Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json)
Hash identifier: /tifwMFMyqT1LPbA8W2PiRyjVgmNKuCneFOOI5p0mFk=
Subject key identifier: 26:52:C5:3D:66:E9:95:CE:28:4A:0E:B1:B4:18:9B:1A:2C:45:4E:29
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 6F9F6DA227C4301C37CCBED6C7DCF72BC196AC73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
Manifest number: 0254
Signing time: Fri 04 Apr 2025 19:30:42 +0000
Manifest this update: Fri 04 Apr 2025 19:25:42 +0000
Manifest next update: Sat 05 Apr 2025 22:26:42 +0000
Files and hashes: 1: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: AMOOReO25pB/UyWle0jkXv+B6m1MTNWZ4+1w+73+7MY=)
2: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: DlDg6XlRN9J+SzrQ04UeNiAaRsgeCIHMxiHt7iAeWug=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:9f:6d:a2:27:c4:30:1c:37:cc:be:d6:c7:dc:f7:2b:c1:96:ac:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Apr 4 19:25:42 2025 GMT
Not After : Apr 5 22:26:42 2025 GMT
Subject: CN=2652C53D66E995CE284A0EB1B4189B1A2C454E29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0a:fe:e4:95:0e:e9:dc:e4:61:5c:07:6c:ea:
c0:48:43:b9:6e:ca:99:fa:77:e2:fb:08:7e:50:96:
d9:69:28:8f:b9:38:2b:93:65:d7:de:73:44:58:ba:
88:8f:d8:fa:91:07:61:db:a8:81:8f:54:51:20:82:
d2:1d:62:78:e6:c7:ec:44:7c:f8:0c:6d:c4:0e:7f:
fd:d9:df:36:cc:d5:5b:23:f5:7c:42:3e:48:0a:85:
fd:19:90:26:f8:b1:75:d5:28:e4:0d:3d:e8:65:10:
a8:c9:42:79:f9:88:44:b3:88:ac:d3:83:1d:15:08:
5a:8b:e3:52:c3:20:c1:48:06:e1:1e:db:04:29:58:
6b:57:cc:c2:58:a8:24:29:15:39:0e:ac:52:fb:c2:
be:99:fa:7c:fb:88:c3:c5:cc:0b:3c:1b:35:30:f4:
c0:b2:21:52:a1:4b:73:11:ca:b7:8e:6b:e9:4b:de:
79:77:39:2a:61:b5:4e:ca:73:c2:60:bc:5f:d9:32:
99:15:e5:51:fd:d8:72:2a:4b:8c:9a:e4:87:2c:37:
64:ba:44:53:91:9b:75:ae:d2:e0:bb:16:5a:1e:5f:
92:bb:be:98:a6:de:45:fe:f2:fe:27:e6:0f:f9:47:
85:f0:8b:25:d0:c3:4f:77:58:59:18:20:10:7a:c1:
b9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:52:C5:3D:66:E9:95:CE:28:4A:0E:B1:B4:18:9B:1A:2C:45:4E:29
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:25:88:c0:bf:8a:ed:9b:06:74:22:76:0b:69:0f:3b:33:76:
5b:cc:e9:aa:70:df:e2:33:b8:07:1f:49:c6:71:af:8c:0d:08:
89:12:cb:e5:1c:33:60:92:d6:e7:fa:99:49:9b:b8:8b:5a:79:
b5:f4:f0:2f:ed:33:8c:66:99:0a:6e:22:26:58:51:5c:2c:72:
c0:f3:66:9a:a7:17:64:b3:06:42:02:ce:c5:3f:c7:b6:9e:59:
4b:9b:fd:c2:35:6f:40:25:7e:bc:c9:15:21:9f:98:4a:8f:28:
32:7e:7e:7d:ff:f7:b5:0e:5d:12:fc:6f:86:f6:e9:45:2a:70:
aa:3d:7f:a3:25:3b:f0:ce:bb:5c:73:41:71:f3:4f:90:61:7d:
f5:a9:6d:b0:f7:2b:4c:d2:b9:cb:c7:c2:0d:84:37:11:fe:79:
f8:46:72:15:e7:75:32:3a:18:d4:11:d6:21:f8:47:0b:2f:28:
ae:a0:f5:56:73:7c:17:de:f3:fe:c2:49:46:35:32:b0:11:78:
a2:b6:5c:e7:f8:98:dd:f0:58:0d:7a:30:43:8a:99:77:e5:2f:
89:82:84:52:21:d9:92:7c:ac:41:f3:cd:64:f9:82:8b:9f:e0:
c7:d9:94:8d:f5:43:28:27:29:a9:ff:46:68:8c:84:24:2f:92:
d1:2a:39:72
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUb59toifEMBw3zL7Wx9z3K8GWrHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNTA0MDQxOTI1NDJaFw0yNTA0MDUyMjI2NDJaMDMxMTAvBgNV
BAMTKDI2NTJDNTNENjZFOTk1Q0UyODRBMEVCMUI0MTg5QjFBMkM0NTRFMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFCv7klQ7p3ORhXAds6sBIQ7lu
ypn6d+L7CH5QltlpKI+5OCuTZdfec0RYuoiP2PqRB2HbqIGPVFEggtIdYnjmx+xE
fPgMbcQOf/3Z3zbM1Vsj9XxCPkgKhf0ZkCb4sXXVKOQNPehlEKjJQnn5iESziKzT
gx0VCFqL41LDIMFIBuEe2wQpWGtXzMJYqCQpFTkOrFL7wr6Z+nz7iMPFzAs8GzUw
9MCyIVKhS3MRyreOa+lL3nl3OSphtU7Kc8JgvF/ZMpkV5VH92HIqS4ya5IcsN2S6
RFORm3Wu0uC7FloeX5K7vpim3kX+8v4n5g/5R4XwiyXQw093WFkYIBB6wbmzAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUJlLFPWbplc4oSg6xtBibGixFTikwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k
NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy
ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSWIwL+K7ZsGdCJ2C2kP
OzN2W8zpqnDf4jO4Bx9JxnGvjA0IiRLL5RwzYJLW5/qZSZu4i1p5tfTwL+0zjGaZ
Cm4iJlhRXCxywPNmmqcXZLMGQgLOxT/Htp5ZS5v9wjVvQCV+vMkVIZ+YSo8oMn5+
ff/3tQ5dEvxvhvbpRSpwqj1/oyU78M67XHNBcfNPkGF99altsPcrTNK5y8fCDYQ3
Ef55+EZyFed1MjoY1BHWIfhHCy8orqD1VnN8F97z/sJJRjUysBF4orZc5/iY3fBY
DXowQ4qZd+UviYKEUiHZknysQfPNZPmCi5/gx9mUjfVDKCcpqf9GaIyEJC+S0So5
cg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:49:39 2025 by rpki-client