Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
File: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json)
Hash identifier: /MJaQbCDlU2jiu9vv6ERUI11HeM4EvbAOxH3Sjgy1nA=
Subject key identifier: 3A:15:67:A4:14:4D:04:2A:D8:6B:87:55:C3:31:F7:D2:16:66:AE:54
Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Certificate serial: 01964EC7DC0BDFAC4CF798D7BA9F3750A213
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
Manifest number: 0A7D
Signing time: Sat 19 Apr 2025 16:00:42 +0000
Manifest this update: Sat 19 Apr 2025 16:00:42 +0000
Manifest next update: Sun 20 Apr 2025 16:00:42 +0000
Files and hashes: 1: E8EItKN2__9iKd7VUUHBehRVQCo.roa (hash: mIn23TrAWNsxopm3nGDSwuz19rtPaaB79Dzo0Qrhuqk=)
2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: TAMbOvtFgBK/EDduxiG1F/CRA1hCdaP4XlK0ZLTr0Ew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4e:c7:dc:0b:df:ac:4c:f7:98:d7:ba:9f:37:50:a2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Validity
Not Before: Apr 19 16:00:42 2025 GMT
Not After : Apr 20 16:00:42 2025 GMT
Subject: CN=3a1567a4144d042ad86b8755c331f7d21666ae54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e9:06:85:af:93:ac:c4:72:8d:d1:01:cc:b6:
b1:a3:d7:f2:ee:48:91:88:ee:3c:ff:37:1d:c1:55:
f4:c9:ca:51:f0:4a:0e:ed:6e:20:c6:c2:64:e5:ae:
22:f2:dc:36:0a:18:54:4b:47:2c:23:b4:80:47:62:
3b:5e:f9:be:d4:67:1b:60:f6:9f:a8:6d:1d:94:2f:
e1:8f:a2:bf:c2:06:30:3b:5f:2c:9b:f3:10:49:d5:
5e:fe:cf:dc:f9:95:4b:6e:6f:f2:cb:11:96:24:44:
df:d5:2e:b2:a2:95:c0:9a:1a:37:f6:ec:92:66:05:
5c:bf:18:bf:db:a7:49:4b:bf:84:c9:84:a7:26:99:
7e:55:b6:0d:58:e7:ea:58:be:28:23:a7:25:54:4f:
7d:7d:89:04:03:45:e2:df:6c:69:45:30:cf:bf:6b:
3f:e7:b1:e1:05:cd:01:e0:23:13:46:10:08:c3:a9:
88:22:ac:30:9b:4d:b9:64:91:77:52:fd:78:9d:c7:
fe:b6:be:96:af:5a:71:c4:ea:c2:ac:9f:db:cf:44:
c2:a3:9d:69:2d:57:36:0d:2e:c0:30:c8:26:a6:15:
45:33:06:e0:9f:37:ed:49:94:59:33:a8:21:20:4d:
36:a4:25:c8:b0:30:f7:4e:9a:59:11:4d:2d:54:f7:
6d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:15:67:A4:14:4D:04:2A:D8:6B:87:55:C3:31:F7:D2:16:66:AE:54
X509v3 Authority Key Identifier:
keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:24:32:fd:f1:29:d2:de:bb:61:ef:f7:67:e1:7b:fa:ab:12:
7a:17:4f:c1:7e:82:40:a9:f6:08:69:8c:14:93:23:53:d7:0d:
07:dd:25:fa:19:78:da:cb:b7:f1:ed:d6:b4:0d:66:75:a6:85:
f0:8c:0f:37:c6:2e:3c:d6:d2:b9:de:1d:d4:40:b2:b5:6a:22:
54:55:af:79:c1:68:41:e2:0d:51:c2:47:ed:ec:d7:9b:82:92:
58:a3:28:65:03:43:5f:e2:6b:aa:e1:b3:5c:18:10:a2:12:11:
d3:bf:5b:96:f7:93:82:61:cf:60:b8:eb:5c:a4:fa:51:c8:2e:
97:24:60:7e:57:f2:84:e9:95:9d:09:d5:3f:66:8e:af:60:f5:
51:20:bc:fc:21:3d:78:e6:7a:b7:de:0e:0a:1c:f3:93:f8:7f:
0c:1d:16:4e:61:c6:ab:9e:c1:6b:7d:4e:8b:44:72:ff:56:c8:
09:45:9c:28:e6:4a:15:58:6e:b6:5e:98:3e:90:35:f0:b9:c7:
36:eb:8e:32:90:53:c5:05:f4:a1:4c:db:f5:2a:76:49:a6:b4:
7d:ba:80:c0:89:8e:6d:d0:64:94:59:3e:da:6d:a5:fa:e7:01:
49:a9:93:cf:2d:c0:df:4f:6f:5b:db:bf:de:52:73:23:4a:05:
fd:fc:4c:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOx9wL36xM95jXup83UKITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk
NDNjZDAwHhcNMjUwNDE5MTYwMDQyWhcNMjUwNDIwMTYwMDQyWjAzMTEwLwYDVQQD
EygzYTE1NjdhNDE0NGQwNDJhZDg2Yjg3NTVjMzMxZjdkMjE2NjZhZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhekGha+TrMRyjdEBzLaxo9fy7kiR
iO48/zcdwVX0ycpR8EoO7W4gxsJk5a4i8tw2ChhUS0csI7SAR2I7Xvm+1GcbYPaf
qG0dlC/hj6K/wgYwO18sm/MQSdVe/s/c+ZVLbm/yyxGWJETf1S6yopXAmho39uyS
ZgVcvxi/26dJS7+EyYSnJpl+VbYNWOfqWL4oI6clVE99fYkEA0Xi32xpRTDPv2s/
57HhBc0B4CMTRhAIw6mIIqwwm025ZJF3Uv14ncf+tr6Wr1pxxOrCrJ/bz0TCo51p
LVc2DS7AMMgmphVFMwbgnzftSZRZM6ghIE02pCXIsDD3TppZEU0tVPdtcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoVZ6QUTQQq2GuHVcMx99IWZq5UMB8GA1UdIwQY
MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It
ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk
LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqiQy/fEp
0t67Ye/3Z+F7+qsSehdPwX6CQKn2CGmMFJMjU9cNB90l+hl42su38e3WtA1mdaaF
8IwPN8YuPNbSud4d1ECytWoiVFWvecFoQeINUcJH7ezXm4KSWKMoZQNDX+JrquGz
XBgQohIR079blveTgmHPYLjrXKT6UcgulyRgflfyhOmVnQnVP2aOr2D1USC8/CE9
eOZ6t94OChzzk/h/DB0WTmHGq57Ba31Oi0Ry/1bICUWcKOZKFVhutl6YPpA18LnH
NuuOMpBTxQX0oUzb9Sp2Saa0fbqAwImObdBklFk+2m2l+ucBSamTzy3A309vW9u/
3lJzI0oF/fxMTg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:40 2025 by rpki-client