Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
File: 1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft (raw, json)
Hash identifier: jxZ7RfOFLvU1jEZsS77SYShOZqUU+hWM/8CHxm2m3D8=
Subject key identifier: DD:F7:05:99:35:C6:4F:0D:1C:49:3F:8D:60:C6:BB:38:86:7A:26:3C
Authority key identifier: D4:22:36:74:33:76:5B:54:1A:37:39:0A:99:89:97:B7:37:C4:64:72
Certificate issuer: /CN=d422367433765b541a37390a998997b737c46472
Certificate serial: 0196564A0B486EEDA9CEA0403085B25A11F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
Manifest number: 1491
Signing time: Mon 21 Apr 2025 03:00:15 +0000
Manifest this update: Mon 21 Apr 2025 03:00:15 +0000
Manifest next update: Tue 22 Apr 2025 03:00:15 +0000
Files and hashes: 1: 1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl (hash: hxhd67VLb6oYrdZGcHA/7KJjbj/KsL8Lt99HAD+tLMI=)
2: dO1sDlUm4GNT1NLwZmfUYJ1pPqA.roa (hash: JWs3QU5N8u442ANJ16//ujHqSWgzP2/558mG+17RvNo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:4a:0b:48:6e:ed:a9:ce:a0:40:30:85:b2:5a:11:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d422367433765b541a37390a998997b737c46472
Validity
Not Before: Apr 21 03:00:15 2025 GMT
Not After : Apr 22 03:00:15 2025 GMT
Subject: CN=ddf7059935c64f0d1c493f8d60c6bb38867a263c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:40:51:26:13:8a:09:77:fc:76:ce:16:15:6d:
d1:8b:38:35:f2:ea:99:25:0b:83:bc:50:79:7c:f5:
45:a2:67:9b:30:c9:df:56:e9:9a:fe:b4:f1:84:ca:
a1:04:8e:5f:7d:81:0d:f2:6a:6a:30:d3:76:07:57:
27:e9:8a:68:8c:d6:b6:d7:07:39:bb:2f:4c:a3:3d:
23:d8:cd:dc:d0:9a:bc:fc:19:ee:34:fa:41:fe:af:
a0:4e:28:3e:bc:07:e2:77:87:f5:59:55:77:fe:48:
45:b2:54:17:62:26:09:16:64:02:e2:3e:29:66:f7:
72:56:73:85:3d:1a:95:11:d8:38:eb:e8:10:f1:97:
fb:51:78:69:4c:09:58:be:7c:95:24:ac:56:ba:77:
74:a0:dd:2b:6c:d0:df:95:3f:0e:74:f6:3e:f7:13:
2c:b0:c4:b0:9c:bd:f0:db:f3:b4:fa:d8:77:33:30:
1d:d3:bb:b3:fe:7a:98:70:b0:6d:2d:76:3f:eb:1a:
69:d6:26:6b:b7:8a:87:4d:b2:42:35:fe:a8:08:0e:
55:40:19:83:1c:7f:c7:21:29:2e:52:e7:46:5e:7b:
98:20:73:52:74:da:99:0e:a6:82:99:da:73:3f:d6:
fc:64:92:e9:e7:fc:a2:98:20:c2:89:8f:94:75:55:
ad:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F7:05:99:35:C6:4F:0D:1C:49:3F:8D:60:C6:BB:38:86:7A:26:3C
X509v3 Authority Key Identifier:
keyid:D4:22:36:74:33:76:5B:54:1A:37:39:0A:99:89:97:B7:37:C4:64:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:6b:0c:53:80:89:de:0e:25:5b:8f:da:dc:60:d2:b1:9e:ef:
e7:45:2f:eb:47:a0:52:c3:94:7b:75:07:21:58:d0:4f:0a:ca:
9a:e8:94:e9:f0:24:c1:34:83:4a:40:7b:93:55:ad:06:55:85:
09:a6:f5:bc:70:da:a5:14:6a:fe:05:39:4a:bd:ba:3b:ff:bb:
a2:c9:38:1b:ba:5b:f6:12:f7:a5:52:2c:d7:e6:7a:74:ca:81:
4d:a2:f4:d9:fc:77:e9:e6:02:9d:0c:47:37:d3:e9:f9:6a:a7:
ad:21:93:13:8d:5e:7f:a1:de:63:01:59:bc:a7:38:a7:a1:e8:
61:3d:ec:de:94:0d:8d:42:af:61:7d:dd:67:d8:06:fb:67:cc:
90:d1:10:0d:58:22:dd:f7:8d:54:46:ea:39:21:e9:66:f8:7d:
f9:42:85:91:b4:5f:b0:1a:ab:cb:76:2d:76:76:21:86:e4:29:
54:47:25:e4:ee:32:04:12:68:17:65:ac:ac:8a:2c:f2:e1:05:
f0:1d:cd:40:bb:45:65:3c:88:ee:71:23:51:86:e0:79:d3:26:
2c:82:d2:66:bd:af:05:3e:69:bf:1a:31:27:f5:31:83:d3:1a:
90:e8:91:40:3c:27:60:29:c8:c3:6a:36:31:f2:77:bf:d6:ee:
6d:7b:5e:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWSgtIbu2pzqBAMIWyWhH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjIzNjc0MzM3NjViNTQxYTM3MzkwYTk5ODk5N2I3Mzdj
NDY0NzIwHhcNMjUwNDIxMDMwMDE1WhcNMjUwNDIyMDMwMDE1WjAzMTEwLwYDVQQD
EyhkZGY3MDU5OTM1YzY0ZjBkMWM0OTNmOGQ2MGM2YmIzODg2N2EyNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9EBRJhOKCXf8ds4WFW3Rizg18uqZ
JQuDvFB5fPVFomebMMnfVuma/rTxhMqhBI5ffYEN8mpqMNN2B1cn6YpojNa21wc5
uy9Moz0j2M3c0Jq8/BnuNPpB/q+gTig+vAfid4f1WVV3/khFslQXYiYJFmQC4j4p
ZvdyVnOFPRqVEdg46+gQ8Zf7UXhpTAlYvnyVJKxWund0oN0rbNDflT8OdPY+9xMs
sMSwnL3w2/O0+th3MzAd07uz/nqYcLBtLXY/6xpp1iZrt4qHTbJCNf6oCA5VQBmD
HH/HISkuUudGXnuYIHNSdNqZDqaCmdpzP9b8ZJLp5/yimCDCiY+UdVWt0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN33BZk1xk8NHEk/jWDGuziGeiY8MB8GA1UdIwQY
MBaAFNQiNnQzdltUGjc5CpmJl7c3xGRyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy80NWJlMzItODIxZi00NTE0LWFhMzEt
YmM3NTQ2NjA0N2M5LzEvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy80NWJlMzItODIxZi00NTE0LWFhMzEtYmM3NTQ2NjA0N2M5
LzEvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemsMU4CJ
3g4lW4/a3GDSsZ7v50Uv60egUsOUe3UHIVjQTwrKmuiU6fAkwTSDSkB7k1WtBlWF
Cab1vHDapRRq/gU5Sr26O/+7osk4G7pb9hL3pVIs1+Z6dMqBTaL02fx36eYCnQxH
N9Pp+WqnrSGTE41ef6HeYwFZvKc4p6HoYT3s3pQNjUKvYX3dZ9gG+2fMkNEQDVgi
3feNVEbqOSHpZvh9+UKFkbRfsBqry3YtdnYhhuQpVEcl5O4yBBJoF2WsrIos8uEF
8B3NQLtFZTyI7nEjUYbgedMmLILSZr2vBT5pvxoxJ/Uxg9MakOiRQDwnYCnIw2o2
MfJ3v9bubXte+Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:46:59 2025 by rpki-client