Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json)
Hash identifier: T7Jt0TTDcTFJYKcD+5Vqki19qNAPQ65CZAeU5BS1CfU=
Subject key identifier: A8:5C:03:07:28:22:23:68:0D:9E:AD:2D:C9:78:49:56:E3:7F:E2:59
Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Certificate serial: 019654CA092B64B7C653BB791B403C7E266B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
Manifest number: 14FC
Signing time: Sun 20 Apr 2025 20:00:48 +0000
Manifest this update: Sun 20 Apr 2025 20:00:48 +0000
Manifest next update: Mon 21 Apr 2025 20:00:48 +0000
Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=)
2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: SKTVqd9uU9pcZAGEf3VE3MYZY0h0a03pSXgbNq0gDKc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 20:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:ca:09:2b:64:b7:c6:53:bb:79:1b:40:3c:7e:26:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b
Validity
Not Before: Apr 20 20:00:48 2025 GMT
Not After : Apr 21 20:00:48 2025 GMT
Subject: CN=a85c0307282223680d9ead2dc9784956e37fe259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:02:d3:51:ae:91:f2:52:eb:0b:6e:c0:20:8d:
53:aa:2b:cb:97:aa:08:65:c8:1a:2b:41:13:03:b5:
ea:7c:93:f8:11:97:c1:93:57:67:8a:86:7b:38:31:
78:f8:9c:1e:02:00:cd:09:60:11:fc:9a:62:7a:0c:
c9:2e:79:be:e0:18:db:5f:93:11:19:79:d7:59:67:
6b:c2:43:82:7c:1d:37:b3:a6:ef:0a:36:4c:6d:c6:
54:4e:b9:b5:28:61:fb:f2:2d:82:23:c8:ff:0e:88:
d3:30:45:49:20:d1:fc:1e:78:22:09:52:57:12:55:
19:96:b4:68:0f:5c:a5:54:57:24:54:8e:68:61:15:
a6:5c:58:be:93:fb:fc:92:bd:73:28:fe:bc:9b:53:
3f:3e:2f:24:a9:fd:fc:86:bc:3f:29:72:4d:40:2b:
ee:47:b0:22:c8:07:c9:bd:be:0b:8f:ec:c8:b4:49:
2d:be:bd:b8:90:56:09:70:19:31:e7:cf:8a:a1:ac:
05:89:39:3b:a8:14:94:ae:ac:d2:e4:85:18:86:d1:
c8:dc:59:9c:77:0b:00:a7:b9:2b:8c:06:3a:c1:44:
f3:07:90:cd:c2:ef:62:30:cc:41:d5:18:05:7c:02:
d0:aa:68:ef:17:95:58:f4:68:52:6d:78:e5:73:88:
7d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5C:03:07:28:22:23:68:0D:9E:AD:2D:C9:78:49:56:E3:7F:E2:59
X509v3 Authority Key Identifier:
keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:16:2b:69:c8:78:13:1a:40:82:25:15:49:4c:fd:5b:77:63:
d9:b1:e0:ff:c3:a1:1d:c7:c4:40:e2:53:f8:36:e8:f3:0a:3d:
fd:8a:f3:7b:08:af:c1:68:6f:07:97:5e:36:b5:cb:37:db:91:
5a:f8:9a:ae:2f:e9:aa:f9:10:bd:de:36:73:36:ba:04:df:b4:
3c:59:79:64:27:de:19:88:da:3a:33:11:cb:b3:2e:39:56:bd:
40:74:1d:4c:32:75:d5:6b:b8:b5:d2:77:f4:4a:83:52:04:50:
d2:c7:51:62:74:de:9f:3d:48:30:70:dd:0d:fa:36:73:4a:49:
74:80:00:94:02:22:12:2f:51:f8:57:b3:4e:a4:75:58:36:67:
39:57:31:07:41:d4:9f:75:97:bd:af:99:f3:75:6a:17:db:da:
70:0c:79:1d:31:55:0f:ee:30:1b:85:b7:fb:ba:a6:54:a8:b1:
2e:ce:76:3e:4c:f5:f8:90:f6:15:50:1e:13:ec:ae:f3:da:c2:
f7:27:5f:cf:46:29:af:4c:43:97:b3:58:5c:5c:5f:d1:83:9e:
20:ea:57:29:9a:09:b0:f5:a0:29:33:a5:a0:9e:bf:27:62:fd:
ed:d9:e9:c1:f0:f6:ff:a4:49:c5:16:9c:4d:82:80:d8:a4:5a:
f0:38:2c:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUygkrZLfGU7t5G0A8fiZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0
MmQ2OGIwHhcNMjUwNDIwMjAwMDQ4WhcNMjUwNDIxMjAwMDQ4WjAzMTEwLwYDVQQD
EyhhODVjMDMwNzI4MjIyMzY4MGQ5ZWFkMmRjOTc4NDk1NmUzN2ZlMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ALTUa6R8lLrC27AII1TqivLl6oI
ZcgaK0ETA7XqfJP4EZfBk1dnioZ7ODF4+JweAgDNCWAR/JpiegzJLnm+4BjbX5MR
GXnXWWdrwkOCfB03s6bvCjZMbcZUTrm1KGH78i2CI8j/DojTMEVJINH8HngiCVJX
ElUZlrRoD1ylVFckVI5oYRWmXFi+k/v8kr1zKP68m1M/Pi8kqf38hrw/KXJNQCvu
R7AiyAfJvb4Lj+zItEktvr24kFYJcBkx58+KoawFiTk7qBSUrqzS5IUYhtHI3Fmc
dwsAp7krjAY6wUTzB5DNwu9iMMxB1RgFfALQqmjvF5VY9GhSbXjlc4h9IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhcAwcoIiNoDZ6tLcl4SVbjf+JZMB8GA1UdIwQY
MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt
MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz
LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATRYrach4
ExpAgiUVSUz9W3dj2bHg/8OhHcfEQOJT+Dbo8wo9/YrzewivwWhvB5deNrXLN9uR
Wviari/pqvkQvd42cza6BN+0PFl5ZCfeGYjaOjMRy7MuOVa9QHQdTDJ11Wu4tdJ3
9EqDUgRQ0sdRYnTenz1IMHDdDfo2c0pJdIAAlAIiEi9R+FezTqR1WDZnOVcxB0HU
n3WXva+Z83VqF9vacAx5HTFVD+4wG4W3+7qmVKixLs52Pkz1+JD2FVAeE+yu89rC
9ydfz0Ypr0xDl7NYXFxf0YOeIOpXKZoJsPWgKTOloJ6/J2L97dnpwfD2/6RJxRac
TYKA2KRa8DgsYA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:29:16 2025 by rpki-client