Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier: HttjTmMWst4g2RPPc71qaDTDLXTn2xrdgoMXWN278h0=
Subject key identifier: 81:5A:98:5B:F6:E2:88:53:CE:81:EF:34:60:92:B6:13:4A:33:BB:36
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138
Certificate serial: 019679B1FF638DC487E9784C2D16C590CEB9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number: 0316
Signing time: Mon 28 Apr 2025 00:00:30 +0000
Manifest this update: Mon 28 Apr 2025 00:00:30 +0000
Manifest next update: Tue 29 Apr 2025 00:00:30 +0000
Files and hashes: 1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: 4gHJ+2QB/XPHXMQrmrJo4Jw9J3PYauR7B2zoVwz4ELY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:b1:ff:63:8d:c4:87:e9:78:4c:2d:16:c5:90:ce:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a041670001660a3720b77d764d836852190138
Validity
Not Before: Apr 28 00:00:30 2025 GMT
Not After : Apr 29 00:00:30 2025 GMT
Subject: CN=815a985bf6e28853ce81ef346092b6134a33bb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:86:89:ad:b9:5a:11:a3:2f:84:b4:6d:ae:2e:
f3:ad:e1:45:c0:6c:bb:e7:64:37:e0:81:ad:33:9e:
d0:ad:9e:ec:d0:be:07:41:67:e1:37:22:d7:5f:61:
85:6e:8a:e3:57:10:c1:47:08:45:90:3a:26:67:18:
23:46:d5:46:35:c6:4e:cf:d3:e6:60:6d:d2:04:12:
07:70:0f:aa:cf:ca:5e:28:89:dd:55:b7:c9:0b:36:
29:dc:bf:35:be:fa:b7:03:07:04:25:4e:44:42:ba:
31:27:f9:0d:10:df:a9:96:47:67:cc:59:c2:85:fc:
37:54:ca:3f:2d:fb:a9:3b:0d:44:9e:9d:23:e5:45:
31:32:cb:68:b0:8c:07:b9:1b:a1:4b:a1:c4:72:85:
83:42:7f:60:97:da:d0:d0:57:5b:57:51:82:13:09:
b3:13:f6:3d:e1:02:04:86:27:a3:23:cc:f4:32:33:
cf:62:4d:17:ae:bd:83:ee:b4:7d:ac:b8:02:c9:4f:
08:ec:00:0d:dd:6b:67:1d:9e:78:c0:ca:16:3b:a5:
1a:d7:54:7f:db:a3:98:ac:de:32:53:0b:ce:de:33:
78:13:19:0f:c0:47:84:82:f5:b5:dc:68:f2:d4:c4:
60:f4:a1:9c:20:20:1b:50:59:6b:df:27:f6:1c:fc:
4e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5A:98:5B:F6:E2:88:53:CE:81:EF:34:60:92:B6:13:4A:33:BB:36
X509v3 Authority Key Identifier:
keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:15:e0:9f:5e:ff:99:1a:3c:dc:71:78:8a:ec:1f:2e:f9:50:
ea:1f:a0:53:2c:5a:85:0f:3f:c0:69:ce:5d:37:ca:2a:38:52:
dc:35:14:89:d6:a4:33:71:de:7c:70:0b:b7:97:26:1e:18:e1:
08:98:db:f7:45:1d:9e:b8:2e:a2:b4:03:26:12:47:85:00:d3:
da:c6:b1:f2:11:38:dd:fc:eb:5c:ef:be:bd:20:e7:02:24:ac:
d7:be:98:38:7a:6d:14:ff:38:5b:87:ab:6d:6f:5b:f4:d6:fe:
62:27:8c:b0:83:bd:24:17:1b:59:d8:db:fc:de:38:0e:2b:6a:
10:8a:80:dc:4e:7b:e2:5e:92:a7:ec:aa:27:97:8e:3a:39:65:
38:5b:36:3f:e5:f6:df:fe:ca:4d:04:92:2f:26:d2:be:d3:76:
a7:d8:b6:5a:b7:b9:ae:f9:e6:8a:7d:65:82:63:06:89:b9:30:
e9:7b:bb:4a:eb:bc:c0:f5:8d:6f:dd:a5:d9:25:f5:8f:cc:c3:
4f:69:93:d3:d1:2b:12:6c:90:34:3a:7b:38:35:3f:e4:69:00:
9d:77:3c:5a:c2:86:9f:3d:26:d0:86:69:4e:ae:67:4d:a7:4a:
0b:0d:48:6c:6d:fe:f4:a5:c7:c6:ca:fd:8c:3c:f6:d1:9b:b5:
08:a5:c8:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5sf9jjcSH6XhMLRbFkM65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUwNDI4MDAwMDMwWhcNMjUwNDI5MDAwMDMwWjAzMTEwLwYDVQQD
Eyg4MTVhOTg1YmY2ZTI4ODUzY2U4MWVmMzQ2MDkyYjYxMzRhMzNiYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4aJrblaEaMvhLRtri7zreFFwGy7
52Q34IGtM57QrZ7s0L4HQWfhNyLXX2GFborjVxDBRwhFkDomZxgjRtVGNcZOz9Pm
YG3SBBIHcA+qz8peKIndVbfJCzYp3L81vvq3AwcEJU5EQroxJ/kNEN+plkdnzFnC
hfw3VMo/LfupOw1Enp0j5UUxMstosIwHuRuhS6HEcoWDQn9gl9rQ0FdbV1GCEwmz
E/Y94QIEhiejI8z0MjPPYk0Xrr2D7rR9rLgCyU8I7AAN3WtnHZ54wMoWO6Ua11R/
26OYrN4yUwvO3jN4ExkPwEeEgvW13Gjy1MRg9KGcICAbUFlr3yf2HPxOiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFamFv24ohTzoHvNGCSthNKM7s2MB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuRXgn17/
mRo83HF4iuwfLvlQ6h+gUyxahQ8/wGnOXTfKKjhS3DUUidakM3HefHALt5cmHhjh
CJjb90UdnrguorQDJhJHhQDT2sax8hE43fzrXO++vSDnAiSs176YOHptFP84W4er
bW9b9Nb+YieMsIO9JBcbWdjb/N44DitqEIqA3E574l6Sp+yqJ5eOOjllOFs2P+X2
3/7KTQSSLybSvtN2p9i2Wre5rvnmin1lgmMGibkw6Xu7Suu8wPWNb92l2SX1j8zD
T2mT09ErEmyQNDp7ODU/5GkAnXc8WsKGnz0m0IZpTq5nTadKCw1IbG3+9KXHxsr9
jDz20Zu1CKXIxg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:44:53 2025 by rpki-client