Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
File: ceWC839BZJjBi2YkjevM8iQavHY.mft (raw, json)
Hash identifier: sMMQmLbkQxJmgmk+IAvwAZZyKr+yzu7yESaH8Ae4ACY=
Subject key identifier: A2:1C:24:B9:A5:BC:B1:DD:DE:FE:4C:76:69:1E:CF:E0:BC:34:2C:3E
Authority key identifier: 71:E5:82:F3:7F:41:64:98:C1:8B:66:24:8D:EB:CC:F2:24:1A:BC:76
Certificate issuer: /CN=71e582f37f416498c18b66248debccf2241abc76
Certificate serial: 0196507EF666C2ACF6AE44E91ACB71BE7E42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
Manifest number: 0497
Signing time: Sun 20 Apr 2025 00:00:19 +0000
Manifest this update: Sun 20 Apr 2025 00:00:19 +0000
Manifest next update: Mon 21 Apr 2025 00:00:19 +0000
Files and hashes: 1: 3JlcQxD2NXWLaEj6J42YSdi1quE.roa (hash: ZFdShZLQiri1BeTMte27QBSxcmd4A78sb6jnkkO6l9s=)
2: ceWC839BZJjBi2YkjevM8iQavHY.crl (hash: zToEf7CtKiuXt/9tnsnwK/n9TnJV2wrIf6tQovqBLjA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:50:7e:f6:66:c2:ac:f6:ae:44:e9:1a:cb:71:be:7e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71e582f37f416498c18b66248debccf2241abc76
Validity
Not Before: Apr 20 00:00:19 2025 GMT
Not After : Apr 21 00:00:19 2025 GMT
Subject: CN=a21c24b9a5bcb1dddefe4c76691ecfe0bc342c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ad:2a:6f:23:d3:1c:47:32:a8:3a:ec:52:e1:
7b:28:b4:55:7e:4a:e8:16:91:bb:10:14:69:64:b5:
3b:67:e2:31:c1:9f:76:02:04:0b:a2:83:83:fc:3e:
e6:3e:f2:00:77:36:94:d2:0d:da:52:6e:e4:73:18:
9b:73:ec:10:6e:a9:f6:6c:96:db:7b:b4:89:da:6e:
3b:d8:0f:3c:58:d2:45:16:50:34:68:4f:9b:8a:30:
b7:78:ee:2f:99:e6:9b:ea:ef:ea:ed:3d:a3:f7:68:
10:94:f4:cf:2f:42:81:d5:4e:9e:f5:4c:95:e8:a9:
8d:48:71:7a:da:f5:37:3e:6d:89:33:e4:8a:e9:4c:
b9:8f:a8:d9:51:0f:18:e7:ef:1a:38:f1:18:fb:7d:
a1:e6:25:59:12:15:ef:b0:89:13:f0:0a:1b:43:6b:
6d:d3:3a:65:7c:c5:c9:5b:8c:8a:cb:4f:78:af:2f:
61:26:03:65:96:ff:bb:0c:89:a2:48:ea:5c:84:21:
e9:a8:b7:61:f9:d8:ed:40:5b:b5:21:4d:70:d3:b9:
fb:ff:df:e0:fd:29:ec:da:20:b6:85:51:d1:6f:85:
c7:55:ef:84:b1:55:fe:8d:c2:0d:f6:d0:af:cb:35:
a4:92:9a:16:0c:07:5c:9f:c2:43:29:15:dd:89:23:
00:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1C:24:B9:A5:BC:B1:DD:DE:FE:4C:76:69:1E:CF:E0:BC:34:2C:3E
X509v3 Authority Key Identifier:
keyid:71:E5:82:F3:7F:41:64:98:C1:8B:66:24:8D:EB:CC:F2:24:1A:BC:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:5e:09:b1:db:1b:53:25:7a:9b:8c:e7:1d:a3:9b:34:b0:17:
3c:82:9a:bc:03:68:34:f2:be:e3:84:95:32:8f:bd:22:96:1d:
0e:fb:2a:46:b6:76:69:90:ca:78:7c:0a:99:72:b5:f8:57:34:
89:a4:c2:9e:09:24:f1:c0:e5:75:55:83:8f:00:54:b9:01:17:
fb:be:20:42:5f:43:33:1c:f8:d0:b8:6a:ae:61:25:68:31:3f:
46:8d:a5:68:d6:36:c7:12:c1:48:ab:3c:2b:ec:22:3a:57:fa:
88:b3:6e:1b:7e:f2:e1:ca:33:89:b8:5d:85:85:5a:2a:3a:40:
2b:4a:d6:b0:68:76:bd:46:b3:56:b7:85:19:ff:bb:61:3e:41:
d6:6c:91:82:98:22:05:d3:00:64:15:eb:10:5b:64:f6:ce:32:
09:99:ed:46:05:65:d1:39:b3:bd:f8:10:b9:f4:cb:23:e4:c7:
b8:b5:aa:08:f0:7d:8f:61:f3:6c:0a:51:42:c1:ae:c6:16:a7:
30:33:d3:e6:52:7d:c5:5a:78:9d:bc:13:7f:73:16:84:e6:a0:
49:24:c4:e7:d7:d4:b4:83:26:55:6a:e8:24:89:e2:be:aa:fc:
eb:ce:ec:c8:be:3e:54:b7:fc:66:7f:83:28:26:0c:e2:cb:b3:
3f:69:15:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQfvZmwqz2rkTpGstxvn5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTU4MmYzN2Y0MTY0OThjMThiNjYyNDhkZWJjY2YyMjQx
YWJjNzYwHhcNMjUwNDIwMDAwMDE5WhcNMjUwNDIxMDAwMDE5WjAzMTEwLwYDVQQD
EyhhMjFjMjRiOWE1YmNiMWRkZGVmZTRjNzY2OTFlY2ZlMGJjMzQyYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva0qbyPTHEcyqDrsUuF7KLRVfkro
FpG7EBRpZLU7Z+IxwZ92AgQLooOD/D7mPvIAdzaU0g3aUm7kcxibc+wQbqn2bJbb
e7SJ2m472A88WNJFFlA0aE+bijC3eO4vmeab6u/q7T2j92gQlPTPL0KB1U6e9UyV
6KmNSHF62vU3Pm2JM+SK6Uy5j6jZUQ8Y5+8aOPEY+32h5iVZEhXvsIkT8AobQ2tt
0zplfMXJW4yKy094ry9hJgNllv+7DImiSOpchCHpqLdh+djtQFu1IU1w07n7/9/g
/Sns2iC2hVHRb4XHVe+EsVX+jcIN9tCvyzWkkpoWDAdcn8JDKRXdiSMAnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIcJLmlvLHd3v5Mdmkez+C8NCw+MB8GA1UdIwQY
MBaAFHHlgvN/QWSYwYtmJI3rzPIkGrx2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mZDllYTAtODM1Ny00NThiLWI1OTYt
OWYzNGY2NzE2MjU5LzEvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mZDllYTAtODM1Ny00NThiLWI1OTYtOWYzNGY2NzE2MjU5
LzEvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIl4Jsdsb
UyV6m4znHaObNLAXPIKavANoNPK+44SVMo+9IpYdDvsqRrZ2aZDKeHwKmXK1+Fc0
iaTCngkk8cDldVWDjwBUuQEX+74gQl9DMxz40LhqrmElaDE/Ro2laNY2xxLBSKs8
K+wiOlf6iLNuG37y4cozibhdhYVaKjpAK0rWsGh2vUazVreFGf+7YT5B1myRgpgi
BdMAZBXrEFtk9s4yCZntRgVl0TmzvfgQufTLI+THuLWqCPB9j2HzbApRQsGuxhan
MDPT5lJ9xVp4nbwTf3MWhOagSSTE59fUtIMmVWroJInivqr8687syL4+VLf8Zn+D
KCYM4suzP2kVUg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:44 2025 by rpki-client