Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
File: NgHDzOanHKshpLut8KuE3ePyurI.mft (raw, json)
Hash identifier: DsqYgZLnOhukfcU0gpHs/piunSdmUYcmvysG2l+6Acg=
Subject key identifier: 39:78:79:4D:A6:E5:93:23:02:63:3A:A3:C7:65:E7:29:0D:46:9B:21
Authority key identifier: 36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
Certificate issuer: /CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Certificate serial: 0196515AD2ED95A4FFF2A11477B4D9399DD5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
Manifest number: 14FF
Signing time: Sun 20 Apr 2025 04:00:28 +0000
Manifest this update: Sun 20 Apr 2025 04:00:28 +0000
Manifest next update: Mon 21 Apr 2025 04:00:28 +0000
Files and hashes: 1: Mk7YYF4o9LB74wKwKgBbcKzvyH8.roa (hash: OCqXIpcMD6jOp7DHnSx2liWfa4cjdFDkG92oQWOUUNo=)
2: NgHDzOanHKshpLut8KuE3ePyurI.crl (hash: 9UsEvzSnk+8ROOhTKSw+Sw5sy2cCK4/ffSETgR5XkpQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:5a:d2:ed:95:a4:ff:f2:a1:14:77:b4:d9:39:9d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3601c3cce6a71cab21a4bbadf0ab84dde3f2bab2
Validity
Not Before: Apr 20 04:00:28 2025 GMT
Not After : Apr 21 04:00:28 2025 GMT
Subject: CN=3978794da6e5932302633aa3c765e7290d469b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:84:a2:60:3b:a6:0b:c9:ad:bb:bd:96:67:dd:
26:8c:f2:d9:1c:15:f1:25:dd:2e:c6:cc:1f:09:19:
b2:f2:c8:77:a6:21:d7:17:d3:56:0b:16:5b:b5:86:
08:77:5d:f7:d6:32:c8:30:39:a0:b4:11:24:e2:18:
c2:cc:fe:d9:a1:38:93:be:3e:16:82:ec:1a:3e:0b:
05:87:e9:09:ed:57:a4:26:25:5e:f6:72:5f:c4:b6:
77:c6:1b:e9:f0:75:7a:49:cf:e4:b4:d2:50:dc:61:
af:35:98:8a:35:b8:fc:50:91:c7:21:f2:b0:58:6c:
e7:51:b6:d8:9c:ec:70:2e:e3:1c:51:0e:c3:96:d0:
a6:8c:0c:8f:ca:47:9b:71:bd:da:12:3c:4e:66:5a:
35:10:c2:f4:62:c3:dd:d2:fc:0a:98:7a:30:84:6b:
f0:b8:57:66:77:bb:f9:45:b1:5d:b8:fd:8b:5e:c3:
37:86:25:4d:4f:df:4a:0d:05:f0:a1:6b:b2:33:bc:
14:32:10:eb:26:58:e3:bd:fc:a3:c5:5f:0d:7a:bc:
e6:0d:d0:fd:9f:4b:f0:ff:78:d6:05:9d:1a:de:94:
ac:07:1d:0a:a0:40:ba:38:64:cd:a9:ea:bd:71:19:
6d:aa:a4:e6:a7:e6:7f:ad:68:8d:f4:33:0d:ac:22:
2b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:78:79:4D:A6:E5:93:23:02:63:3A:A3:C7:65:E7:29:0D:46:9B:21
X509v3 Authority Key Identifier:
keyid:36:01:C3:CC:E6:A7:1C:AB:21:A4:BB:AD:F0:AB:84:DD:E3:F2:BA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgHDzOanHKshpLut8KuE3ePyurI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0f0a01-0cc4-4efc-9dd5-801ef38dea9c/1/NgHDzOanHKshpLut8KuE3ePyurI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:f6:75:15:04:da:0e:a6:51:01:a4:e7:db:eb:9d:2e:85:d6:
0f:68:62:4d:2c:55:89:96:ff:f7:a6:95:33:e0:f8:5f:23:3e:
8f:0e:96:59:a0:01:54:d4:c5:11:3a:f7:e0:52:b6:4d:2a:1a:
28:82:c5:33:07:20:37:32:94:fd:e1:90:77:56:a3:25:38:6b:
da:2b:5f:bb:ec:7a:31:05:8f:f2:15:11:9b:63:7d:b9:5a:7b:
6b:c2:30:09:ec:e8:5e:4a:20:48:f0:be:17:5c:79:22:be:f8:
df:4c:7f:4f:3c:43:62:02:f9:0e:a7:cf:81:7f:fa:17:92:17:
65:a0:aa:5b:28:d9:29:c9:3b:3a:fd:0b:91:03:21:03:49:ee:
4e:bb:9c:f1:1c:eb:a2:6e:fd:f4:6e:c4:c3:78:92:05:7a:0e:
7a:33:66:3d:28:66:4f:ea:01:9d:0b:4d:63:b8:33:48:6e:0b:
fa:e6:fa:fd:a6:22:32:72:0c:ca:e5:8f:4d:a6:ed:1c:97:0b:
4f:38:39:d9:c0:b7:b4:e4:cc:b7:6f:72:e2:d2:bf:92:e1:61:
60:0b:04:4f:85:28:24:ae:4c:24:de:d9:21:37:81:ea:69:28:
95:e5:8d:e8:74:af:fa:32:b3:99:50:08:59:d0:0a:f4:ba:2d:
b0:5d:a3:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRWtLtlaT/8qEUd7TZOZ3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MDFjM2NjZTZhNzFjYWIyMWE0YmJhZGYwYWI4NGRkZTNm
MmJhYjIwHhcNMjUwNDIwMDQwMDI4WhcNMjUwNDIxMDQwMDI4WjAzMTEwLwYDVQQD
EygzOTc4Nzk0ZGE2ZTU5MzIzMDI2MzNhYTNjNzY1ZTcyOTBkNDY5YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YSiYDumC8mtu72WZ90mjPLZHBXx
Jd0uxswfCRmy8sh3piHXF9NWCxZbtYYId1331jLIMDmgtBEk4hjCzP7ZoTiTvj4W
guwaPgsFh+kJ7VekJiVe9nJfxLZ3xhvp8HV6Sc/ktNJQ3GGvNZiKNbj8UJHHIfKw
WGznUbbYnOxwLuMcUQ7DltCmjAyPykebcb3aEjxOZlo1EML0YsPd0vwKmHowhGvw
uFdmd7v5RbFduP2LXsM3hiVNT99KDQXwoWuyM7wUMhDrJljjvfyjxV8NerzmDdD9
n0vw/3jWBZ0a3pSsBx0KoEC6OGTNqeq9cRltqqTmp+Z/rWiN9DMNrCIr5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDl4eU2m5ZMjAmM6o8dl5ykNRpshMB8GA1UdIwQY
MBaAFDYBw8zmpxyrIaS7rfCrhN3j8rqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUt
ODAxZWYzOGRlYTljLzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wZjBhMDEtMGNjNC00ZWZjLTlkZDUtODAxZWYzOGRlYTlj
LzEvTmdIRHpPYW5IS3NocEx1dDhLdUUzZVB5dXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPZ1FQTa
DqZRAaTn2+udLoXWD2hiTSxViZb/96aVM+D4XyM+jw6WWaABVNTFETr34FK2TSoa
KILFMwcgNzKU/eGQd1ajJThr2itfu+x6MQWP8hURm2N9uVp7a8IwCezoXkogSPC+
F1x5Ir7430x/TzxDYgL5DqfPgX/6F5IXZaCqWyjZKck7Ov0LkQMhA0nuTruc8Rzr
om799G7Ew3iSBXoOejNmPShmT+oBnQtNY7gzSG4L+ub6/aYiMnIMyuWPTabtHJcL
Tzg52cC3tOTMt29y4tK/kuFhYAsET4UoJK5MJN7ZITeB6mkoleWN6HSv+jKzmVAI
WdAK9LotsF2jQw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:23 2025 by rpki-client