Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
File: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft (raw, json)
Hash identifier: t0s85R+p9034qCJQr2ytpFetse16IiWRlBq+AwgAaXs=
Subject key identifier: B8:DC:58:29:CE:3B:D4:B1:22:12:18:A3:13:43:C3:B0:28:1F:AB:EF
Authority key identifier: AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
Certificate issuer: /CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Certificate serial: 019659B931C1B41A411C1B3E8EDB46DFE92D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
Manifest number: 01DD
Signing time: Mon 21 Apr 2025 19:00:31 +0000
Manifest this update: Mon 21 Apr 2025 19:00:31 +0000
Manifest next update: Tue 22 Apr 2025 19:00:31 +0000
Files and hashes: 1: HlRrYVzs80ZJA5_JZ3csPGXIkEY.roa (hash: 2WA22A/U8/r4tDX+UDoYIX+va554GCdeOFSCw5V25j8=)
2: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl (hash: opM9FuPrQRvgA+P9o4COK5QBT4bjuqX0j5YoZbNccHM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:b9:31:c1:b4:1a:41:1c:1b:3e:8e:db:46:df:e9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Validity
Not Before: Apr 21 19:00:31 2025 GMT
Not After : Apr 22 19:00:31 2025 GMT
Subject: CN=b8dc5829ce3bd4b1221218a31343c3b0281fabef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:4a:73:98:c1:cc:14:7a:4d:55:c2:8e:c8:
ed:0b:96:77:b2:1e:34:3f:e7:33:66:39:00:d5:6f:
4c:bb:5d:0a:ab:31:21:b9:22:e6:21:58:c9:44:21:
93:47:6c:b6:0c:96:34:6a:bd:ea:fb:54:4d:0a:9f:
6d:3e:65:f5:39:2c:10:ff:15:1a:6f:43:24:1a:e2:
04:e9:ba:e6:34:5d:3e:de:16:16:51:47:4d:78:56:
89:d1:d7:ee:ef:d8:a3:83:f5:7a:63:25:a2:e2:fe:
65:aa:88:f7:18:2d:9d:4c:a4:48:ed:9b:6d:19:2e:
48:aa:de:b0:05:70:28:29:c7:af:05:36:1b:0b:c6:
eb:fe:ff:4a:e4:19:79:f1:e6:7e:84:33:1a:b1:2c:
bf:86:7c:75:a6:fc:35:d9:6a:c8:2d:1d:15:b5:bd:
16:6e:41:da:28:ae:ec:51:6d:1c:40:d3:a2:2a:91:
72:8a:fa:8f:f3:b8:32:ef:65:6e:bc:13:4f:9e:77:
f7:1a:3a:85:65:57:04:37:42:28:3f:a7:de:d1:02:
22:7e:8d:c7:98:44:7d:27:b8:e0:d4:bf:6f:5f:cf:
7b:59:66:c4:56:fb:7c:31:b8:52:dc:18:36:83:b1:
bc:32:d3:af:df:db:52:c5:a2:df:b5:94:6b:3f:00:
f0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DC:58:29:CE:3B:D4:B1:22:12:18:A3:13:43:C3:B0:28:1F:AB:EF
X509v3 Authority Key Identifier:
keyid:AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:e5:99:48:fe:c1:09:ba:9c:3e:a4:b6:58:b2:ea:07:c9:1d:
8e:ac:71:f9:ec:2d:f4:f6:8a:52:f9:b9:f3:55:ac:0c:c3:8b:
15:df:b8:9f:7e:41:66:3e:89:3e:73:ec:c9:27:41:a5:31:6f:
31:b3:a8:2f:f9:f6:67:ea:8a:20:10:c1:d2:0f:a1:c9:68:0b:
e4:e3:68:c7:79:0d:96:71:a9:1b:1a:a4:6d:e4:7e:a2:62:f6:
71:9d:26:4a:2f:57:70:aa:a1:56:86:01:c3:da:c4:32:bb:98:
86:82:8e:7e:65:8b:e2:8d:71:dc:30:fe:a6:f4:d8:f6:f0:1d:
14:6c:96:dd:d9:4a:b7:79:2d:b1:b0:cd:37:d8:d1:40:68:a8:
43:51:77:d0:4d:b3:81:c9:4a:3f:b7:b2:03:25:73:f8:9f:b6:
ab:85:9c:54:fd:75:64:a9:7f:a5:ab:f2:06:00:3c:25:be:b5:
8d:e8:2d:6f:05:b8:ac:f8:70:6e:8c:e7:46:8a:37:88:b7:f8:
a7:6b:e5:22:95:52:4c:ed:e2:96:2c:ff:9e:4e:3a:db:f6:20:
29:b0:89:47:22:e5:a0:39:37:62:bd:1d:a1:cc:0e:f1:f5:23:
e7:1f:6e:21:ac:98:cc:3e:6c:cb:47:b6:e4:b8:46:4a:d8:e8:
6c:73:28:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZuTHBtBpBHBs+jttG3+ktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOWIyY2VmZTM4OWExYWU0OTc1NmVkYzJiMzI5M2U1ODgz
MGNiODIwHhcNMjUwNDIxMTkwMDMxWhcNMjUwNDIyMTkwMDMxWjAzMTEwLwYDVQQD
EyhiOGRjNTgyOWNlM2JkNGIxMjIxMjE4YTMxMzQzYzNiMDI4MWZhYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG5Kc5jBzBR6TVXCjsjtC5Z3sh40
P+czZjkA1W9Mu10KqzEhuSLmIVjJRCGTR2y2DJY0ar3q+1RNCp9tPmX1OSwQ/xUa
b0MkGuIE6brmNF0+3hYWUUdNeFaJ0dfu79ijg/V6YyWi4v5lqoj3GC2dTKRI7Ztt
GS5Iqt6wBXAoKcevBTYbC8br/v9K5Bl58eZ+hDMasSy/hnx1pvw12WrILR0Vtb0W
bkHaKK7sUW0cQNOiKpFyivqP87gy72VuvBNPnnf3GjqFZVcEN0IoP6fe0QIifo3H
mER9J7jg1L9vX897WWbEVvt8MbhS3Bg2g7G8MtOv39tSxaLftZRrPwDwjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjcWCnOO9SxIhIYoxNDw7AoH6vvMB8GA1UdIwQY
MBaAFK+bLO/jiaGuSXVu3Csyk+WIMMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEt
NDY5NjE5ZDRlY2RiLzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEtNDY5NjE5ZDRlY2Ri
LzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh+WZSP7B
CbqcPqS2WLLqB8kdjqxx+ewt9PaKUvm581WsDMOLFd+4n35BZj6JPnPsySdBpTFv
MbOoL/n2Z+qKIBDB0g+hyWgL5ONox3kNlnGpGxqkbeR+omL2cZ0mSi9XcKqhVoYB
w9rEMruYhoKOfmWL4o1x3DD+pvTY9vAdFGyW3dlKt3ktsbDNN9jRQGioQ1F30E2z
gclKP7eyAyVz+J+2q4WcVP11ZKl/pavyBgA8Jb61jegtbwW4rPhwboznRoo3iLf4
p2vlIpVSTO3iliz/nk462/YgKbCJRyLloDk3Yr0docwO8fUj5x9uIayYzD5sy0e2
5LhGStjobHMoPg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:33:53 2025 by rpki-client