Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft
File: gNZ6hECc7boCLusDW9itYg1oPqc.mft (raw, json)
Hash identifier: nxl7Bt0E9mIMme01JT/zgMdl7u81yLgyrjoJsa2vNLw=
Subject key identifier: BC:70:19:08:FF:3F:4A:57:B6:53:38:B6:A0:C1:E8:75:91:3C:A4:CC
Authority key identifier: 80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7
Certificate issuer: /CN=80d67a84409cedba022eeb035bd8ad620d683ea7
Certificate serial: 01967FB45793948BAF95BA3EBD5A6236E367
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft
Manifest number: 14A9
Signing time: Tue 29 Apr 2025 04:00:47 +0000
Manifest this update: Tue 29 Apr 2025 04:00:47 +0000
Manifest next update: Wed 30 Apr 2025 04:00:47 +0000
Files and hashes: 1: HckIWldHWwqX0CJ7X-XU88JAoY8.roa (hash: 0kYehz1g3idStzqPQ6DNbC0IwoRnTc8QtqRoQ8JJZs8=)
2: gNZ6hECc7boCLusDW9itYg1oPqc.crl (hash: alSDXes+z3OsbigPSPBaWFkyu54+1psOMyGcNxtCIa4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7f:b4:57:93:94:8b:af:95:ba:3e:bd:5a:62:36:e3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80d67a84409cedba022eeb035bd8ad620d683ea7
Validity
Not Before: Apr 29 04:00:47 2025 GMT
Not After : Apr 30 04:00:47 2025 GMT
Subject: CN=bc701908ff3f4a57b65338b6a0c1e875913ca4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:ea:38:d3:93:91:cb:c7:e8:3e:d5:90:ed:
a0:ad:f0:55:dd:18:83:10:d5:77:bc:d5:30:91:ad:
ac:f9:5b:cd:b7:ee:ae:c0:36:54:f5:78:d9:d4:28:
c7:cf:b8:17:a4:8e:39:cd:46:c5:10:ae:a6:4f:79:
3a:25:85:71:99:b9:8b:11:84:de:b9:2c:2a:e2:c5:
2b:50:d2:4c:de:18:c2:88:2c:c5:0b:d6:6a:e7:ab:
d2:a6:02:8f:59:c9:df:ca:e7:c6:34:0c:6a:1d:b2:
f2:a3:83:44:89:c5:47:cd:dd:50:3d:53:45:a9:02:
bd:ae:b3:4c:4c:6f:33:82:47:0f:54:ce:ae:a4:ce:
c6:ae:6a:f4:ca:5e:d4:95:0c:53:a3:06:f8:dd:40:
17:d0:b2:a7:02:6c:cd:37:33:74:89:27:98:1a:4c:
28:e0:fb:58:4c:90:69:3e:22:d7:ff:69:16:2e:f3:
90:ae:9d:ba:67:84:9b:36:f7:93:91:c4:3c:23:e1:
bd:2d:9d:29:ea:3a:14:d2:86:c0:ce:66:19:f7:96:
40:2c:28:5c:6c:d5:69:b4:f0:65:82:f4:2a:9d:36:
c6:24:bc:4b:64:04:42:0d:ac:27:03:0b:d7:0e:b9:
3f:b9:f6:ce:93:ea:fd:6f:89:6e:02:69:e8:f9:b9:
b7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:70:19:08:FF:3F:4A:57:B6:53:38:B6:A0:C1:E8:75:91:3C:A4:CC
X509v3 Authority Key Identifier:
keyid:80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:3d:55:68:bf:1c:88:db:72:cf:03:c5:f7:92:77:d3:1e:ef:
90:ca:cb:ac:15:73:ae:51:02:64:3d:ed:b7:f5:53:19:91:b5:
ce:1e:c7:ea:98:dd:b7:c0:dd:29:4b:26:0c:13:2c:bf:a4:76:
8e:f4:9e:5f:bb:f4:07:53:87:78:15:aa:88:07:3b:07:08:0a:
0d:50:e1:c9:66:22:94:ff:4d:67:50:fd:59:8a:44:38:52:f2:
c0:0d:b4:aa:58:f5:10:3a:f4:d2:18:db:62:56:d0:54:df:ed:
39:0b:82:a0:4c:49:e2:81:fd:87:42:d1:19:f8:71:df:b5:88:
25:fd:31:78:27:e4:e3:1b:f1:61:91:f5:0e:ae:45:e0:83:e7:
a6:b9:f0:9e:04:a4:a1:26:e4:5e:18:54:36:21:ef:e9:39:9d:
d7:21:9d:8a:b8:a2:48:56:22:b1:21:1d:67:6d:21:9b:09:3d:
b8:51:da:3b:d9:01:93:a5:80:4c:11:15:3b:a1:90:00:ab:f9:
c4:83:4e:42:7f:d2:2a:2e:58:e6:98:00:ed:bc:69:ce:67:30:
b4:b5:dd:e2:09:ce:2d:95:59:f4:dd:b1:13:e2:dd:6c:96:a8:
02:88:25:8e:65:34:95:84:4c:e1:08:25:c3:76:e0:ea:49:2b:
87:0f:cf:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/tFeTlIuvlbo+vVpiNuNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZDY3YTg0NDA5Y2VkYmEwMjJlZWIwMzViZDhhZDYyMGQ2
ODNlYTcwHhcNMjUwNDI5MDQwMDQ3WhcNMjUwNDMwMDQwMDQ3WjAzMTEwLwYDVQQD
EyhiYzcwMTkwOGZmM2Y0YTU3YjY1MzM4YjZhMGMxZTg3NTkxM2NhNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmTqONOTkcvH6D7VkO2grfBV3RiD
ENV3vNUwka2s+VvNt+6uwDZU9XjZ1CjHz7gXpI45zUbFEK6mT3k6JYVxmbmLEYTe
uSwq4sUrUNJM3hjCiCzFC9Zq56vSpgKPWcnfyufGNAxqHbLyo4NEicVHzd1QPVNF
qQK9rrNMTG8zgkcPVM6upM7Grmr0yl7UlQxTowb43UAX0LKnAmzNNzN0iSeYGkwo
4PtYTJBpPiLX/2kWLvOQrp26Z4SbNveTkcQ8I+G9LZ0p6joU0obAzmYZ95ZALChc
bNVptPBlgvQqnTbGJLxLZARCDawnAwvXDrk/ufbOk+r9b4luAmno+bm39wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxwGQj/P0pXtlM4tqDB6HWRPKTMMB8GA1UdIwQY
MBaAFIDWeoRAnO26Ai7rA1vYrWINaD6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xM2Q1MGItN2RiMy00ZDEwLThhNGUt
NmViM2FhNmEyMWFmLzEvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xM2Q1MGItN2RiMy00ZDEwLThhNGUtNmViM2FhNmEyMWFm
LzEvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJT1VaL8c
iNtyzwPF95J30x7vkMrLrBVzrlECZD3tt/VTGZG1zh7H6pjdt8DdKUsmDBMsv6R2
jvSeX7v0B1OHeBWqiAc7BwgKDVDhyWYilP9NZ1D9WYpEOFLywA20qlj1EDr00hjb
YlbQVN/tOQuCoExJ4oH9h0LRGfhx37WIJf0xeCfk4xvxYZH1Dq5F4IPnprnwngSk
oSbkXhhUNiHv6Tmd1yGdiriiSFYisSEdZ20hmwk9uFHaO9kBk6WATBEVO6GQAKv5
xINOQn/SKi5Y5pgA7bxpzmcwtLXd4gnOLZVZ9N2xE+LdbJaoAogljmU0lYRM4Qgl
w3bg6kkrhw/P9g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:01:46 2025 by rpki-client