Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
File: z431Kt_i_Oaulvb-BdFAieAkfO4.mft (raw, json)
Hash identifier: xxHY0rOWgXHKaEtaLxJr9b93iH6DswkGk7pa0tjl8eM=
Subject key identifier: AE:63:89:65:E1:9B:7B:A2:06:77:E4:59:1D:9F:1A:CF:5D:B5:47:45
Authority key identifier: CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
Certificate issuer: /CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Certificate serial: 01967CB2E2AB233C5DD2E4A8F12ED15B3730
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
Manifest number: 0CC7
Signing time: Mon 28 Apr 2025 14:00:20 +0000
Manifest this update: Mon 28 Apr 2025 14:00:20 +0000
Manifest next update: Tue 29 Apr 2025 14:00:20 +0000
Files and hashes: 1: TiwKb7nlOPMc1Vnv8DcKupSD5jY.roa (hash: nQWhe0fyffCN2quQfKSQ56T2rfLrYZUxC64fwkrxixE=)
2: z431Kt_i_Oaulvb-BdFAieAkfO4.crl (hash: 4G1+0jiK8FUwJl+1ZPF1UEzIHrnSx2/JaZjiPByXw3U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 14:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:b2:e2:ab:23:3c:5d:d2:e4:a8:f1:2e:d1:5b:37:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Validity
Not Before: Apr 28 14:00:20 2025 GMT
Not After : Apr 29 14:00:20 2025 GMT
Subject: CN=ae638965e19b7ba20677e4591d9f1acf5db54745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:48:fa:ab:47:c4:a7:45:7c:08:75:4c:90:35:
07:2d:e9:89:14:de:ce:1e:04:51:ff:f7:ae:6f:4a:
85:d3:04:79:31:05:8d:70:92:71:cc:ee:5b:70:63:
69:ef:7d:4d:60:7d:84:05:a6:38:f5:97:10:5f:ed:
5a:1b:10:f1:91:6e:2e:60:d3:51:a6:4a:9b:cd:b1:
9f:8a:c7:c1:09:fc:9f:3b:50:1c:49:e5:db:35:68:
04:a7:95:35:72:3d:70:37:c8:03:68:84:28:ad:e4:
fe:1d:fe:c8:9b:96:61:6b:87:ce:13:cf:fa:46:dc:
97:6c:20:fe:65:1a:43:8d:c0:cd:f1:3f:a3:bf:98:
cb:88:dc:0c:19:60:74:9f:d7:cc:33:c2:ca:6a:d1:
0b:14:1a:52:ab:e1:da:b1:83:a3:4b:1f:66:17:22:
b5:6a:0b:5d:ff:23:0c:23:90:e5:ac:d5:44:9f:f0:
f4:c5:15:3f:f9:79:01:d5:92:6a:a5:d1:66:ff:b3:
c2:44:e4:47:e4:7d:fb:fe:5d:81:ca:07:33:e0:b0:
a4:db:89:1b:da:03:8e:6c:c7:0c:47:e5:7e:a9:32:
cf:b0:fe:47:3c:b7:5d:68:4d:77:81:73:ba:32:25:
e0:2f:25:5c:f6:1e:97:75:b5:12:93:c4:ab:ac:dc:
22:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:63:89:65:E1:9B:7B:A2:06:77:E4:59:1D:9F:1A:CF:5D:B5:47:45
X509v3 Authority Key Identifier:
keyid:CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:3d:24:07:a5:78:9d:b2:71:e2:d2:e4:37:83:b8:dd:8c:66:
a3:8e:a3:35:14:da:70:f5:a0:80:14:88:a1:ec:9a:e7:31:ed:
c1:ec:8f:04:67:97:3e:7e:2c:5b:26:aa:d0:a6:5f:46:01:f6:
88:44:ba:cd:21:2c:3a:35:d4:86:f5:c5:e2:22:1d:6a:2a:24:
0a:37:fb:67:9f:7c:fd:9c:ff:c1:ce:5b:60:c1:35:bc:82:3e:
40:c7:4f:5b:46:85:12:e5:e4:82:b6:d1:05:06:83:6e:bb:60:
e9:b3:f1:3c:c5:22:67:25:8c:c4:08:f4:10:3a:9e:cd:95:84:
23:94:99:ec:7d:0e:d1:9c:07:48:aa:68:32:b7:57:20:be:17:
9a:45:fc:2e:9d:bf:f1:39:24:20:cc:0c:10:3a:51:1e:05:05:
00:a3:78:cc:3a:bb:03:c2:f6:48:a7:4c:ac:ce:40:28:11:0c:
a7:38:31:98:df:9f:a5:83:cf:fb:a7:99:b8:5b:c1:ba:8f:fb:
0e:f0:ba:eb:35:aa:b3:1b:73:cc:76:3c:d6:46:20:14:72:69:
a8:ff:8d:30:0b:d3:b3:1f:87:a4:0d:dc:dd:eb:42:db:37:2f:
d7:4d:bd:25:e5:0d:fb:c7:b4:4f:23:c9:a0:dd:32:b9:d9:c6:
26:c1:19:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8suKrIzxd0uSo8S7RWzcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOGRmNTJhZGZlMmZjZTZhZTk2ZjZmZTA1ZDE0MDg5ZTAy
NDdjZWUwHhcNMjUwNDI4MTQwMDIwWhcNMjUwNDI5MTQwMDIwWjAzMTEwLwYDVQQD
EyhhZTYzODk2NWUxOWI3YmEyMDY3N2U0NTkxZDlmMWFjZjVkYjU0NzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUj6q0fEp0V8CHVMkDUHLemJFN7O
HgRR//eub0qF0wR5MQWNcJJxzO5bcGNp731NYH2EBaY49ZcQX+1aGxDxkW4uYNNR
pkqbzbGfisfBCfyfO1AcSeXbNWgEp5U1cj1wN8gDaIQoreT+Hf7Im5Zha4fOE8/6
RtyXbCD+ZRpDjcDN8T+jv5jLiNwMGWB0n9fMM8LKatELFBpSq+HasYOjSx9mFyK1
agtd/yMMI5DlrNVEn/D0xRU/+XkB1ZJqpdFm/7PCRORH5H37/l2Bygcz4LCk24kb
2gOObMcMR+V+qTLPsP5HPLddaE13gXO6MiXgLyVc9h6XdbUSk8SrrNwiMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5jiWXhm3uiBnfkWR2fGs9dtUdFMB8GA1UdIwQY
MBaAFM+N9Srf4vzmrpb2/gXRQIngJHzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTIt
Zjc5N2UxZjU0NGQ5LzEvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTItZjc5N2UxZjU0NGQ5
LzEvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKz0kB6V4
nbJx4tLkN4O43Yxmo46jNRTacPWggBSIoeya5zHtweyPBGeXPn4sWyaq0KZfRgH2
iES6zSEsOjXUhvXF4iIdaiokCjf7Z598/Zz/wc5bYME1vII+QMdPW0aFEuXkgrbR
BQaDbrtg6bPxPMUiZyWMxAj0EDqezZWEI5SZ7H0O0ZwHSKpoMrdXIL4XmkX8Lp2/
8TkkIMwMEDpRHgUFAKN4zDq7A8L2SKdMrM5AKBEMpzgxmN+fpYPP+6eZuFvBuo/7
DvC66zWqsxtzzHY81kYgFHJpqP+NMAvTsx+HpA3c3etC2zcv1029JeUN+8e0TyPJ
oN0yudnGJsEZEA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:41:57 2025 by rpki-client