Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
File: lRZkUh1QOVkhL1WypZrsbSB7Cig.mft (raw, json)
Hash identifier: 6aAA5ipPm5bLD0byHZ+tAqr+g3nmOV7jXXVuJczpTHY=
Subject key identifier: B3:A9:73:F4:AC:00:A2:D8:F2:C2:A2:66:47:8A:96:8B:5E:0A:C5:5D
Authority key identifier: 95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
Certificate issuer: /CN=951664521d503959212f55b2a59aec6d207b0a28
Certificate serial: 0195797E25173F5D3198B6CE933BE3D83BD5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
Manifest number: 148A
Signing time: Sun 09 Mar 2025 06:01:04 +0000
Manifest this update: Sun 09 Mar 2025 06:01:04 +0000
Manifest next update: Mon 10 Mar 2025 06:01:04 +0000
Files and hashes: 1: IPg6gK3cvCBZgriElu-X9QULHhI.roa (hash: KfBBSFaoabvdCiHx1hEd3tUcsuSp0LUQmRosJtF9Y6s=)
2: lRZkUh1QOVkhL1WypZrsbSB7Cig.crl (hash: H7J987w6WK8OR69TP4MmmUlyCm6WWhyGKQchAS3YLkw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:79:7e:25:17:3f:5d:31:98:b6:ce:93:3b:e3:d8:3b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951664521d503959212f55b2a59aec6d207b0a28
Validity
Not Before: Mar 9 06:01:04 2025 GMT
Not After : Mar 10 06:01:04 2025 GMT
Subject: CN=b3a973f4ac00a2d8f2c2a266478a968b5e0ac55d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:22:c5:9f:16:cb:2d:9e:f3:8a:3f:24:2d:42:
12:66:f1:23:45:65:cd:b3:c9:b9:ba:d4:ca:18:db:
77:9e:e1:f4:9f:39:04:bd:99:6c:89:98:57:b3:19:
20:2f:0d:eb:b2:72:b1:c5:a9:e3:27:0a:12:ec:13:
0d:01:68:91:68:62:c9:b0:d6:89:80:4b:fd:85:67:
27:39:55:57:e8:05:d3:b4:aa:f3:66:ab:0d:3d:ab:
9d:4f:c2:62:f3:6b:6f:9e:6e:36:fe:14:ab:9f:c5:
20:35:d1:d6:ad:3f:45:95:2a:22:fd:83:37:48:58:
10:63:9f:5d:bf:fa:66:9c:78:90:5b:57:a0:8d:56:
89:63:27:d1:38:27:82:dd:61:3b:78:63:ba:5a:39:
f1:86:51:65:ff:6c:b9:74:3a:45:84:86:f5:38:1d:
f9:24:14:db:89:e2:4a:f4:22:b8:2a:78:25:d6:89:
6f:a9:f9:e8:f4:ad:22:f6:77:b7:07:06:da:16:1f:
34:a8:72:5a:db:2b:60:7a:6e:00:98:ed:d7:bf:08:
ea:19:bf:3b:71:77:34:97:42:fc:aa:c8:e8:fb:6c:
95:35:e3:66:d3:9c:88:55:78:0c:59:2c:c4:af:37:
37:50:88:d6:92:3f:ae:ca:fc:a9:cf:dc:94:f6:b2:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A9:73:F4:AC:00:A2:D8:F2:C2:A2:66:47:8A:96:8B:5E:0A:C5:5D
X509v3 Authority Key Identifier:
keyid:95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:d4:5b:28:fa:d4:0e:0c:68:e8:98:92:44:75:8e:1d:e6:8c:
ee:cf:be:10:30:54:f4:f6:31:20:16:2a:cc:9b:a1:c3:d5:86:
9d:36:de:33:74:9d:c1:e3:84:63:9a:52:c3:bb:a7:0f:03:6c:
5a:ee:d5:df:63:b6:b6:18:9e:a3:08:c7:28:9a:15:1b:3d:e9:
98:92:a9:b8:61:bc:48:88:2c:44:72:63:c9:a8:fb:30:28:ee:
c4:bc:fe:e1:1a:1a:f3:01:8c:aa:39:c3:6d:93:37:90:ee:c2:
8c:3f:32:0e:93:7e:9d:a0:5e:00:e6:c2:13:c7:7c:ca:5c:82:
3d:64:f3:e2:05:fb:d9:cd:b1:5a:ee:44:b4:b7:95:7d:b5:b2:
05:f5:b0:e2:63:46:10:d3:ac:b9:53:41:23:fd:05:77:07:4a:
24:06:94:0e:e0:36:8e:cf:38:f2:32:c8:53:36:97:2f:fa:0b:
72:78:f7:c6:2e:04:08:29:bf:e7:1e:fc:76:be:9a:42:f2:83:
63:76:f7:14:06:be:ed:1c:07:50:ad:fe:16:2a:54:5e:75:c9:
40:e1:0e:81:9f:22:3f:80:22:16:82:a1:03:05:05:00:0d:64:
bc:7f:91:e2:e4:a3:41:d5:3c:1d:1d:70:2b:e6:75:b4:11:94:
0d:bb:8c:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5fiUXP10xmLbOkzvj2DvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTY2NDUyMWQ1MDM5NTkyMTJmNTViMmE1OWFlYzZkMjA3
YjBhMjgwHhcNMjUwMzA5MDYwMTA0WhcNMjUwMzEwMDYwMTA0WjAzMTEwLwYDVQQD
EyhiM2E5NzNmNGFjMDBhMmQ4ZjJjMmEyNjY0NzhhOTY4YjVlMGFjNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyLFnxbLLZ7zij8kLUISZvEjRWXN
s8m5utTKGNt3nuH0nzkEvZlsiZhXsxkgLw3rsnKxxanjJwoS7BMNAWiRaGLJsNaJ
gEv9hWcnOVVX6AXTtKrzZqsNPaudT8Ji82tvnm42/hSrn8UgNdHWrT9FlSoi/YM3
SFgQY59dv/pmnHiQW1egjVaJYyfROCeC3WE7eGO6WjnxhlFl/2y5dDpFhIb1OB35
JBTbieJK9CK4Kngl1olvqfno9K0i9ne3BwbaFh80qHJa2ytgem4AmO3XvwjqGb87
cXc0l0L8qsjo+2yVNeNm05yIVXgMWSzErzc3UIjWkj+uyvypz9yU9rJhEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOpc/SsAKLY8sKiZkeKloteCsVdMB8GA1UdIwQY
MBaAFJUWZFIdUDlZIS9VsqWa7G0gewooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUt
ZWY3NDUzYWQwOTlmLzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUtZWY3NDUzYWQwOTlm
LzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASdRbKPrU
Dgxo6JiSRHWOHeaM7s++EDBU9PYxIBYqzJuhw9WGnTbeM3SdweOEY5pSw7unDwNs
Wu7V32O2thieowjHKJoVGz3pmJKpuGG8SIgsRHJjyaj7MCjuxLz+4Roa8wGMqjnD
bZM3kO7CjD8yDpN+naBeAObCE8d8ylyCPWTz4gX72c2xWu5EtLeVfbWyBfWw4mNG
ENOsuVNBI/0FdwdKJAaUDuA2js848jLIUzaXL/oLcnj3xi4ECCm/5x78dr6aQvKD
Y3b3FAa+7RwHUK3+FipUXnXJQOEOgZ8iP4AiFoKhAwUFAA1kvH+R4uSjQdU8HR1w
K+Z1tBGUDbuMBg==
-----END CERTIFICATE-----
Generated at Sun Mar 9 10:13:43 2025 by rpki-client