Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
File: isfq5knZVHsK0KsAerTopI3tTV0.mft (raw, json)
Hash identifier: dZAaqkBLusNBubQClRDVXecIGmXgkjBBp+DsB/zccz4=
Subject key identifier: A1:57:CB:76:59:58:E3:95:73:00:FB:90:9A:15:D5:40:30:3B:AE:E2
Authority key identifier: 8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
Certificate issuer: /CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Certificate serial: 0196771F15455932FDDD25AED590DD4CAED5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
Manifest number: 1515
Signing time: Sun 27 Apr 2025 12:00:47 +0000
Manifest this update: Sun 27 Apr 2025 12:00:47 +0000
Manifest next update: Mon 28 Apr 2025 12:00:47 +0000
Files and hashes: 1: isfq5knZVHsK0KsAerTopI3tTV0.crl (hash: tYgQNSKbA1aCk7eZiBZHMjYSwrKMtfbGyrfTKo3PHH0=)
2: vASHsaghbXrziZGVrZp3z_dQ0hY.roa (hash: +D8Rri+Xk/SVSUJL6LzaxDMlSw5qtTcPP6AjI3TjSIo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:77:1f:15:45:59:32:fd:dd:25:ae:d5:90:dd:4c:ae:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Validity
Not Before: Apr 27 12:00:47 2025 GMT
Not After : Apr 28 12:00:47 2025 GMT
Subject: CN=a157cb765958e3957300fb909a15d540303baee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d0:5c:4c:44:92:1c:ab:9a:f3:06:b5:57:2d:
e4:89:87:8d:74:90:0b:ff:33:26:27:6d:7f:ea:b6:
59:39:71:bb:c1:62:ed:0f:8d:c7:f7:a1:9a:fa:a2:
ec:ee:4c:da:bd:6c:90:78:e4:57:0e:96:b3:de:af:
8a:dd:b4:a9:49:f8:3d:d4:5e:68:65:64:31:1b:bc:
92:58:7c:84:b5:a4:d3:be:21:b6:4a:f0:c8:f2:f2:
f4:1d:31:c2:04:90:00:a4:f4:b9:03:d3:a9:f7:4c:
f0:d7:38:c2:cb:cd:1a:57:28:0c:ee:42:23:df:9f:
1b:62:1e:4c:b9:8e:1b:0d:9b:3e:f4:24:0c:79:82:
61:b0:a3:2c:bb:7a:ee:99:6b:d6:10:38:01:ac:a4:
d8:b5:81:10:85:77:b5:c3:e9:9f:19:77:48:4b:fe:
8a:9b:7e:8c:52:a0:2f:fc:92:49:6a:41:ed:3f:8c:
15:60:29:53:e9:51:3e:34:78:c2:77:26:86:4d:c6:
fa:3b:e5:b7:94:a9:f7:f1:5b:e2:cb:99:1e:6a:e2:
f4:df:49:12:d1:08:55:30:85:35:67:61:4e:e2:f5:
21:93:fe:79:62:29:b6:76:5f:c2:e6:68:15:b8:4d:
f6:5e:db:d0:aa:28:7c:aa:59:ea:d6:c3:15:fa:1d:
f5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:57:CB:76:59:58:E3:95:73:00:FB:90:9A:15:D5:40:30:3B:AE:E2
X509v3 Authority Key Identifier:
keyid:8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:9d:01:38:44:48:7e:ba:98:c2:5e:17:c0:f9:85:ba:0a:47:
23:2b:53:1f:41:9d:f9:e7:8c:d0:a0:5b:e3:a4:c0:1f:71:e9:
93:8a:21:15:39:a5:aa:c1:e9:13:20:3b:86:30:b5:fc:e8:ea:
41:ed:e1:51:a7:63:c8:87:03:0d:7f:5b:b3:66:24:97:18:df:
ea:74:25:6d:7c:09:70:f9:3d:df:d0:27:85:0e:9d:57:4f:c5:
47:38:d5:af:d7:67:71:5d:f1:15:16:96:fe:49:08:91:1e:f5:
fd:d0:4d:1f:cf:6e:53:86:f4:19:70:ff:57:79:9b:bf:47:c9:
d0:57:53:52:6a:cf:9b:8f:f4:51:c9:2a:2c:5c:62:2c:ad:b4:
2a:da:3d:2c:93:09:68:ff:c0:7c:16:d0:cc:75:0f:86:09:59:
22:9f:20:44:00:87:26:5c:e3:52:5f:32:b9:19:45:aa:08:8a:
22:2d:d0:7b:4f:0f:93:f2:2e:ab:3d:bd:68:96:44:c3:d0:8d:
3a:7f:4e:40:4c:5f:c9:df:86:19:35:e4:04:63:d6:26:32:14:
86:60:2d:73:dc:00:cf:fc:8e:8f:56:34:7d:38:3e:09:b1:92:
92:94:d2:84:b1:93:ee:f9:65:c7:9d:73:e9:39:d2:d7:d7:92:
72:f3:27:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3HxVFWTL93SWu1ZDdTK7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYzdlYWU2NDlkOTU0N2IwYWQwYWIwMDdhYjRlOGE0OGRl
ZDRkNWQwHhcNMjUwNDI3MTIwMDQ3WhcNMjUwNDI4MTIwMDQ3WjAzMTEwLwYDVQQD
EyhhMTU3Y2I3NjU5NThlMzk1NzMwMGZiOTA5YTE1ZDU0MDMwM2JhZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtBcTESSHKua8wa1Vy3kiYeNdJAL
/zMmJ21/6rZZOXG7wWLtD43H96Ga+qLs7kzavWyQeORXDpaz3q+K3bSpSfg91F5o
ZWQxG7ySWHyEtaTTviG2SvDI8vL0HTHCBJAApPS5A9Op90zw1zjCy80aVygM7kIj
358bYh5MuY4bDZs+9CQMeYJhsKMsu3rumWvWEDgBrKTYtYEQhXe1w+mfGXdIS/6K
m36MUqAv/JJJakHtP4wVYClT6VE+NHjCdyaGTcb6O+W3lKn38Vviy5keauL030kS
0QhVMIU1Z2FO4vUhk/55Yim2dl/C5mgVuE32XtvQqih8qlnq1sMV+h31ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFXy3ZZWOOVcwD7kJoV1UAwO67iMB8GA1UdIwQY
MBaAFIrH6uZJ2VR7CtCrAHq06KSN7U1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYt
YWMwMWYwYzU2NjJiLzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYtYWMwMWYwYzU2NjJi
LzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZ0BOERI
frqYwl4XwPmFugpHIytTH0Gd+eeM0KBb46TAH3Hpk4ohFTmlqsHpEyA7hjC1/Ojq
Qe3hUadjyIcDDX9bs2Yklxjf6nQlbXwJcPk939AnhQ6dV0/FRzjVr9dncV3xFRaW
/kkIkR71/dBNH89uU4b0GXD/V3mbv0fJ0FdTUmrPm4/0UckqLFxiLK20Kto9LJMJ
aP/AfBbQzHUPhglZIp8gRACHJlzjUl8yuRlFqgiKIi3Qe08Pk/Iuqz29aJZEw9CN
On9OQExfyd+GGTXkBGPWJjIUhmAtc9wAz/yOj1Y0fTg+CbGSkpTShLGT7vllx51z
6TnS19eScvMnGA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:04:56 2025 by rpki-client