Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json)
Hash identifier: XBY69qgEYSkOzHsR2Tn7DtopblVHXwjuS7LiZD5gmEQ=
Subject key identifier: 60:3F:FB:DE:E7:A9:52:FF:95:52:F4:76:6A:98:D5:36:F9:98:FF:8F
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial: 019655A58C69AB6568AFF89F7C6FC536A77D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
Manifest number: 0541
Signing time: Mon 21 Apr 2025 00:00:34 +0000
Manifest this update: Mon 21 Apr 2025 00:00:34 +0000
Manifest next update: Tue 22 Apr 2025 00:00:34 +0000
Files and hashes: 1: 1-zGyc8-sNFoNd9jrRwy0ohv-lr8.roa (hash: X6damPmptp3XphV2HfGbEnZgUQ5Ok8UVDdDjwWdsAA0=)
2: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: ut40y0XL6PYMWmRvDMDLkT+zwYJCiLF6cNe1FX/xf+c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:55:a5:8c:69:ab:65:68:af:f8:9f:7c:6f:c5:36:a7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Validity
Not Before: Apr 21 00:00:34 2025 GMT
Not After : Apr 22 00:00:34 2025 GMT
Subject: CN=603ffbdee7a952ff9552f4766a98d536f998ff8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:67:05:f0:7e:88:15:39:23:3d:6e:1a:0b:91:
ca:71:97:b9:e3:94:c9:01:1c:39:a4:64:64:97:e9:
11:ed:27:18:ac:03:dd:70:3e:8f:1d:ec:62:71:c6:
ef:f4:1e:c5:ec:76:c3:74:6e:93:40:ef:5a:55:e8:
7e:bc:e3:f2:be:b9:96:5c:10:88:5e:ea:e6:07:6a:
c2:41:50:2c:cf:59:df:cc:f9:dc:cf:0a:c4:b0:12:
8c:7b:17:af:76:ce:1c:4a:d0:c4:22:eb:48:29:0f:
29:88:cd:01:03:6c:7d:e7:dc:bb:0f:a7:e3:ce:d2:
e6:60:0e:e4:0b:5b:ff:47:c0:14:d2:47:9f:5f:0f:
f1:35:b3:39:b9:ae:b3:c0:da:7f:e6:79:f9:3f:2a:
f5:e3:02:cf:8a:da:a6:61:fb:1d:8a:5b:92:f8:f5:
cc:e9:10:8f:29:c8:ec:6b:66:84:dc:5d:0d:32:af:
73:b7:14:b5:8c:14:b5:4d:10:7c:b4:f5:c3:f3:f6:
7c:a2:0e:a2:20:39:d6:f9:38:60:13:41:f1:79:2e:
51:10:dd:30:ac:15:ac:f8:06:ad:05:67:65:90:cc:
3f:99:ce:4b:a1:69:11:82:a8:de:a8:1b:24:3d:8c:
2d:4f:85:b5:89:ec:e0:a5:5e:76:32:64:c8:4b:f3:
5a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3F:FB:DE:E7:A9:52:FF:95:52:F4:76:6A:98:D5:36:F9:98:FF:8F
X509v3 Authority Key Identifier:
keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:50:4e:01:fd:da:eb:c7:ef:19:42:91:43:7f:59:ac:c6:94:
07:e8:4f:b9:5b:cd:8f:6a:71:fe:64:fc:22:85:21:35:a5:23:
01:07:ac:da:3e:80:17:b1:2c:ad:bc:00:c7:97:66:ba:9a:4f:
07:87:1d:52:9c:98:aa:e4:24:f5:c7:1a:c1:87:c3:98:f6:4d:
76:89:96:89:21:8b:ec:c4:90:b5:71:b4:82:af:72:b4:30:a1:
11:b6:0f:5e:57:d0:72:60:0b:84:78:67:08:c0:fd:74:42:95:
0b:3e:0b:12:22:30:c9:64:56:b7:96:55:73:ba:74:c8:53:dc:
7d:c3:a7:9e:85:9c:8f:c5:92:a9:06:3d:a6:77:62:7f:6e:61:
39:d5:bf:4c:0c:89:e7:c3:e6:d7:2d:f5:13:63:74:c9:96:2d:
bd:a6:31:b3:3f:2b:25:6e:47:9c:9b:46:dc:2a:91:e4:02:46:
2b:c3:bf:21:a5:22:ce:49:01:da:49:20:a7:14:99:0b:14:77:
ee:ca:21:ed:6e:22:c8:7e:d7:a8:66:d4:29:69:c4:94:cb:73:
57:c4:c7:10:af:96:71:07:b3:bf:9d:94:14:9a:86:72:9c:2f:
f8:24:eb:8b:fb:fd:af:21:44:64:15:33:cf:be:29:ee:31:02:
67:9b:e9:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpYxpq2Vor/iffG/FNqd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjUwNDIxMDAwMDM0WhcNMjUwNDIyMDAwMDM0WjAzMTEwLwYDVQQD
Eyg2MDNmZmJkZWU3YTk1MmZmOTU1MmY0NzY2YTk4ZDUzNmY5OThmZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmcF8H6IFTkjPW4aC5HKcZe545TJ
ARw5pGRkl+kR7ScYrAPdcD6PHexiccbv9B7F7HbDdG6TQO9aVeh+vOPyvrmWXBCI
XurmB2rCQVAsz1nfzPnczwrEsBKMexevds4cStDEIutIKQ8piM0BA2x959y7D6fj
ztLmYA7kC1v/R8AU0kefXw/xNbM5ua6zwNp/5nn5Pyr14wLPitqmYfsdiluS+PXM
6RCPKcjsa2aE3F0NMq9ztxS1jBS1TRB8tPXD8/Z8og6iIDnW+ThgE0HxeS5REN0w
rBWs+AatBWdlkMw/mc5LoWkRgqjeqBskPYwtT4W1iezgpV52MmTIS/NaHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGA/+97nqVL/lVL0dmqY1Tb5mP+PMB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVBOAf3a
68fvGUKRQ39ZrMaUB+hPuVvNj2px/mT8IoUhNaUjAQes2j6AF7EsrbwAx5dmuppP
B4cdUpyYquQk9ccawYfDmPZNdomWiSGL7MSQtXG0gq9ytDChEbYPXlfQcmALhHhn
CMD9dEKVCz4LEiIwyWRWt5ZVc7p0yFPcfcOnnoWcj8WSqQY9pndif25hOdW/TAyJ
58Pm1y31E2N0yZYtvaYxsz8rJW5HnJtG3CqR5AJGK8O/IaUizkkB2kkgpxSZCxR3
7soh7W4iyH7XqGbUKWnElMtzV8THEK+WcQezv52UFJqGcpwv+CTri/v9ryFEZBUz
z74p7jECZ5vpfw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:40:43 2025 by rpki-client