Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File: IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier: 5hhO7K33IgjiBX9+VNISXHxd4HUYoglNpsf6ZCxZnQY=
Subject key identifier: A2:2C:4E:9F:6A:3E:80:3C:CA:77:84:4F:65:BA:5A:88:20:22:A0:6E
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer: /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial: 01967643302B4A7F7019E633B4AF3C46F9D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number: 031E
Signing time: Sun 27 Apr 2025 08:00:36 +0000
Manifest this update: Sun 27 Apr 2025 08:00:36 +0000
Manifest next update: Mon 28 Apr 2025 08:00:36 +0000
Files and hashes: 1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: 9fXZQD7R3hz2y33BoT+HsoAGCcBUR9SveuoevjHcq3o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:43:30:2b:4a:7f:70:19:e6:33:b4:af:3c:46:f9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204050cc59536f2d9407692823890ccdda854508
Validity
Not Before: Apr 27 08:00:36 2025 GMT
Not After : Apr 28 08:00:36 2025 GMT
Subject: CN=a22c4e9f6a3e803cca77844f65ba5a882022a06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1c:dd:3f:1d:0d:35:fd:9d:55:69:b7:94:23:
47:ed:64:f2:d7:e0:e3:01:bf:79:f9:31:d0:f3:42:
7a:eb:17:31:c2:c4:44:74:be:29:f4:e4:96:03:b1:
c7:0c:32:e0:d2:d1:3e:2e:28:94:41:68:af:7d:32:
6c:95:e4:a7:bc:12:a0:c2:d7:69:34:56:bd:6d:12:
85:ee:f4:63:2a:4e:ba:72:85:7b:29:8d:94:eb:aa:
48:ce:af:ae:f6:57:e0:33:1d:7d:bb:0e:8d:eb:f1:
73:42:10:60:10:bf:c8:69:ee:bc:e6:7c:cf:6b:e8:
e0:10:8c:c4:4a:56:ed:4f:65:bb:ce:fc:cc:1b:6d:
dc:54:ac:fb:7e:cb:36:3f:7d:be:35:96:23:f4:f1:
1d:c7:41:0c:c0:8b:28:73:db:6f:9c:a3:3c:93:b8:
66:5d:72:e1:32:08:3f:45:6c:ef:0c:34:09:27:06:
c8:36:6d:5f:09:d0:d1:a5:28:0c:8b:ae:67:4e:17:
c8:ed:7e:54:46:15:3b:f2:df:ec:36:9d:6f:2b:83:
b9:34:64:a8:80:cb:1e:fb:50:78:f8:c8:11:35:47:
b4:a0:74:58:a2:9e:05:7c:9d:08:44:f2:60:99:89:
3e:78:43:a3:a7:f7:86:9f:5a:75:dc:84:8b:3b:bb:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2C:4E:9F:6A:3E:80:3C:CA:77:84:4F:65:BA:5A:88:20:22:A0:6E
X509v3 Authority Key Identifier:
keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:4c:9c:1b:5d:05:6b:39:5f:8c:e1:de:ef:05:9e:d7:0d:8f:
90:be:fa:98:80:65:1d:83:6e:2d:23:1a:b1:8b:01:03:45:d7:
c4:b4:cc:52:48:70:3e:c3:b3:2c:45:e8:9f:af:5d:b3:88:11:
c6:35:5f:42:4b:1d:fe:55:e5:d2:35:f7:40:f3:e6:fb:cf:10:
17:7c:5c:90:fb:f8:9c:cb:77:36:8a:f5:c9:f6:47:71:16:bc:
7b:f4:51:b8:40:cc:a9:c3:f5:ff:2d:1a:8b:92:eb:9d:69:5b:
69:15:6e:38:4c:eb:b8:f9:72:f1:94:5f:40:99:f2:1b:fb:a3:
bc:23:57:46:ab:a3:75:61:70:59:a9:aa:1b:01:d8:a8:96:86:
96:31:dd:48:a7:a7:2f:9c:0c:e4:d0:33:be:77:af:27:ae:a2:
dd:aa:28:08:ea:30:95:07:b3:59:87:00:34:62:e6:d0:c1:05:
eb:90:6c:5b:5f:4c:0e:34:d6:39:5b:bf:37:3e:53:c7:03:95:
6d:ec:96:02:32:8f:69:7e:6d:5c:e5:ac:2f:14:98:9a:9f:90:
1a:8e:27:46:e6:d9:b8:f9:73:fd:19:16:2f:fa:0d:2d:e3:5c:
33:de:cb:aa:65:b8:27:5b:5c:e5:42:a9:34:15:9c:2b:a5:d2:
86:1d:3c:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2QzArSn9wGeYztK88RvnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjUwNDI3MDgwMDM2WhcNMjUwNDI4MDgwMDM2WjAzMTEwLwYDVQQD
EyhhMjJjNGU5ZjZhM2U4MDNjY2E3Nzg0NGY2NWJhNWE4ODIwMjJhMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBzdPx0NNf2dVWm3lCNH7WTy1+Dj
Ab95+THQ80J66xcxwsREdL4p9OSWA7HHDDLg0tE+LiiUQWivfTJsleSnvBKgwtdp
NFa9bRKF7vRjKk66coV7KY2U66pIzq+u9lfgMx19uw6N6/FzQhBgEL/Iae685nzP
a+jgEIzESlbtT2W7zvzMG23cVKz7fss2P32+NZYj9PEdx0EMwIsoc9tvnKM8k7hm
XXLhMgg/RWzvDDQJJwbINm1fCdDRpSgMi65nThfI7X5URhU78t/sNp1vK4O5NGSo
gMse+1B4+MgRNUe0oHRYop4FfJ0IRPJgmYk+eEOjp/eGn1p13ISLO7uA9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIsTp9qPoA8yneET2W6WoggIqBuMB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkycG10F
azlfjOHe7wWe1w2PkL76mIBlHYNuLSMasYsBA0XXxLTMUkhwPsOzLEXon69ds4gR
xjVfQksd/lXl0jX3QPPm+88QF3xckPv4nMt3Nor1yfZHcRa8e/RRuEDMqcP1/y0a
i5LrnWlbaRVuOEzruPly8ZRfQJnyG/ujvCNXRqujdWFwWamqGwHYqJaGljHdSKen
L5wM5NAzvnevJ66i3aooCOowlQezWYcANGLm0MEF65BsW19MDjTWOVu/Nz5TxwOV
beyWAjKPaX5tXOWsLxSYmp+QGo4nRubZuPlz/RkWL/oNLeNcM97LqmW4J1tc5UKp
NBWcK6XShh08FQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:57:15 2025 by rpki-client