Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
File: S2jh-6e0SntmYjayElPX1jYtDYM.mft (raw, json)
Hash identifier: RnK6lQqxrjQ/2giLKrRkp3itIFr5NAKz1Zs/Y5qFULc=
Subject key identifier: 0A:B9:DC:E2:C9:05:E3:44:15:75:0F:83:0A:B1:35:70:5D:2F:36:84
Authority key identifier: 4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83
Certificate issuer: /CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83
Certificate serial: 019688B7875E76A92389D5239BFB980FFAE7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
Manifest number: 025D
Signing time: Wed 30 Apr 2025 22:00:51 +0000
Manifest this update: Wed 30 Apr 2025 22:00:51 +0000
Manifest next update: Thu 01 May 2025 22:00:51 +0000
Files and hashes: 1: A3eZlYEypGjwef6ovVTvAMEG2Sc.roa (hash: itiiU42XBZajUxpH3eQ5BL8/j+cYwxjPvYG7bJxrjyA=)
2: S2jh-6e0SntmYjayElPX1jYtDYM.crl (hash: 1+EWQmlgYz0/7HWYCxXD52JMAHcdLOnZgGCENVZIOv8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 21:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:b7:87:5e:76:a9:23:89:d5:23:9b:fb:98:0f:fa:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83
Validity
Not Before: Apr 30 22:00:51 2025 GMT
Not After : May 1 22:00:51 2025 GMT
Subject: CN=0ab9dce2c905e34415750f830ab135705d2f3684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:c3:ca:12:69:e4:55:9a:e1:5e:e0:6f:65:
4e:5e:af:20:92:dd:cf:0c:00:68:39:99:65:0d:4a:
0d:8f:00:11:a5:17:66:79:d3:23:f5:d1:6d:75:75:
af:49:9d:84:f2:f3:3e:e6:27:be:33:49:e0:96:8f:
14:3c:b8:c3:fc:5c:95:29:d9:ac:89:28:a8:2f:e7:
dc:e4:02:43:a2:84:42:ae:19:ee:55:7b:ac:d2:3a:
f4:71:37:bf:6f:b4:98:0d:53:6a:7f:4a:83:d4:4e:
d6:3b:34:47:1f:e6:c4:e8:bd:c0:4a:79:d9:ad:a1:
b9:c0:d4:28:bd:ae:65:7e:c6:f1:05:23:6a:47:e4:
a8:29:43:cb:ed:4c:0c:ab:75:1d:64:b0:ca:07:f2:
c4:41:26:4b:af:81:28:5f:ee:d7:4d:18:0d:ab:30:
df:95:79:63:a7:81:eb:33:34:bf:f1:97:20:bc:9f:
1d:7c:80:ee:8c:e9:54:6a:bc:22:31:00:0b:a2:a2:
32:3e:7e:38:51:34:a5:79:a0:40:da:40:3f:49:72:
88:b0:4a:2f:4c:2b:2e:b2:9b:b9:48:77:3a:03:b9:
0f:5c:a4:04:1d:7c:9e:b7:50:50:3e:13:58:86:65:
8c:70:fd:72:e9:5f:7f:66:cd:a1:9c:cd:1f:a7:09:
fc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B9:DC:E2:C9:05:E3:44:15:75:0F:83:0A:B1:35:70:5D:2F:36:84
X509v3 Authority Key Identifier:
keyid:4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:67:72:e3:94:09:56:be:14:44:44:7a:94:54:e0:0f:ca:18:
ec:1a:bd:2e:eb:53:3b:ca:d2:16:fd:a8:9e:86:3d:fc:d7:69:
63:e8:98:e2:64:36:47:47:6e:a9:4a:53:91:dc:0b:26:12:6b:
9e:b7:49:7b:8c:04:f5:0e:e0:ce:d4:48:0d:4e:5f:0f:29:70:
6e:6b:02:7e:bf:00:7d:59:23:d8:cd:18:32:19:31:2c:8c:37:
1c:79:d0:39:9a:52:d5:1f:1e:3b:c9:75:d8:82:ab:aa:1f:ed:
ad:56:42:7f:8f:f4:e0:0b:d4:24:52:fa:8e:80:36:c8:78:00:
c5:34:70:42:55:17:22:64:c1:ed:c8:ee:5a:49:a4:6f:f7:d8:
91:7e:f1:60:ea:11:bc:0b:50:c1:51:1d:f1:35:63:94:f7:a6:
be:ed:f7:05:45:00:5c:1e:21:16:48:da:9f:d1:18:01:86:ee:
f1:53:13:2f:45:c4:48:d9:cf:71:79:dd:9c:f5:70:d3:36:e1:
ea:9f:b0:ad:b4:82:2e:02:52:26:05:4d:8c:d2:82:86:20:be:
6d:35:14:01:80:81:fc:87:5a:d1:c1:3d:94:77:b5:aa:5e:89:
d0:da:6d:32:6b:56:29:38:4f:d4:63:a7:fd:43:53:40:0d:c7:
eb:8f:03:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaIt4dedqkjidUjm/uYD/rnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjhlMWZiYTdiNDRhN2I2NjYyMzZiMjEyNTNkN2Q2MzYy
ZDBkODMwHhcNMjUwNDMwMjIwMDUxWhcNMjUwNTAxMjIwMDUxWjAzMTEwLwYDVQQD
EygwYWI5ZGNlMmM5MDVlMzQ0MTU3NTBmODMwYWIxMzU3MDVkMmYzNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv3DyhJp5FWa4V7gb2VOXq8gkt3P
DABoOZllDUoNjwARpRdmedMj9dFtdXWvSZ2E8vM+5ie+M0nglo8UPLjD/FyVKdms
iSioL+fc5AJDooRCrhnuVXus0jr0cTe/b7SYDVNqf0qD1E7WOzRHH+bE6L3ASnnZ
raG5wNQova5lfsbxBSNqR+SoKUPL7UwMq3UdZLDKB/LEQSZLr4EoX+7XTRgNqzDf
lXljp4HrMzS/8ZcgvJ8dfIDujOlUarwiMQALoqIyPn44UTSleaBA2kA/SXKIsEov
TCsuspu5SHc6A7kPXKQEHXyet1BQPhNYhmWMcP1y6V9/Zs2hnM0fpwn8ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAq53OLJBeNEFXUPgwqxNXBdLzaEMB8GA1UdIwQY
MBaAFEto4funtEp7ZmI2shJT19Y2LQ2DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMt
OGIwNmVjNTY0YTFiLzEvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMtOGIwNmVjNTY0YTFi
LzEvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfGdy45QJ
Vr4URER6lFTgD8oY7Bq9LutTO8rSFv2onoY9/NdpY+iY4mQ2R0duqUpTkdwLJhJr
nrdJe4wE9Q7gztRIDU5fDylwbmsCfr8AfVkj2M0YMhkxLIw3HHnQOZpS1R8eO8l1
2IKrqh/trVZCf4/04AvUJFL6joA2yHgAxTRwQlUXImTB7cjuWkmkb/fYkX7xYOoR
vAtQwVEd8TVjlPemvu33BUUAXB4hFkjan9EYAYbu8VMTL0XESNnPcXndnPVw0zbh
6p+wrbSCLgJSJgVNjNKChiC+bTUUAYCB/Ida0cE9lHe1ql6J0NptMmtWKThP1GOn
/UNTQA3H648DyA==
-----END CERTIFICATE-----
Generated at Thu May 1 06:48:11 2025 by rpki-client