Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json)
Hash identifier: sQEgU/PosmNQp8VF9EUuyl9/Q2/CKdTZNvM0NgNNuw0=
Subject key identifier: 17:B5:7E:3A:3A:2A:E4:4C:19:2A:69:6E:F1:91:DD:88:66:E9:73:1D
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 0196892527BC956DD0BFB55A08EA74318AEB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
Manifest number: 151B
Signing time: Thu 01 May 2025 00:00:35 +0000
Manifest this update: Thu 01 May 2025 00:00:35 +0000
Manifest next update: Fri 02 May 2025 00:00:35 +0000
Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=)
2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: +I52WazJnHejDq4j2QtVSaVmopqi+fB5CmcbgB7Z2YM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:89:25:27:bc:95:6d:d0:bf:b5:5a:08:ea:74:31:8a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: May 1 00:00:35 2025 GMT
Not After : May 2 00:00:35 2025 GMT
Subject: CN=17b57e3a3a2ae44c192a696ef191dd8866e9731d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c9:68:31:7e:6e:64:c6:2c:26:da:41:20:46:
08:67:26:72:38:22:70:57:3d:09:8d:4e:59:40:5c:
34:18:49:68:dc:26:2c:1a:fb:61:04:0b:93:83:1c:
e4:bb:ce:10:75:bb:ec:e0:89:8c:74:e3:98:b1:59:
2d:6e:1b:7c:75:ff:26:8a:65:14:fc:ee:71:31:4e:
32:b8:c1:2b:ca:79:db:ae:f8:22:e4:ae:0b:3e:d1:
02:b2:71:c1:77:e4:dd:70:af:1c:32:30:87:ca:5a:
56:7a:7c:86:0e:b1:12:7d:84:2c:46:43:0c:f8:5b:
9a:bb:13:dd:e3:9f:99:3d:b3:e5:d9:9e:ad:e8:18:
cb:18:a8:a3:7d:48:61:12:83:d4:af:a6:0b:06:88:
e3:8b:21:3c:46:d0:a0:f0:e9:83:9b:ed:25:54:b3:
d3:91:8c:d1:7d:c5:3a:cf:a7:c9:8f:58:72:e3:96:
c2:1d:fe:6d:19:c1:57:51:80:ee:ba:bb:48:65:e7:
18:b6:40:15:78:82:bb:10:dc:5e:76:c2:1f:bb:c5:
61:73:53:52:eb:c3:ee:4e:39:64:bd:71:a9:81:e0:
d0:0b:89:80:f0:08:a0:35:2c:c0:69:8e:10:fc:58:
e7:75:44:3b:95:e5:0e:6a:b1:35:05:b0:c5:0c:c1:
42:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B5:7E:3A:3A:2A:E4:4C:19:2A:69:6E:F1:91:DD:88:66:E9:73:1D
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:19:77:ee:9f:8b:f9:63:f2:02:39:c4:d6:5a:29:18:b0:a3:
1f:94:a1:40:92:58:f7:a8:60:71:be:bd:bf:25:ae:d0:4f:41:
a1:90:c8:be:45:62:de:7a:df:48:7b:c4:06:21:0b:24:3b:fc:
16:fe:93:d1:64:b1:a2:3e:21:14:1c:a6:cc:b6:89:3f:8f:59:
a9:d9:e0:13:1c:f5:5d:73:b9:b0:fc:ff:98:4a:eb:e2:89:7b:
81:ce:5b:04:6c:dd:07:87:1f:78:0a:27:b5:2b:35:43:be:f6:
5b:dc:09:1f:b6:bd:20:9e:fa:84:d6:a8:be:58:9d:cd:f9:b4:
00:a0:78:a8:a9:b3:4e:11:21:ed:eb:7c:4b:57:e5:89:dc:39:
c6:20:13:80:a5:28:41:8a:25:4e:a7:d9:ca:c0:95:7b:a9:28:
92:33:ad:99:1c:52:92:3f:0f:70:41:ad:ec:f4:67:71:be:7a:
ca:08:52:13:d2:58:0e:b8:a6:1a:32:c5:f0:1c:ed:b6:6c:c4:
e4:a7:c4:5e:14:59:84:00:03:e6:65:63:e0:7a:6b:b3:50:0d:
05:99:3c:78:c2:33:a5:dc:69:26:90:37:e6:79:62:d4:8b:c1:
89:a5:cf:60:9f:72:fb:44:44:b6:80:94:4f:f6:16:fc:31:12:
48:98:56:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJJSe8lW3Qv7VaCOp0MYrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjUwNTAxMDAwMDM1WhcNMjUwNTAyMDAwMDM1WjAzMTEwLwYDVQQD
EygxN2I1N2UzYTNhMmFlNDRjMTkyYTY5NmVmMTkxZGQ4ODY2ZTk3MzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcloMX5uZMYsJtpBIEYIZyZyOCJw
Vz0JjU5ZQFw0GElo3CYsGvthBAuTgxzku84Qdbvs4ImMdOOYsVktbht8df8mimUU
/O5xMU4yuMErynnbrvgi5K4LPtECsnHBd+TdcK8cMjCHylpWenyGDrESfYQsRkMM
+FuauxPd45+ZPbPl2Z6t6BjLGKijfUhhEoPUr6YLBojjiyE8RtCg8OmDm+0lVLPT
kYzRfcU6z6fJj1hy45bCHf5tGcFXUYDuurtIZecYtkAVeIK7ENxedsIfu8Vhc1NS
68PuTjlkvXGpgeDQC4mA8AigNSzAaY4Q/FjndUQ7leUOarE1BbDFDMFCHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBe1fjo6KuRMGSppbvGR3Yhm6XMdMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXhl37p+L
+WPyAjnE1lopGLCjH5ShQJJY96hgcb69vyWu0E9BoZDIvkVi3nrfSHvEBiELJDv8
Fv6T0WSxoj4hFBymzLaJP49ZqdngExz1XXO5sPz/mErr4ol7gc5bBGzdB4cfeAon
tSs1Q772W9wJH7a9IJ76hNaovlidzfm0AKB4qKmzThEh7et8S1flidw5xiATgKUo
QYolTqfZysCVe6kokjOtmRxSkj8PcEGt7PRncb56yghSE9JYDrimGjLF8BzttmzE
5KfEXhRZhAAD5mVj4Hprs1ANBZk8eMIzpdxpJpA35nli1IvBiaXPYJ9y+0REtoCU
T/YW/DESSJhWPw==
-----END CERTIFICATE-----
Generated at Thu May 1 07:55:26 2025 by rpki-client