Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File: IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier: NHscDagm3HDrGpeXr3ycTHHFhs+JxqwrlH43jDJsdWk=
Subject key identifier: 21:D3:0A:21:C3:1F:D8:B3:2C:7F:B5:BB:48:4C:39:7C:6D:39:44:CA
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer: /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial: 0196760CEA7B04C8274A5E5D66F4EEB1FBCB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number: 0533
Signing time: Sun 27 Apr 2025 07:01:20 +0000
Manifest this update: Sun 27 Apr 2025 07:01:20 +0000
Manifest next update: Mon 28 Apr 2025 07:01:20 +0000
Files and hashes: 1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: pJQUxgR4+LJyMSc04vWYaQL7+v2HVw/Zu9RoLF9Atiw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:0c:ea:7b:04:c8:27:4a:5e:5d:66:f4:ee:b1:fb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Validity
Not Before: Apr 27 07:01:20 2025 GMT
Not After : Apr 28 07:01:20 2025 GMT
Subject: CN=21d30a21c31fd8b32c7fb5bb484c397c6d3944ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:51:0a:7a:10:c1:1e:4d:d0:2f:3c:5a:a6:3f:
96:b9:e7:b5:af:b4:00:b3:70:7e:dc:da:bf:82:fc:
0d:d5:09:60:4d:1c:f7:a0:ac:34:59:74:6a:11:5d:
3b:4e:0a:44:b3:a2:b4:aa:79:45:8a:b2:7d:a4:ae:
01:90:72:8c:6f:be:5f:a1:5f:01:84:72:0c:e8:7b:
d0:f2:35:a9:ad:4d:9b:1a:3a:b1:4b:be:0a:54:f7:
ea:2e:64:04:c2:2c:cd:42:80:d3:ce:d4:8a:6d:ea:
5f:02:91:0e:6f:2f:fb:79:3d:93:92:5b:d2:f4:da:
93:a4:2d:40:e0:3b:f2:1c:db:af:cc:ac:5e:14:11:
73:8f:43:eb:29:b5:d2:7d:4f:a5:2d:a5:82:aa:ca:
1f:4f:b3:4d:18:95:c1:35:93:3c:e9:3c:de:0d:d6:
68:07:5f:fd:5d:31:7d:77:e2:64:11:de:1d:45:19:
9a:05:7f:97:ba:12:ec:3e:10:49:61:73:5a:17:b5:
80:89:de:17:93:ea:29:73:f6:fc:2b:08:b3:20:d5:
39:8f:12:66:06:b0:77:6b:22:03:d8:ce:ef:ce:f9:
5f:ba:fc:95:81:6f:f6:83:a7:57:36:41:fa:e4:0f:
f8:30:03:ad:d8:04:c0:b3:88:ca:12:3a:1e:7d:c9:
28:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D3:0A:21:C3:1F:D8:B3:2C:7F:B5:BB:48:4C:39:7C:6D:39:44:CA
X509v3 Authority Key Identifier:
keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:d7:13:75:e1:ce:8f:1b:b4:b8:30:9e:0e:a3:3e:89:e0:26:
07:b0:92:36:f8:49:93:81:0f:93:ca:04:02:2b:08:8a:c6:83:
42:16:28:c3:46:3a:4d:14:06:b8:8e:b9:f6:ff:2a:fc:83:9f:
0c:44:2c:31:9b:dc:20:88:60:18:ba:d6:33:76:5c:69:20:3a:
d8:12:d6:3c:42:db:33:59:e7:ae:42:6d:91:45:03:1c:c3:e6:
35:cc:be:51:1e:30:f4:b8:f4:a8:a8:fb:97:1f:e3:49:89:3c:
ca:f4:a7:a4:ac:02:20:c1:08:ac:85:7d:e9:9c:76:ee:75:3b:
b3:47:46:b9:85:8b:91:e4:a8:f2:aa:68:13:cd:7e:65:54:28:
f4:68:f5:88:f6:af:05:13:83:a2:0e:82:7a:0f:2f:51:1d:38:
3e:53:77:21:f8:bf:6b:b0:76:d3:25:58:56:95:68:51:65:81:
e2:01:65:be:da:71:99:15:14:61:a3:e1:34:57:11:2e:f6:07:
dd:6a:6f:17:8e:0c:5a:6b:85:96:27:4d:98:64:08:fd:16:3c:
45:87:41:09:bb:c1:eb:ce:6d:e0:9a:52:e3:7a:ab:f6:39:9d:
0d:ba:d5:2b:a1:2f:e3:f9:3a:8f:06:48:8e:fa:20:3b:f4:16:
70:7c:28:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DOp7BMgnSl5dZvTusfvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUwNDI3MDcwMTIwWhcNMjUwNDI4MDcwMTIwWjAzMTEwLwYDVQQD
EygyMWQzMGEyMWMzMWZkOGIzMmM3ZmI1YmI0ODRjMzk3YzZkMzk0NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1EKehDBHk3QLzxapj+Wuee1r7QA
s3B+3Nq/gvwN1QlgTRz3oKw0WXRqEV07TgpEs6K0qnlFirJ9pK4BkHKMb75foV8B
hHIM6HvQ8jWprU2bGjqxS74KVPfqLmQEwizNQoDTztSKbepfApEOby/7eT2TklvS
9NqTpC1A4DvyHNuvzKxeFBFzj0PrKbXSfU+lLaWCqsofT7NNGJXBNZM86TzeDdZo
B1/9XTF9d+JkEd4dRRmaBX+XuhLsPhBJYXNaF7WAid4Xk+opc/b8KwizINU5jxJm
BrB3ayID2M7vzvlfuvyVgW/2g6dXNkH65A/4MAOt2ATAs4jKEjoefckoLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHTCiHDH9izLH+1u0hMOXxtOUTKMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL9cTdeHO
jxu0uDCeDqM+ieAmB7CSNvhJk4EPk8oEAisIisaDQhYow0Y6TRQGuI659v8q/IOf
DEQsMZvcIIhgGLrWM3ZcaSA62BLWPELbM1nnrkJtkUUDHMPmNcy+UR4w9Lj0qKj7
lx/jSYk8yvSnpKwCIMEIrIV96Zx27nU7s0dGuYWLkeSo8qpoE81+ZVQo9Gj1iPav
BRODog6Ceg8vUR04PlN3Ifi/a7B20yVYVpVoUWWB4gFlvtpxmRUUYaPhNFcRLvYH
3WpvF44MWmuFlidNmGQI/RY8RYdBCbvB685t4JpS43qr9jmdDbrVK6Ev4/k6jwZI
jvogO/QWcHwofw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:00:06 2025 by rpki-client