X509v3 Authority Key Identifier:
keyid:FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:91:c2:86:a1:f6:e9:ff:e5:95:76:58:82:3f:66:23:7f:18:
18:ab:ac:89:48:f4:1d:21:b2:53:b4:23:96:3b:25:b0:ec:b3:
20:01:74:d9:af:8d:b3:21:c6:74:74:2c:ca:06:c3:06:5b:c1:
4d:57:6f:26:59:8c:8f:5b:5e:6e:fa:22:2f:03:09:33:8d:35:
fe:74:35:6c:49:01:41:02:8a:f9:37:a0:c5:77:a9:28:ed:68:
d2:9f:57:ae:a4:02:40:92:f2:6a:7e:9c:c7:f0:37:a7:aa:7c:
21:fc:e2:df:66:51:f8:92:df:37:bd:eb:5c:44:1f:82:e1:97:
16:f3:63:3c:9e:b1:75:37:92:ba:52:e4:d9:0d:59:70:9d:1f:
cf:cd:65:60:c0:69:e1:76:16:48:c3:1f:52:df:95:0d:12:7d:
02:c4:cd:81:8f:63:3b:4f:8a:d3:20:91:a2:a3:39:50:9e:b7:
46:0a:bd:a6:6f:24:f2:31:27:b4:e4:2b:1d:41:f2:b6:ed:eb:
0b:8c:db:8a:6b:9b:04:9b:68:fd:98:37:9a:8d:8e:bf:3a:cf:
14:28:40:07:25:dd:70:72:43:26:d4:c4:a6:45:0f:c1:61:59:
f2:3c:f2:cc:c8:d8:5e:4b:9b:a6:63:f8:3c:63:38:20:1e:e1:
0a:c3:d8:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY146c2ZtqShFSO7ybRAG0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYTk4YjFkMGVjY2NjNGY2ZmYxYTdlN2RiODRiNGJiMmY1
NWIwOGQwHhcNMjUwNDE0MjAwMDMzWhcNMjUwNDE1MjAwMDMzWjAzMTEwLwYDVQQD
EygxNGVlYWU3YmJmNWI4ZTE2NmRlN2MwY2YyMTAwZDFhY2UxMzllMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneFCN0NeA0u+kkzKeIpoobJ5E4i+
K9GS4zzFRFjhx3vdbd3amyfukqd+sVA635UowTLBxwIqIeIlJvghH9A3v5ljCv1l
NMxX/ognxo6O+7VixIOrS2T4iTEM0epCx/Ps8gkhsmR5tgPr+btIW5YDioz0ZZSz
8LuzoglXBa88Af6HjCJU2Nwa5uA4QkyfU6eV+aMPAxob3yGsaj8Pf/G2283dq9Y8
VB1Xj9e/8UvWcfECcBg38RmKUT30Ljb3GXnG29yrCZ9T8wXCfxpicWoGXpbCaz9V
GigOZkUYYE64gZQaM6/ijqJGTqR/XSUErrInOvESBnqPaBFRmvCa0M4TYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTurnu/W44WbefAzyEA0azhOeAmMB8GA1UdIwQY
MBaAFPypix0OzMxPb/Gn59uEtLsvVbCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzIt
NThmMGYzMjVjMmI4LzEvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzItNThmMGYzMjVjMmI4
LzEvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsJHChqH2
6f/llXZYgj9mI38YGKusiUj0HSGyU7QjljslsOyzIAF02a+NsyHGdHQsygbDBlvB
TVdvJlmMj1tebvoiLwMJM401/nQ1bEkBQQKK+TegxXepKO1o0p9XrqQCQJLyan6c
x/A3p6p8Ifzi32ZR+JLfN73rXEQfguGXFvNjPJ6xdTeSulLk2Q1ZcJ0fz81lYMBp
4XYWSMMfUt+VDRJ9AsTNgY9jO0+K0yCRoqM5UJ63Rgq9pm8k8jEntOQrHUHytu3r
C4zbimubBJto/Zg3mo2OvzrPFChAByXdcHJDJtTEpkUPwWFZ8jzyzMjYXkubpmP4
PGM4IB7hCsPY7w==
-----END CERTIFICATE-----
Generated at Tue Apr 15 01:11:19 2025 by rpki-client