Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
File: CzVgh8IMejJUFv2oA8t289p5R6k.mft (raw, json)
Hash identifier: qGb1JA5fQGWzwD3cfcI4GTb/6zDzuhHpP2XU5uSibf8=
Subject key identifier: 9C:02:A6:A2:09:FF:10:F2:7C:58:6B:BC:5B:5D:A9:4C:E5:5E:56:69
Authority key identifier: 0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9
Certificate issuer: /CN=0b356087c20c7a325416fda803cb76f3da7947a9
Certificate serial: 01967D20FA654AA8E6CB85E06C8127E6D7E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
Manifest number: 029B
Signing time: Mon 28 Apr 2025 16:00:35 +0000
Manifest this update: Mon 28 Apr 2025 16:00:35 +0000
Manifest next update: Tue 29 Apr 2025 16:00:35 +0000
Files and hashes: 1: AZt7Se6557jhGabESg2f7LNf6s4.roa (hash: 1ba1sNNM9lYSgyXFdL1/tvNcApCQY3MX2LcXuVatgJo=)
2: CzVgh8IMejJUFv2oA8t289p5R6k.crl (hash: lW7/lgcxQUManCuiOMhZjK00iHvxayUNcNo0adq4LT0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:20:fa:65:4a:a8:e6:cb:85:e0:6c:81:27:e6:d7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b356087c20c7a325416fda803cb76f3da7947a9
Validity
Not Before: Apr 28 16:00:35 2025 GMT
Not After : Apr 29 16:00:35 2025 GMT
Subject: CN=9c02a6a209ff10f27c586bbc5b5da94ce55e5669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0a:cc:69:1a:65:00:ac:87:2e:4b:e3:b4:15:
f2:56:01:d7:22:cb:d1:67:7a:b9:f1:3c:91:00:e0:
98:6b:70:4c:a0:1d:1d:d6:fe:70:96:55:a1:d2:27:
e4:4a:5e:6d:50:c3:6b:29:4c:f7:b9:1d:17:66:cb:
4d:d2:28:44:ee:f6:0f:3c:6d:0e:4b:41:ec:53:29:
71:3e:b2:b6:56:72:16:c0:9b:ea:ae:9e:20:b8:52:
53:32:60:7c:92:56:d4:70:a1:fd:04:3f:8d:7a:7b:
13:cc:55:e3:d0:d7:55:1f:25:57:79:d8:99:b7:f2:
1f:56:5b:0b:67:75:53:01:9b:54:e1:81:0e:1a:4d:
1b:c5:a1:d0:de:5b:dc:29:3f:51:f0:38:76:d6:f1:
16:32:c1:a4:13:c2:51:09:a0:f2:c8:bc:af:88:bf:
8c:0a:76:c8:a7:16:ed:fb:5e:6d:a0:03:c8:14:18:
1f:cb:64:bc:75:83:c2:67:29:64:44:38:e4:01:e3:
30:d9:99:d4:10:dd:f8:da:37:49:1b:5a:b6:f4:6a:
a2:c8:4b:3b:8f:86:0d:14:90:7f:73:59:2e:41:90:
98:32:5f:26:f4:88:51:11:a1:21:3b:9f:c5:c8:00:
75:99:b1:5e:27:0d:00:7b:eb:d0:4b:3f:32:2b:c9:
78:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:02:A6:A2:09:FF:10:F2:7C:58:6B:BC:5B:5D:A9:4C:E5:5E:56:69
X509v3 Authority Key Identifier:
keyid:0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:68:e9:8c:5b:3c:05:21:7c:4e:6d:da:66:dc:72:9f:6e:03:
57:10:34:9e:ff:ab:dc:5e:b4:3d:99:4f:93:82:3b:68:bc:d4:
6f:91:8e:bc:9e:f4:d1:94:bd:d1:e0:45:9c:e1:06:3a:e7:f9:
d5:c9:c2:18:62:25:5b:dc:2e:2a:14:95:c0:d9:ee:a1:bc:d4:
bb:d1:8f:2e:de:96:9e:be:0e:68:a5:e6:cd:dc:b3:ea:e9:ed:
5a:d2:d1:0b:fd:cf:41:47:6d:e2:6d:d4:da:b9:49:ef:8d:87:
2a:ac:8b:52:75:c0:35:52:d7:77:87:dc:96:0c:85:c3:85:64:
e1:4f:00:7e:e8:cf:01:ee:18:b2:99:41:10:66:b1:6b:29:49:
7d:b3:6c:9f:ab:de:9e:bd:59:24:89:6d:63:f7:db:00:ca:6a:
f0:40:21:ac:f0:06:34:1a:6f:26:6c:6d:b4:42:f4:d7:e4:7d:
5a:be:34:1e:91:a1:93:14:e0:b2:d5:c0:a4:aa:f4:50:97:27:
73:12:f3:32:08:5a:b8:82:ee:ba:6a:97:07:da:fe:e3:cf:0d:
48:e0:79:ea:42:fc:86:d9:8d:c5:02:d7:9e:f1:fe:9e:35:b3:
15:c5:89:f5:db:2f:aa:55:f5:8c:76:ac:1a:6c:60:71:d3:ca:
c7:82:ce:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9IPplSqjmy4XgbIEn5tfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMzU2MDg3YzIwYzdhMzI1NDE2ZmRhODAzY2I3NmYzZGE3
OTQ3YTkwHhcNMjUwNDI4MTYwMDM1WhcNMjUwNDI5MTYwMDM1WjAzMTEwLwYDVQQD
Eyg5YzAyYTZhMjA5ZmYxMGYyN2M1ODZiYmM1YjVkYTk0Y2U1NWU1NjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgrMaRplAKyHLkvjtBXyVgHXIsvR
Z3q58TyRAOCYa3BMoB0d1v5wllWh0ifkSl5tUMNrKUz3uR0XZstN0ihE7vYPPG0O
S0HsUylxPrK2VnIWwJvqrp4guFJTMmB8klbUcKH9BD+NensTzFXj0NdVHyVXediZ
t/IfVlsLZ3VTAZtU4YEOGk0bxaHQ3lvcKT9R8Dh21vEWMsGkE8JRCaDyyLyviL+M
CnbIpxbt+15toAPIFBgfy2S8dYPCZylkRDjkAeMw2ZnUEN342jdJG1q29GqiyEs7
j4YNFJB/c1kuQZCYMl8m9IhREaEhO5/FyAB1mbFeJw0Ae+vQSz8yK8l4cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwCpqIJ/xDyfFhrvFtdqUzlXlZpMB8GA1UdIwQY
MBaAFAs1YIfCDHoyVBb9qAPLdvPaeUepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAt
NTdlYWY4MzNhYjBiLzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAtNTdlYWY4MzNhYjBi
LzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg2jpjFs8
BSF8Tm3aZtxyn24DVxA0nv+r3F60PZlPk4I7aLzUb5GOvJ700ZS90eBFnOEGOuf5
1cnCGGIlW9wuKhSVwNnuobzUu9GPLt6Wnr4OaKXmzdyz6untWtLRC/3PQUdt4m3U
2rlJ742HKqyLUnXANVLXd4fclgyFw4Vk4U8AfujPAe4YsplBEGaxaylJfbNsn6ve
nr1ZJIltY/fbAMpq8EAhrPAGNBpvJmxttEL01+R9Wr40HpGhkxTgstXApKr0UJcn
cxLzMghauILuumqXB9r+488NSOB56kL8htmNxQLXnvH+njWzFcWJ9dsvqlX1jHas
GmxgcdPKx4LO6A==
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:34:51 2025 by rpki-client