Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b0c402-e09e-4c69-acc9-84da62066e8a/1/Am1RHOOvkMTWAcfM-DYFI3E-LJA.mft
File: Am1RHOOvkMTWAcfM-DYFI3E-LJA.mft (raw, json)
Hash identifier: MVBVO0VfAz/OoKOEykbdxrHq5D46XLnfYTY55+OVE88=
Subject key identifier: A3:FF:03:5C:B0:7E:E6:3D:52:FE:FD:C4:47:7E:98:57:BD:C4:08:82
Authority key identifier: 02:6D:51:1C:E3:AF:90:C4:D6:01:C7:CC:F8:36:05:23:71:3E:2C:90
Certificate issuer: /CN=026d511ce3af90c4d601c7ccf8360523713e2c90
Certificate serial: 01968390BD50B9D3F14B325BB2FAB02A7FD3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Am1RHOOvkMTWAcfM-DYFI3E-LJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b0c402-e09e-4c69-acc9-84da62066e8a/1/Am1RHOOvkMTWAcfM-DYFI3E-LJA.mft
Manifest number: 018E
Signing time: Tue 29 Apr 2025 22:00:22 +0000
Manifest this update: Tue 29 Apr 2025 22:00:22 +0000
Manifest next update: Wed 30 Apr 2025 22:00:22 +0000
Files and hashes: 1: Am1RHOOvkMTWAcfM-DYFI3E-LJA.crl (hash: 9Ai4pnDdvgR1CdrRQrTbpMTr47PDy7wKxWydapzBWNY=)
2: PinfW_YHyw5uymC7Qg5_e_ihs1A.roa (hash: pxez1kR2olajgq0bPf5GWwA/2mx0CN85t2SDcizNJFk=)
3: q6pqSEbcTlqmRayyanV7tPyo7fs.roa (hash: EC2KtAOMCahopm9kPSQwxVqEk8+Lm5s50v5gQFz0rN8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/b0c402-e09e-4c69-acc9-84da62066e8a/1/Am1RHOOvkMTWAcfM-DYFI3E-LJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/b0c402-e09e-4c69-acc9-84da62066e8a/1/Am1RHOOvkMTWAcfM-DYFI3E-LJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Am1RHOOvkMTWAcfM-DYFI3E-LJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:90:bd:50:b9:d3:f1:4b:32:5b:b2:fa:b0:2a:7f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=026d511ce3af90c4d601c7ccf8360523713e2c90
Validity
Not Before: Apr 29 22:00:22 2025 GMT
Not After : Apr 30 22:00:22 2025 GMT
Subject: CN=a3ff035cb07ee63d52fefdc4477e9857bdc40882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:52:06:25:42:60:44:3c:57:41:66:1c:48:e1:
bd:ba:34:14:59:a8:8d:d7:be:21:8d:8d:07:8c:8e:
1f:c7:c0:8a:08:5d:c5:ef:e5:ee:87:53:d4:21:f2:
e3:89:42:9a:75:52:c9:29:30:5a:7d:31:ef:81:8a:
0b:8b:bb:58:ca:84:e4:76:d7:53:40:05:4c:23:21:
cc:ce:81:1e:84:1c:f2:29:b6:bd:af:c0:ee:65:cc:
f5:34:8e:70:62:db:51:9e:36:e9:ee:f6:8d:66:8f:
57:76:77:82:74:0a:a0:6d:41:6b:05:c5:f9:72:64:
1f:82:c6:52:a6:67:39:2d:21:ec:94:46:b7:b2:db:
92:0e:ec:d5:13:09:3d:29:f7:76:19:1e:70:c9:9e:
d9:27:5e:fc:3b:bf:d4:15:5e:65:8b:48:a2:27:5e:
06:bf:d5:4f:f8:57:ed:88:ee:83:17:65:bf:96:b3:
fe:dd:7b:c8:81:70:5e:7a:6e:57:09:f1:7f:e1:ec:
73:18:44:e0:ca:88:b3:b5:92:a0:75:06:a9:62:63:
4a:5c:9d:4d:b7:8f:78:b2:1a:97:18:a7:f5:d6:b1:
1c:e0:a1:8b:33:2f:9e:e7:b4:a6:58:a0:3b:24:71:
1f:65:95:34:14:46:b5:f3:b1:7d:e1:38:37:1a:c7:
ea:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FF:03:5C:B0:7E:E6:3D:52:FE:FD:C4:47:7E:98:57:BD:C4:08:82
X509v3 Authority Key Identifier:
keyid:02:6D:51:1C:E3:AF:90:C4:D6:01:C7:CC:F8:36:05:23:71:3E:2C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Am1RHOOvkMTWAcfM-DYFI3E-LJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b0c402-e09e-4c69-acc9-84da62066e8a/1/Am1RHOOvkMTWAcfM-DYFI3E-LJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b0c402-e09e-4c69-acc9-84da62066e8a/1/Am1RHOOvkMTWAcfM-DYFI3E-LJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:a2:ca:3c:b1:9d:f2:ed:a2:ba:60:8a:24:f7:33:58:a6:05:
b5:2f:ba:94:64:e7:2e:99:39:5d:36:e6:a9:9b:4f:de:e7:04:
03:09:d5:c6:59:ab:26:c9:4e:df:4f:48:75:d2:2d:f6:5a:26:
9f:94:00:6f:96:db:64:7d:d8:cc:59:7e:ec:98:f0:be:e4:2e:
6d:bb:46:7b:2a:dc:3c:0c:d2:5a:c6:c3:18:3c:f9:18:16:2e:
1c:68:ed:78:53:3a:f7:97:0e:11:26:53:c9:c8:ad:f5:c2:c9:
ad:4b:0c:66:1f:1c:f7:30:86:84:13:57:7b:15:f2:2b:22:29:
f7:95:ca:e9:3c:61:69:fb:2d:4d:ab:66:04:47:dc:8e:fb:39:
1c:a2:a1:45:05:90:c3:a3:92:09:98:aa:c0:18:3f:0b:cc:e6:
a6:13:c4:8c:1a:c0:59:75:8a:ed:b0:36:2e:b7:d6:29:4f:2d:
bc:50:1c:43:21:5d:ff:da:37:df:c0:54:98:e4:a5:56:45:55:
11:0e:28:96:07:97:e8:4f:b6:1b:29:d0:fb:31:f5:c6:43:95:
34:7b:cb:a5:b9:e5:0c:1e:9f:c7:9a:d4:cf:37:39:dc:29:97:
c2:00:c9:6e:28:54:cc:34:e2:05:2f:db:8c:ff:a3:77:4e:6c:
33:4d:c6:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkL1QudPxSzJbsvqwKn/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNmQ1MTFjZTNhZjkwYzRkNjAxYzdjY2Y4MzYwNTIzNzEz
ZTJjOTAwHhcNMjUwNDI5MjIwMDIyWhcNMjUwNDMwMjIwMDIyWjAzMTEwLwYDVQQD
EyhhM2ZmMDM1Y2IwN2VlNjNkNTJmZWZkYzQ0NzdlOTg1N2JkYzQwODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslIGJUJgRDxXQWYcSOG9ujQUWaiN
174hjY0HjI4fx8CKCF3F7+Xuh1PUIfLjiUKadVLJKTBafTHvgYoLi7tYyoTkdtdT
QAVMIyHMzoEehBzyKba9r8DuZcz1NI5wYttRnjbp7vaNZo9XdneCdAqgbUFrBcX5
cmQfgsZSpmc5LSHslEa3stuSDuzVEwk9Kfd2GR5wyZ7ZJ178O7/UFV5li0iiJ14G
v9VP+FftiO6DF2W/lrP+3XvIgXBeem5XCfF/4exzGETgyoiztZKgdQapYmNKXJ1N
t494shqXGKf11rEc4KGLMy+e57SmWKA7JHEfZZU0FEa187F94Tg3GsfqNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKP/A1ywfuY9Uv79xEd+mFe9xAiCMB8GA1UdIwQY
MBaAFAJtURzjr5DE1gHHzPg2BSNxPiyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW0xUkhPT3ZrTVRXQWNmTS1EWUZJM0UtTEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMGM0MDItZTA5ZS00YzY5LWFjYzkt
ODRkYTYyMDY2ZThhLzEvQW0xUkhPT3ZrTVRXQWNmTS1EWUZJM0UtTEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMGM0MDItZTA5ZS00YzY5LWFjYzktODRkYTYyMDY2ZThh
LzEvQW0xUkhPT3ZrTVRXQWNmTS1EWUZJM0UtTEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ6LKPLGd
8u2iumCKJPczWKYFtS+6lGTnLpk5XTbmqZtP3ucEAwnVxlmrJslO309IddIt9lom
n5QAb5bbZH3YzFl+7JjwvuQubbtGeyrcPAzSWsbDGDz5GBYuHGjteFM695cOESZT
ycit9cLJrUsMZh8c9zCGhBNXexXyKyIp95XK6TxhafstTatmBEfcjvs5HKKhRQWQ
w6OSCZiqwBg/C8zmphPEjBrAWXWK7bA2LrfWKU8tvFAcQyFd/9o338BUmOSlVkVV
EQ4olgeX6E+2GynQ+zH1xkOVNHvLpbnlDB6fx5rUzzc53CmXwgDJbihUzDTiBS/b
jP+jd05sM03GFA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 01:45:30 2025 by rpki-client