Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: 4BP0+SzhPPmx3hIp0yr4M38GzaJRZ2waJWPzd70vgto=
Subject key identifier: 70:FE:82:A8:86:AC:E8:20:2A:19:3D:67:6F:0B:3E:23:78:82:D7:D4
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 01967E33897C5443C063FDB8308E1EC83904
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 1512
Signing time: Mon 28 Apr 2025 21:00:28 +0000
Manifest this update: Mon 28 Apr 2025 21:00:28 +0000
Manifest next update: Tue 29 Apr 2025 21:00:28 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: 4klc5KfHxGlzqJQzte6J+Ivto9QleCnX2WfqHo6uyeQ=)
2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:33:89:7c:54:43:c0:63:fd:b8:30:8e:1e:c8:39:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Apr 28 21:00:28 2025 GMT
Not After : Apr 29 21:00:28 2025 GMT
Subject: CN=70fe82a886ace8202a193d676f0b3e237882d7d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:2d:5f:e4:30:c7:ac:c1:f4:ac:d1:5d:40:
f1:f7:af:9a:36:58:ce:04:8c:eb:34:c6:74:8b:e8:
34:33:51:0e:52:bd:2d:b0:9e:aa:d8:90:0c:1c:ac:
a2:57:db:97:70:1a:80:70:42:f9:f2:7b:09:f0:92:
1d:e8:f7:2a:5a:1d:8f:a0:6b:55:5e:b6:57:9a:15:
4d:dc:cc:ae:23:7c:80:9d:31:6b:47:b3:05:4c:3a:
f5:90:32:15:75:6d:2e:6c:b2:c3:13:a5:72:cf:70:
16:6d:e2:41:31:b7:7d:d8:c7:c8:03:fb:8f:54:b4:
e1:62:28:32:ff:f8:04:27:c6:3e:b5:05:83:ac:7a:
6f:98:5c:17:5a:b7:95:ff:38:fd:34:77:2f:e3:7c:
a6:33:56:fc:38:63:21:31:49:7b:0b:6d:69:10:c4:
85:3e:bb:e1:5e:66:38:77:a9:cd:1c:3d:37:8b:db:
ca:7e:33:5e:0e:e9:84:aa:51:d7:02:91:2c:14:94:
57:fe:ed:df:6d:88:63:62:06:f1:fd:f4:72:81:94:
38:49:73:ea:24:74:bd:e7:22:6c:cc:6f:b9:93:92:
97:d1:0c:53:79:35:f9:eb:39:52:6b:e0:64:0f:c7:
3b:cd:20:bd:b8:3b:2b:53:29:f3:e5:bb:98:c7:c5:
ee:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FE:82:A8:86:AC:E8:20:2A:19:3D:67:6F:0B:3E:23:78:82:D7:D4
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:37:ba:96:a8:f7:1c:eb:75:48:bb:00:ee:89:d0:21:54:61:
89:69:8a:ad:4e:38:ab:f6:e7:51:60:16:29:21:7f:f6:cd:3c:
dc:0d:55:e8:eb:16:f5:b8:04:86:2d:36:df:3f:03:6a:d4:21:
27:a9:f5:e5:df:0e:20:ef:9c:7b:20:a2:52:f7:bc:9f:a3:3e:
ad:1c:9f:21:3a:bf:c5:ff:af:a5:8b:25:df:16:4f:68:1a:5d:
c2:7f:39:9d:0d:eb:c6:7e:10:de:b9:64:dc:12:10:87:12:18:
e1:16:30:09:dc:39:55:9a:7b:4d:c9:d2:33:ab:d2:e8:28:55:
c0:6c:45:6b:48:b0:6a:64:36:ef:46:07:77:00:24:58:97:0f:
57:0a:99:cd:d1:9a:7b:e6:b5:7b:37:25:cf:a2:a5:ea:a6:59:
5c:5b:4a:92:79:a9:c8:6a:87:75:5f:bd:55:db:43:14:c2:e4:
ee:ab:65:fd:21:7f:d6:e6:09:cd:90:aa:99:71:04:4b:67:50:
55:62:ea:f0:e5:df:1c:6f:9e:41:bb:19:6f:bb:f2:9f:f6:64:
b1:0d:60:fc:15:77:96:81:68:ec:de:e2:39:f9:5a:6e:f5:1b:
e9:0f:2c:70:10:24:61:8e:a2:f9:3a:ff:e4:6c:dc:b7:4e:6f:
ad:f3:5f:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+M4l8VEPAY/24MI4eyDkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjUwNDI4MjEwMDI4WhcNMjUwNDI5MjEwMDI4WjAzMTEwLwYDVQQD
Eyg3MGZlODJhODg2YWNlODIwMmExOTNkNjc2ZjBiM2UyMzc4ODJkN2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbQtX+Qwx6zB9KzRXUDx96+aNljO
BIzrNMZ0i+g0M1EOUr0tsJ6q2JAMHKyiV9uXcBqAcEL58nsJ8JId6PcqWh2PoGtV
XrZXmhVN3MyuI3yAnTFrR7MFTDr1kDIVdW0ubLLDE6Vyz3AWbeJBMbd92MfIA/uP
VLThYigy//gEJ8Y+tQWDrHpvmFwXWreV/zj9NHcv43ymM1b8OGMhMUl7C21pEMSF
PrvhXmY4d6nNHD03i9vKfjNeDumEqlHXApEsFJRX/u3fbYhjYgbx/fRygZQ4SXPq
JHS95yJszG+5k5KX0QxTeTX56zlSa+BkD8c7zSC9uDsrUynz5buYx8XuFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHD+gqiGrOggKhk9Z28LPiN4gtfUMB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJje6lqj3
HOt1SLsA7onQIVRhiWmKrU44q/bnUWAWKSF/9s083A1V6OsW9bgEhi023z8DatQh
J6n15d8OIO+ceyCiUve8n6M+rRyfITq/xf+vpYsl3xZPaBpdwn85nQ3rxn4Q3rlk
3BIQhxIY4RYwCdw5VZp7TcnSM6vS6ChVwGxFa0iwamQ270YHdwAkWJcPVwqZzdGa
e+a1ezclz6Kl6qZZXFtKknmpyGqHdV+9VdtDFMLk7qtl/SF/1uYJzZCqmXEES2dQ
VWLq8OXfHG+eQbsZb7vyn/ZksQ1g/BV3loFo7N7iOflabvUb6Q8scBAkYY6i+Tr/
5Gzct05vrfNf9Q==
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:11:34 2025 by rpki-client