Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
File: I3_mTWhI-AEgq-aV4x-sScpdB_M.mft (raw, json)
Hash identifier: 5nbNkFn2lg6lvvZmZximKk+a+QWsjyGIaZOl9bU5TVA=
Subject key identifier: A2:3E:D6:D7:C1:DC:39:F6:F4:61:92:C5:6B:CC:28:AB:91:33:03:C8
Authority key identifier: 23:7F:E6:4D:68:48:F8:01:20:AB:E6:95:E3:1F:AC:49:CA:5D:07:F3
Certificate issuer: /CN=237fe64d6848f80120abe695e31fac49ca5d07f3
Certificate serial: 01967A5694CBA13BC38E44DFCA7A4417EAED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3_mTWhI-AEgq-aV4x-sScpdB_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
Manifest number: 0210
Signing time: Mon 28 Apr 2025 03:00:16 +0000
Manifest this update: Mon 28 Apr 2025 03:00:16 +0000
Manifest next update: Tue 29 Apr 2025 03:00:16 +0000
Files and hashes: 1: FR-DdZ6l_dWRg1pnEEZHKy-TtaU.roa (hash: rix3FP+IdraYXi5amLMY1G7LW1GF5A8pUKN7Wo60tBo=)
2: I3_mTWhI-AEgq-aV4x-sScpdB_M.crl (hash: acLkb4jT7yvl4ZpndAHVtHKfolRG6YnV04yVrD6GHmo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/I3_mTWhI-AEgq-aV4x-sScpdB_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:56:94:cb:a1:3b:c3:8e:44:df:ca:7a:44:17:ea:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237fe64d6848f80120abe695e31fac49ca5d07f3
Validity
Not Before: Apr 28 03:00:16 2025 GMT
Not After : Apr 29 03:00:16 2025 GMT
Subject: CN=a23ed6d7c1dc39f6f46192c56bcc28ab913303c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:dd:e3:a5:c3:4f:24:e8:24:6c:8a:48:90:
14:cc:78:6e:92:a6:59:86:3c:8f:7c:c3:2a:53:50:
ab:de:3f:ca:53:fe:84:0b:ce:18:4a:74:fa:10:2b:
de:95:f5:4b:5d:3d:59:6e:c1:20:56:31:f2:79:6a:
a8:71:e2:fc:0b:12:74:98:e3:ce:b6:9a:28:0f:ce:
70:90:a3:30:a2:52:b3:46:43:e0:e9:9e:59:aa:07:
fc:06:4e:dc:e4:5d:9e:95:21:96:85:d8:8a:77:ef:
75:4f:97:31:98:df:79:f1:89:f9:b1:03:15:6a:a6:
28:03:b2:1b:e5:01:48:b2:a3:ee:e3:14:0a:72:fe:
26:5d:89:66:57:2d:f0:8a:d3:db:b2:d2:ae:f1:80:
c1:f0:46:5d:ba:0a:72:c0:f6:0c:77:02:24:e9:b2:
7e:8c:7b:d3:db:ab:5f:1b:a5:2c:cc:23:d0:cb:81:
0d:6e:76:0b:7c:6c:d8:49:03:3e:30:24:44:66:39:
a1:86:88:04:94:9c:0b:c1:ed:30:52:40:65:0a:15:
51:85:b3:9d:ef:d7:8c:ff:ae:5b:b5:59:77:ef:78:
43:cc:2d:40:54:b7:c8:73:57:0f:33:56:34:6a:0c:
47:b3:b5:50:11:8e:7d:64:24:e3:62:a0:ca:d4:74:
df:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3E:D6:D7:C1:DC:39:F6:F4:61:92:C5:6B:CC:28:AB:91:33:03:C8
X509v3 Authority Key Identifier:
keyid:23:7F:E6:4D:68:48:F8:01:20:AB:E6:95:E3:1F:AC:49:CA:5D:07:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3_mTWhI-AEgq-aV4x-sScpdB_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:9d:1c:cd:99:78:81:5b:cb:b2:7f:09:be:25:c7:1a:c5:4e:
fb:eb:3e:d9:39:3f:36:56:ed:f8:a2:5a:a8:07:7f:2b:d0:a5:
66:f1:88:46:53:c3:72:d7:c5:dd:ec:77:54:3b:e9:4e:a3:3e:
b1:a4:6e:6a:2a:0b:64:3c:8b:00:c0:02:36:94:d5:39:06:6a:
45:87:df:ff:4c:12:c6:0e:4c:b5:5c:14:5b:8d:39:41:92:fa:
f8:66:bc:06:46:7a:c2:bb:ce:fb:08:37:30:c5:b7:60:02:79:
31:8e:a9:14:cd:cd:20:c7:b9:e4:ec:bf:22:6f:bc:b8:72:8b:
ce:86:51:2c:3e:49:29:e5:c5:58:0b:8d:83:f7:5c:20:26:0c:
da:f0:75:39:e8:a3:52:96:d6:98:85:47:e4:38:fe:a1:66:ae:
43:9c:aa:00:e6:48:59:b9:3b:55:1b:7c:4d:6e:9a:34:36:e4:
96:4f:f5:4c:fd:cb:9b:6d:57:a7:d5:65:6a:0a:37:50:f1:57:
d3:39:2f:80:b6:e5:f8:24:08:49:eb:5d:9d:20:76:a9:20:02:
ab:9a:03:c1:0a:26:5d:e0:1a:18:26:34:94:e6:48:50:ae:c6:
23:ff:bd:cf:c0:d2:a8:34:a8:f0:19:98:fe:26:40:9f:53:e7:
30:d7:f5:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6VpTLoTvDjkTfynpEF+rtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2ZlNjRkNjg0OGY4MDEyMGFiZTY5NWUzMWZhYzQ5Y2E1
ZDA3ZjMwHhcNMjUwNDI4MDMwMDE2WhcNMjUwNDI5MDMwMDE2WjAzMTEwLwYDVQQD
EyhhMjNlZDZkN2MxZGMzOWY2ZjQ2MTkyYzU2YmNjMjhhYjkxMzMwM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTjd46XDTyToJGyKSJAUzHhukqZZ
hjyPfMMqU1Cr3j/KU/6EC84YSnT6ECvelfVLXT1ZbsEgVjHyeWqoceL8CxJ0mOPO
tpooD85wkKMwolKzRkPg6Z5Zqgf8Bk7c5F2elSGWhdiKd+91T5cxmN958Yn5sQMV
aqYoA7Ib5QFIsqPu4xQKcv4mXYlmVy3witPbstKu8YDB8EZdugpywPYMdwIk6bJ+
jHvT26tfG6UszCPQy4ENbnYLfGzYSQM+MCREZjmhhogElJwLwe0wUkBlChVRhbOd
79eM/65btVl373hDzC1AVLfIc1cPM1Y0agxHs7VQEY59ZCTjYqDK1HTf1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKI+1tfB3Dn29GGSxWvMKKuRMwPIMB8GA1UdIwQY
MBaAFCN/5k1oSPgBIKvmleMfrEnKXQfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNfbVRXaEktQUVncS1hVjR4LXNTY3BkQl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83MGMzOWYtNTEzMS00MDAyLWIxZmMt
ZmQyMTM3MjJiZmY5LzEvSTNfbVRXaEktQUVncS1hVjR4LXNTY3BkQl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83MGMzOWYtNTEzMS00MDAyLWIxZmMtZmQyMTM3MjJiZmY5
LzEvSTNfbVRXaEktQUVncS1hVjR4LXNTY3BkQl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuJ0czZl4
gVvLsn8JviXHGsVO++s+2Tk/Nlbt+KJaqAd/K9ClZvGIRlPDctfF3ex3VDvpTqM+
saRuaioLZDyLAMACNpTVOQZqRYff/0wSxg5MtVwUW405QZL6+Ga8BkZ6wrvO+wg3
MMW3YAJ5MY6pFM3NIMe55Oy/Im+8uHKLzoZRLD5JKeXFWAuNg/dcICYM2vB1Oeij
UpbWmIVH5Dj+oWauQ5yqAOZIWbk7VRt8TW6aNDbklk/1TP3Lm21Xp9Vlago3UPFX
0zkvgLbl+CQISetdnSB2qSACq5oDwQomXeAaGCY0lOZIUK7GI/+9z8DSqDSo8BmY
/iZAn1PnMNf1SQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:07:04 2025 by rpki-client