Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
File: ceWC839BZJjBi2YkjevM8iQavHY.mft (raw, json)
Hash identifier: 48ABw5wTsssOrDagc/pKE2cb7qjRBYY81Cy8Sj0VRLI=
Subject key identifier: 58:C4:90:86:DD:E9:DE:89:97:B8:C9:4E:32:8C:CF:50:3F:34:41:C3
Authority key identifier: 71:E5:82:F3:7F:41:64:98:C1:8B:66:24:8D:EB:CC:F2:24:1A:BC:76
Certificate issuer: /CN=71e582f37f416498c18b66248debccf2241abc76
Certificate serial: 01958F615CADEFED1944ABCB48D9834435BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
Manifest number: 0433
Signing time: Thu 13 Mar 2025 12:01:17 +0000
Manifest this update: Thu 13 Mar 2025 12:01:17 +0000
Manifest next update: Fri 14 Mar 2025 12:01:17 +0000
Files and hashes: 1: 3JlcQxD2NXWLaEj6J42YSdi1quE.roa (hash: ZFdShZLQiri1BeTMte27QBSxcmd4A78sb6jnkkO6l9s=)
2: ceWC839BZJjBi2YkjevM8iQavHY.crl (hash: Z59WQ4xQa0SrU7TL6eNTcd1mLYaxMwDYuYUaojTRSVY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:61:5c:ad:ef:ed:19:44:ab:cb:48:d9:83:44:35:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71e582f37f416498c18b66248debccf2241abc76
Validity
Not Before: Mar 13 12:01:17 2025 GMT
Not After : Mar 14 12:01:17 2025 GMT
Subject: CN=58c49086dde9de8997b8c94e328ccf503f3441c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:24:86:3c:c4:e8:49:ae:d1:7c:4f:30:52:39:
c5:a5:11:cc:a0:f1:07:78:fb:db:88:43:64:cc:2d:
25:eb:50:08:26:1f:a6:30:01:d1:8a:c4:d3:57:a4:
3d:0d:ef:a2:23:35:8e:1a:31:71:91:fb:c7:63:c2:
25:f7:d2:02:4a:ba:ad:83:39:70:b0:45:80:bf:ff:
ac:e6:92:1e:ef:fb:fc:83:3c:11:4c:ae:7e:17:19:
c4:25:36:43:b5:80:5c:87:9a:75:ec:57:11:e3:f4:
e9:f9:82:37:0f:36:70:fb:30:ee:29:3f:d1:c2:e8:
81:b6:df:a0:01:af:e3:55:8f:03:b4:d5:49:06:ad:
60:62:24:70:ba:cc:18:df:f1:27:eb:20:b9:7f:59:
36:12:7f:19:3a:fc:9c:45:c1:a9:f1:98:ca:5d:c9:
f3:19:24:c0:fd:dc:38:0b:65:2a:0c:22:a9:79:91:
7e:8e:a0:c8:ab:d5:91:1a:36:57:c9:91:6f:3a:f1:
93:89:83:e5:a5:d7:0d:f8:84:88:c4:db:63:70:25:
94:ff:fa:df:2e:c7:e6:a0:21:58:1f:a0:f1:e5:be:
7f:98:46:47:8b:eb:2c:66:80:32:a2:45:ca:95:d8:
d2:ed:64:2a:9c:a0:e8:9c:93:51:a4:37:b5:72:aa:
16:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C4:90:86:DD:E9:DE:89:97:B8:C9:4E:32:8C:CF:50:3F:34:41:C3
X509v3 Authority Key Identifier:
keyid:71:E5:82:F3:7F:41:64:98:C1:8B:66:24:8D:EB:CC:F2:24:1A:BC:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ceWC839BZJjBi2YkjevM8iQavHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fd9ea0-8357-458b-b596-9f34f6716259/1/ceWC839BZJjBi2YkjevM8iQavHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:1c:27:f4:73:81:d4:a4:93:84:00:0b:83:37:1e:7d:d2:0a:
7b:36:06:e7:6b:c1:b1:5c:ad:b5:af:f2:da:65:f4:3f:9d:0e:
f8:8f:13:3f:10:80:84:90:90:19:57:54:a6:5c:b2:03:c6:ae:
6c:80:56:b9:a6:fc:f8:e8:1b:80:c5:01:dc:0a:bc:20:e1:ac:
e0:60:7a:45:18:54:42:8f:92:87:9f:b1:98:fe:ce:18:05:d4:
a6:6f:5a:63:b6:f9:9e:1a:76:56:9d:a4:0e:bd:d8:dc:6a:7c:
3f:55:42:4a:52:ea:bc:44:11:c9:c7:68:30:9b:e7:00:a1:18:
90:4e:cf:a9:9d:6c:28:7a:27:9d:cb:14:53:f4:b1:2f:d6:34:
74:ce:39:b0:15:aa:0a:34:2b:fa:5c:a4:92:94:93:f1:c9:ea:
bb:92:f8:23:de:42:40:2b:a8:b7:6e:69:bc:31:8e:7d:97:f9:
13:c3:c0:ff:56:15:cb:18:2d:4f:93:8b:45:c6:cd:5f:2a:c6:
c1:b1:ee:f0:f0:8e:89:d5:2a:67:32:d6:e0:4a:b9:9e:a9:f3:
48:e1:06:3f:59:f1:55:ab:bf:da:0a:ce:f1:4d:89:bd:e2:66:
fa:f4:b3:26:7d:29:f4:26:c4:ba:91:14:db:98:9e:ea:e5:db:
65:0f:fb:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWPYVyt7+0ZRKvLSNmDRDW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTU4MmYzN2Y0MTY0OThjMThiNjYyNDhkZWJjY2YyMjQx
YWJjNzYwHhcNMjUwMzEzMTIwMTE3WhcNMjUwMzE0MTIwMTE3WjAzMTEwLwYDVQQD
Eyg1OGM0OTA4NmRkZTlkZTg5OTdiOGM5NGUzMjhjY2Y1MDNmMzQ0MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySSGPMToSa7RfE8wUjnFpRHMoPEH
ePvbiENkzC0l61AIJh+mMAHRisTTV6Q9De+iIzWOGjFxkfvHY8Il99ICSrqtgzlw
sEWAv/+s5pIe7/v8gzwRTK5+FxnEJTZDtYBch5p17FcR4/Tp+YI3DzZw+zDuKT/R
wuiBtt+gAa/jVY8DtNVJBq1gYiRwuswY3/En6yC5f1k2En8ZOvycRcGp8ZjKXcnz
GSTA/dw4C2UqDCKpeZF+jqDIq9WRGjZXyZFvOvGTiYPlpdcN+ISIxNtjcCWU//rf
LsfmoCFYH6Dx5b5/mEZHi+ssZoAyokXKldjS7WQqnKDonJNRpDe1cqoW/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjEkIbd6d6Jl7jJTjKMz1A/NEHDMB8GA1UdIwQY
MBaAFHHlgvN/QWSYwYtmJI3rzPIkGrx2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mZDllYTAtODM1Ny00NThiLWI1OTYt
OWYzNGY2NzE2MjU5LzEvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mZDllYTAtODM1Ny00NThiLWI1OTYtOWYzNGY2NzE2MjU5
LzEvY2VXQzgzOUJaSmpCaTJZa2pldk04aVFhdkhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhwn9HOB
1KSThAALgzcefdIKezYG52vBsVytta/y2mX0P50O+I8TPxCAhJCQGVdUplyyA8au
bIBWuab8+OgbgMUB3Aq8IOGs4GB6RRhUQo+Sh5+xmP7OGAXUpm9aY7b5nhp2Vp2k
Dr3Y3Gp8P1VCSlLqvEQRycdoMJvnAKEYkE7PqZ1sKHonncsUU/SxL9Y0dM45sBWq
CjQr+lykkpST8cnqu5L4I95CQCuot25pvDGOfZf5E8PA/1YVyxgtT5OLRcbNXyrG
wbHu8PCOidUqZzLW4Eq5nqnzSOEGP1nxVau/2grO8U2JveJm+vSzJn0p9CbEupEU
25ie6uXbZQ/7Gw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:53 2025 by rpki-client