Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
File: NgAOvu0kK5VkrclUhTI7lr1vXAI.mft (raw, json)
Hash identifier: wixsLgKVsOqMyMdtBSf1vyYWwbnpKcU/IDLjwRUJaRI=
Subject key identifier: 3E:8B:64:BD:C3:A0:96:2B:63:C5:7A:5A:0C:1C:8D:FC:EA:90:80:39
Authority key identifier: 36:00:0E:BE:ED:24:2B:95:64:AD:C9:54:85:32:3B:96:BD:6F:5C:02
Certificate issuer: /CN=36000ebeed242b9564adc95485323b96bd6f5c02
Certificate serial: 01964FDAA9BB76946F6C59D9600E8C9D65F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
Manifest number: 1069
Signing time: Sat 19 Apr 2025 21:00:52 +0000
Manifest this update: Sat 19 Apr 2025 21:00:52 +0000
Manifest next update: Sun 20 Apr 2025 21:00:52 +0000
Files and hashes: 1: NgAOvu0kK5VkrclUhTI7lr1vXAI.crl (hash: HMx6NvRpJkcs6rDPmR6s1jSx+EaWkjd1ogM/YnfhjIs=)
2: PcqW_01nYr_g65r_pcHJ33ZMGuA.roa (hash: ldAGcbaFd4WhyCTSLv1tpLkIbH81eRDfpjEnAMP8NwM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 21:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4f:da:a9:bb:76:94:6f:6c:59:d9:60:0e:8c:9d:65:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36000ebeed242b9564adc95485323b96bd6f5c02
Validity
Not Before: Apr 19 21:00:52 2025 GMT
Not After : Apr 20 21:00:52 2025 GMT
Subject: CN=3e8b64bdc3a0962b63c57a5a0c1c8dfcea908039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:b7:6c:71:8b:e9:e7:ef:0e:78:95:13:cf:
76:6f:67:17:8b:16:d1:59:99:74:95:fe:00:94:a6:
ae:b7:ae:62:17:be:91:a9:e3:8e:41:36:d5:81:32:
bb:c6:e3:6c:ab:89:2d:2f:2f:bd:0d:15:d3:55:9f:
56:bb:be:99:58:27:c4:f1:34:b6:a9:60:3a:44:82:
e8:45:2f:07:a9:33:8b:d5:e7:18:a9:31:8b:1e:b3:
00:2a:fc:a7:cb:38:35:ae:86:19:0b:3b:c5:97:27:
33:2a:39:95:52:dd:b8:c8:0b:d5:1c:9d:19:0a:a8:
a8:64:8e:6f:f3:60:8b:fd:9a:86:bd:bb:65:a6:ee:
bc:19:a5:7c:86:42:34:6b:d5:a0:8f:89:b3:47:0d:
e5:6b:1a:37:6c:2d:f7:c5:0f:ed:65:0e:1c:71:31:
f7:b8:83:86:73:ee:61:88:8a:1b:b2:c1:28:20:0a:
2e:f4:90:c0:82:d1:1a:39:2f:38:8b:aa:24:53:c1:
88:a6:fd:e1:3e:cd:0a:0b:a3:40:a3:7d:5c:eb:a4:
81:6e:7f:c6:6a:f4:1c:fb:92:3c:27:37:32:9b:fc:
44:25:64:2a:50:57:b7:5d:89:25:0d:4f:a2:d8:27:
09:b9:b1:c0:de:35:f2:35:93:9b:18:a9:b5:8c:93:
df:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8B:64:BD:C3:A0:96:2B:63:C5:7A:5A:0C:1C:8D:FC:EA:90:80:39
X509v3 Authority Key Identifier:
keyid:36:00:0E:BE:ED:24:2B:95:64:AD:C9:54:85:32:3B:96:BD:6F:5C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgAOvu0kK5VkrclUhTI7lr1vXAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b77e1a-663a-445b-8e61-370150b669e4/1/NgAOvu0kK5VkrclUhTI7lr1vXAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:48:8f:ac:bd:28:37:84:91:e8:53:a5:07:a9:83:91:8d:53:
60:57:75:b4:a6:88:cb:6b:1a:bc:af:be:59:79:5f:90:6a:ce:
1e:ab:0d:ee:7c:a4:6c:bf:17:8b:1b:57:7e:e8:c5:4d:28:62:
01:75:77:d1:08:fa:c0:50:0d:61:0a:1b:da:ea:83:2c:73:0c:
b3:72:2f:78:69:15:5b:36:bb:2c:c8:96:a8:ed:42:23:aa:32:
f1:9b:ab:72:c6:26:9d:c8:04:b3:c9:9e:56:bc:a8:b7:20:88:
29:f5:ce:0b:2d:3c:81:25:54:f9:f2:a9:66:08:3f:66:2c:b6:
68:1a:dc:f7:ad:a6:c7:08:3e:8f:14:61:b7:5c:a9:72:86:ae:
00:13:23:c8:66:bb:7a:07:d0:a9:89:a2:60:f1:56:a9:65:a1:
6c:20:d2:24:79:f2:6c:da:ac:6f:9e:36:bf:a6:2c:b7:c3:c4:
8b:e6:ee:89:9d:91:24:d4:07:58:0c:ea:59:08:aa:d3:5d:74:
75:93:5f:7b:77:2e:a4:0b:ba:4b:3a:5a:7f:9c:41:f5:84:23:
b0:ed:e3:68:cd:66:0c:3b:29:a5:24:3d:e6:f2:ee:c8:48:94:
fc:6a:85:5b:8a:3f:73:de:84:ba:d6:70:a7:33:df:93:56:38:
87:b0:24:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2qm7dpRvbFnZYA6MnWXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDAwZWJlZWQyNDJiOTU2NGFkYzk1NDg1MzIzYjk2YmQ2
ZjVjMDIwHhcNMjUwNDE5MjEwMDUyWhcNMjUwNDIwMjEwMDUyWjAzMTEwLwYDVQQD
EygzZThiNjRiZGMzYTA5NjJiNjNjNTdhNWEwYzFjOGRmY2VhOTA4MDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTu3bHGL6efvDniVE892b2cXixbR
WZl0lf4AlKaut65iF76RqeOOQTbVgTK7xuNsq4ktLy+9DRXTVZ9Wu76ZWCfE8TS2
qWA6RILoRS8HqTOL1ecYqTGLHrMAKvynyzg1roYZCzvFlyczKjmVUt24yAvVHJ0Z
CqioZI5v82CL/ZqGvbtlpu68GaV8hkI0a9Wgj4mzRw3laxo3bC33xQ/tZQ4ccTH3
uIOGc+5hiIobssEoIAou9JDAgtEaOS84i6okU8GIpv3hPs0KC6NAo31c66SBbn/G
avQc+5I8Jzcym/xEJWQqUFe3XYklDU+i2CcJubHA3jXyNZObGKm1jJPfewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6LZL3DoJYrY8V6WgwcjfzqkIA5MB8GA1UdIwQY
MBaAFDYADr7tJCuVZK3JVIUyO5a9b1wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNzdlMWEtNjYzYS00NDViLThlNjEt
MzcwMTUwYjY2OWU0LzEvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNzdlMWEtNjYzYS00NDViLThlNjEtMzcwMTUwYjY2OWU0
LzEvTmdBT3Z1MGtLNVZrcmNsVWhUSTdscjF2WEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEiPrL0o
N4SR6FOlB6mDkY1TYFd1tKaIy2savK++WXlfkGrOHqsN7nykbL8XixtXfujFTShi
AXV30Qj6wFANYQob2uqDLHMMs3IveGkVWza7LMiWqO1CI6oy8ZurcsYmncgEs8me
VryotyCIKfXOCy08gSVU+fKpZgg/Ziy2aBrc962mxwg+jxRht1ypcoauABMjyGa7
egfQqYmiYPFWqWWhbCDSJHnybNqsb542v6Yst8PEi+buiZ2RJNQHWAzqWQiq0110
dZNfe3cupAu6Szpaf5xB9YQjsO3jaM1mDDsppSQ95vLuyEiU/GqFW4o/c96EutZw
pzPfk1Y4h7AkxA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:57 2025 by rpki-client