Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
File: aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft (raw, json)
Hash identifier: B3BAj+PlQ6TfumNBOgQL7p3wOhfGoK5E3UK+yMt2s8Y=
Subject key identifier: 4B:0E:B7:D4:39:AC:FA:C0:01:5D:5C:65:93:00:F6:F7:6D:BF:6F:AF
Authority key identifier: 68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71
Certificate issuer: /CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71
Certificate serial: 019680C72C352AD97E5613C0B62C9F1B2B4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
Manifest number: 03D2
Signing time: Tue 29 Apr 2025 09:00:58 +0000
Manifest this update: Tue 29 Apr 2025 09:00:58 +0000
Manifest next update: Wed 30 Apr 2025 09:00:58 +0000
Files and hashes: 1: _JvLFko-VE6xKiGlbuB2muI8saM.roa (hash: HfNiYuKiOBxtsDuKseMg0vsItOa/ALnz5nrDh9CeinE=)
2: aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl (hash: pzGSMD+2oMpDtOc24OrUu7+X8z6kmdLrTOfILu2DTpY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:c7:2c:35:2a:d9:7e:56:13:c0:b6:2c:9f:1b:2b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71
Validity
Not Before: Apr 29 09:00:58 2025 GMT
Not After : Apr 30 09:00:58 2025 GMT
Subject: CN=4b0eb7d439acfac0015d5c659300f6f76dbf6faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:51:e1:8b:7a:72:7f:33:d8:d4:75:0f:85:e8:
15:c8:dd:a3:27:64:ac:6d:b6:17:a1:b9:ea:ec:f5:
59:1b:13:a6:50:24:34:45:2c:5a:30:c3:e1:95:5d:
a9:aa:4c:45:43:37:fd:a2:f2:b7:be:b2:c3:9f:37:
fb:23:a8:24:32:13:bf:5f:c8:3e:6c:0e:af:52:ac:
aa:ef:5c:fc:11:c3:2b:28:c6:d6:5f:84:92:cb:3c:
3f:7e:a2:7c:64:9f:71:7d:7b:33:b2:b4:c0:ee:85:
b8:6c:45:5d:48:2e:6c:13:95:d0:6d:f0:79:83:e4:
a6:94:c7:73:2d:b0:65:62:a8:6f:f9:1d:66:3f:3f:
87:20:5e:b1:24:90:84:40:64:8d:01:35:26:c2:06:
54:f1:7a:a6:d4:75:64:60:db:33:b1:74:de:67:f6:
ec:96:60:d1:31:da:da:d5:53:11:ad:3b:f9:97:eb:
7e:25:e2:a5:55:00:65:d7:44:38:67:86:7f:e2:bc:
53:be:ef:a8:82:9b:51:20:8a:42:ae:64:83:57:05:
d9:42:25:d5:bd:c0:f1:e6:bc:76:21:bf:d5:5a:db:
dc:25:1b:c8:df:19:f0:ca:e7:e9:e6:67:2f:77:c8:
86:d7:f5:ff:ee:74:87:36:32:c2:19:e5:9c:54:c7:
71:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0E:B7:D4:39:AC:FA:C0:01:5D:5C:65:93:00:F6:F7:6D:BF:6F:AF
X509v3 Authority Key Identifier:
keyid:68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:c2:d5:2d:0c:19:5f:21:ba:dd:af:bd:b3:3e:e2:87:c6:fe:
7a:28:49:b2:68:a8:7c:a3:72:02:89:36:70:b8:72:b3:e2:e0:
1e:a6:3a:94:b3:42:61:75:d7:f3:3e:9a:2a:78:2d:18:db:19:
7c:7d:c3:4b:39:ca:db:c0:8c:4a:d7:4f:cd:e6:63:3d:a5:8b:
b9:90:dd:04:ff:4c:ae:f9:3c:cf:2c:fa:b6:a5:4d:60:0f:33:
90:09:02:0f:30:77:65:91:9d:99:ef:4d:ce:65:6d:14:94:b2:
fa:be:74:21:53:af:26:9c:b8:43:e8:30:c1:93:f4:f5:2e:09:
78:11:b1:a1:c7:dc:98:ae:1f:d5:7c:e7:63:4b:56:2c:72:66:
8a:97:70:56:d0:0c:51:17:52:4a:e3:9a:1f:8a:1f:a1:0b:4f:
fe:e7:48:da:2d:b2:7e:52:39:09:af:e6:02:be:47:7a:9f:4c:
1a:60:c8:4f:7c:53:70:28:12:ff:c6:5c:99:ff:26:96:f1:74:
ad:86:ef:3f:e1:78:7e:e4:3f:44:55:f8:5c:ea:81:3a:bf:da:
8e:51:71:31:c7:da:b9:df:f8:92:f6:54:ce:37:ee:6e:12:7b:
1a:3b:94:9e:db:3e:a2:97:34:7d:a9:2e:7c:e9:f6:fe:37:86:
d7:30:6f:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAxyw1Ktl+VhPAtiyfGytMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjgzZTJhMzQxNDVhZDQ3ZTBjYzJiM2M3OWZjNjMxMmJh
ZTJjNzEwHhcNMjUwNDI5MDkwMDU4WhcNMjUwNDMwMDkwMDU4WjAzMTEwLwYDVQQD
Eyg0YjBlYjdkNDM5YWNmYWMwMDE1ZDVjNjU5MzAwZjZmNzZkYmY2ZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolHhi3pyfzPY1HUPhegVyN2jJ2Ss
bbYXobnq7PVZGxOmUCQ0RSxaMMPhlV2pqkxFQzf9ovK3vrLDnzf7I6gkMhO/X8g+
bA6vUqyq71z8EcMrKMbWX4SSyzw/fqJ8ZJ9xfXszsrTA7oW4bEVdSC5sE5XQbfB5
g+SmlMdzLbBlYqhv+R1mPz+HIF6xJJCEQGSNATUmwgZU8Xqm1HVkYNszsXTeZ/bs
lmDRMdra1VMRrTv5l+t+JeKlVQBl10Q4Z4Z/4rxTvu+ogptRIIpCrmSDVwXZQiXV
vcDx5rx2Ib/VWtvcJRvI3xnwyufp5mcvd8iG1/X/7nSHNjLCGeWcVMdxFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsOt9Q5rPrAAV1cZZMA9vdtv2+vMB8GA1UdIwQY
MBaAFGj4Pio0FFrUfgzCs8efxjErrixxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQt
NzkyODAyYzQzOTI1LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQtNzkyODAyYzQzOTI1
LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR8LVLQwZ
XyG63a+9sz7ih8b+eihJsmiofKNyAok2cLhys+LgHqY6lLNCYXXX8z6aKngtGNsZ
fH3DSznK28CMStdPzeZjPaWLuZDdBP9Mrvk8zyz6tqVNYA8zkAkCDzB3ZZGdme9N
zmVtFJSy+r50IVOvJpy4Q+gwwZP09S4JeBGxocfcmK4f1XznY0tWLHJmipdwVtAM
URdSSuOaH4ofoQtP/udI2i2yflI5Ca/mAr5Hep9MGmDIT3xTcCgS/8Zcmf8mlvF0
rYbvP+F4fuQ/RFX4XOqBOr/ajlFxMcfaud/4kvZUzjfubhJ7GjuUnts+opc0faku
fOn2/jeG1zBv3g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 14:32:45 2025 by rpki-client