Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
File: BkwamGxZM6O5EIToo_8IBm05jhk.mft (raw, json)
Hash identifier: M04VBNHiiCVJ/ZtUQrbjDPs3EJOkTilcvcwcyNFDYcM=
Subject key identifier: 98:9F:DA:4F:EC:1C:A4:AE:9E:82:71:E8:B7:5C:59:44:63:C5:DC:4B
Authority key identifier: 06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19
Certificate issuer: /CN=064c1a986c5933a3b91084e8a3ff08066d398e19
Certificate serial: 01964D7EA6A36CA37EA16A0105051B712819
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
Manifest number: 090A
Signing time: Sat 19 Apr 2025 10:01:07 +0000
Manifest this update: Sat 19 Apr 2025 10:01:07 +0000
Manifest next update: Sun 20 Apr 2025 10:01:07 +0000
Files and hashes: 1: BkwamGxZM6O5EIToo_8IBm05jhk.crl (hash: LNzNc4SExEt9asNtmjU1+M1FxdFqvmtqII5guUpvZ1k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 10:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:7e:a6:a3:6c:a3:7e:a1:6a:01:05:05:1b:71:28:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=064c1a986c5933a3b91084e8a3ff08066d398e19
Validity
Not Before: Apr 19 10:01:07 2025 GMT
Not After : Apr 20 10:01:07 2025 GMT
Subject: CN=989fda4fec1ca4ae9e8271e8b75c594463c5dc4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:16:d2:5c:54:9b:18:1e:e4:b4:0c:da:32:bf:
4d:09:8c:c8:44:25:e1:f7:5c:6f:fa:e2:18:ba:6f:
0e:0c:73:ea:e5:5d:c4:f0:62:4a:ee:b3:1e:83:09:
7d:4f:1c:fa:c7:ec:1b:b6:b4:ff:0d:82:08:f1:53:
37:3d:1e:ca:17:9c:39:9b:83:de:71:f4:2e:20:eb:
9b:a4:21:fd:bf:2f:6b:b1:57:99:cd:07:6f:9e:65:
54:a9:b4:53:aa:13:db:97:89:ee:16:4e:20:79:c5:
28:a0:96:77:ef:f3:68:df:18:21:d6:98:d8:48:65:
d9:f7:ca:ee:62:c7:87:a4:3b:bc:5f:dc:d9:fa:f6:
60:42:f4:e8:1b:7c:2b:a4:5c:49:b2:ae:30:2d:7a:
c0:a3:84:2a:e0:e2:85:56:fb:70:3e:d1:78:a7:67:
fe:94:46:81:ea:65:6d:f4:75:ae:d3:41:22:42:b9:
f0:a9:b6:70:53:02:69:e4:2e:15:d7:bf:dc:d1:80:
a3:50:d6:8d:1c:81:05:58:0f:0d:a4:c5:4d:a1:9e:
93:ac:ce:dc:13:d4:e2:bd:80:37:ef:9b:50:ce:0c:
7f:58:e8:d8:5e:4c:c7:08:11:c2:7c:cc:87:00:5e:
74:92:ab:05:7c:12:a9:ba:23:be:29:94:85:9b:a0:
6a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9F:DA:4F:EC:1C:A4:AE:9E:82:71:E8:B7:5C:59:44:63:C5:DC:4B
X509v3 Authority Key Identifier:
keyid:06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:7f:3b:3d:fe:96:b1:96:4d:13:21:91:ff:f0:f1:49:e0:d7:
83:cc:2e:6b:ed:82:14:99:be:12:ca:0a:d8:6c:e4:73:f4:70:
61:1d:6d:3b:5d:c5:9d:32:7d:a6:7d:25:70:69:a0:5e:da:01:
0b:64:9b:56:51:58:91:5f:b4:33:3f:20:22:a2:df:71:71:3e:
3e:d3:51:9b:f9:f7:8b:f5:7c:f0:96:ad:88:94:34:6f:f0:79:
b5:d1:19:56:9b:fc:a4:d0:49:0e:77:90:f3:af:d5:16:c0:bc:
5c:e1:cd:07:d7:13:22:b1:8b:81:af:1b:35:80:f7:13:fa:e3:
b0:12:34:e8:db:a9:6f:9c:01:05:53:2a:95:c8:67:21:87:db:
25:ce:e6:f8:65:b0:50:01:bd:26:32:a8:0b:38:40:dd:7a:b0:
ef:b2:13:ae:dc:4d:ee:26:5f:ee:d8:65:17:8d:ef:41:40:41:
2f:1d:68:1d:41:7d:bc:ef:4d:75:b8:2d:ec:92:ed:ac:66:56:
a1:44:11:08:42:29:29:c1:8d:b7:e1:f3:81:60:b4:84:e7:89:
e9:d8:25:40:b0:e0:9b:e0:15:8b:d3:eb:35:3f:38:cb:62:7f:
df:3b:68:29:e5:38:e7:ef:f8:5f:2e:71:38:b4:15:c0:7f:19:
b6:d2:12:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfqajbKN+oWoBBQUbcSgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGMxYTk4NmM1OTMzYTNiOTEwODRlOGEzZmYwODA2NmQz
OThlMTkwHhcNMjUwNDE5MTAwMTA3WhcNMjUwNDIwMTAwMTA3WjAzMTEwLwYDVQQD
Eyg5ODlmZGE0ZmVjMWNhNGFlOWU4MjcxZThiNzVjNTk0NDYzYzVkYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xbSXFSbGB7ktAzaMr9NCYzIRCXh
91xv+uIYum8ODHPq5V3E8GJK7rMegwl9Txz6x+wbtrT/DYII8VM3PR7KF5w5m4Pe
cfQuIOubpCH9vy9rsVeZzQdvnmVUqbRTqhPbl4nuFk4gecUooJZ37/No3xgh1pjY
SGXZ98ruYseHpDu8X9zZ+vZgQvToG3wrpFxJsq4wLXrAo4Qq4OKFVvtwPtF4p2f+
lEaB6mVt9HWu00EiQrnwqbZwUwJp5C4V17/c0YCjUNaNHIEFWA8NpMVNoZ6TrM7c
E9TivYA375tQzgx/WOjYXkzHCBHCfMyHAF50kqsFfBKpuiO+KZSFm6Bq4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJif2k/sHKSunoJx6LdcWURjxdxLMB8GA1UdIwQY
MBaAFAZMGphsWTOjuRCE6KP/CAZtOY4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgt
N2Y2YTY1NWZkNzg4LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgtN2Y2YTY1NWZkNzg4
LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf387Pf6W
sZZNEyGR//DxSeDXg8wua+2CFJm+EsoK2Gzkc/RwYR1tO13FnTJ9pn0lcGmgXtoB
C2SbVlFYkV+0Mz8gIqLfcXE+PtNRm/n3i/V88JatiJQ0b/B5tdEZVpv8pNBJDneQ
86/VFsC8XOHNB9cTIrGLga8bNYD3E/rjsBI06Nupb5wBBVMqlchnIYfbJc7m+GWw
UAG9JjKoCzhA3Xqw77ITrtxN7iZf7thlF43vQUBBLx1oHUF9vO9Ndbgt7JLtrGZW
oUQRCEIpKcGNt+HzgWC0hOeJ6dglQLDgm+AVi9PrNT84y2J/3ztoKeU45+/4Xy5x
OLQVwH8ZttISbQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:11:43 2025 by rpki-client