Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier: qXHRxncH1U+RE52jU1RyewYJ64AhDh3mv3TyYksTr+s=
Subject key identifier: 46:BC:65:D0:FD:D6:FF:45:4C:50:8E:E7:4B:FA:B3:15:25:DF:7D:6D
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial: 01967D8EB56201750C98A4B96B62D4468C4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number: 027E
Signing time: Mon 28 Apr 2025 18:00:26 +0000
Manifest this update: Mon 28 Apr 2025 18:00:26 +0000
Manifest next update: Tue 29 Apr 2025 18:00:26 +0000
Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: nUeXfWklshnKguMLKJewZt61Eakyd56WxWs1GkXJyMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:8e:b5:62:01:75:0c:98:a4:b9:6b:62:d4:46:8c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Validity
Not Before: Apr 28 18:00:26 2025 GMT
Not After : Apr 29 18:00:26 2025 GMT
Subject: CN=46bc65d0fdd6ff454c508ee74bfab31525df7d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:0b:b6:9b:12:c6:34:05:2f:e5:46:b4:26:11:
11:dd:b3:ea:c3:2d:90:25:63:d3:53:5e:0f:7d:93:
58:87:88:96:34:40:d0:0c:93:6d:09:e8:9a:88:11:
ee:9a:27:ed:ba:82:03:64:79:fb:cb:66:6c:d3:8b:
2b:5c:52:60:82:9f:d5:72:3b:f1:c4:89:2c:b7:bc:
b3:1b:3a:2f:36:7d:0c:71:e9:75:21:b5:ae:22:df:
cb:3c:2b:2c:03:64:fa:f4:ad:90:61:6e:e4:c5:aa:
60:1a:77:7e:87:18:fe:47:b7:9d:35:86:60:54:08:
cb:87:95:2b:23:6c:67:83:4c:d7:9a:55:2e:96:f4:
2b:e9:ef:98:06:cd:99:4c:81:b1:49:b0:11:31:31:
78:73:53:ca:e6:af:9d:b7:d0:8a:ba:37:1b:61:ee:
a4:a0:f5:8c:a9:6e:5f:0b:bc:fb:36:a2:02:83:b4:
f5:67:cf:80:a2:5d:a3:23:9a:e9:74:b6:ef:6e:77:
8d:4b:06:a6:a0:21:dc:d0:7d:2f:5b:a8:8b:5a:67:
ec:63:20:38:7b:1f:96:99:49:db:51:da:8f:5a:65:
53:df:59:5b:55:a6:5a:5c:1e:36:6d:cd:72:bc:c7:
5b:fe:a7:7b:64:b9:b3:88:7c:71:30:16:cd:50:d3:
4d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:BC:65:D0:FD:D6:FF:45:4C:50:8E:E7:4B:FA:B3:15:25:DF:7D:6D
X509v3 Authority Key Identifier:
keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:92:a4:50:a5:95:4f:1b:e3:7f:9a:05:62:67:cb:12:1f:2a:
dc:27:63:d8:6f:0c:b3:af:29:2a:8f:e9:c7:c8:ae:ce:d7:dd:
c1:3b:c3:1c:4a:85:8b:f2:d6:7a:c8:3a:0c:77:89:39:8e:8d:
b6:97:ae:6f:2b:85:9c:d5:89:e3:cf:77:ef:5b:d2:ee:5b:f6:
e5:4b:f1:5d:6a:d6:44:14:90:18:60:0b:8c:ea:e8:e8:66:89:
b2:08:bf:a3:1b:fc:03:cc:44:08:78:ed:4a:15:8e:41:05:10:
07:94:e6:34:6f:dd:be:e7:30:37:66:f3:98:e8:4b:09:d8:e9:
13:b8:82:76:cf:e2:f4:aa:f1:18:bf:50:ea:60:2a:15:b7:33:
7e:66:aa:33:60:c9:84:8d:97:35:a0:e4:a9:8c:50:42:10:b8:
ae:6a:c3:4a:b5:7c:a8:1d:57:2b:bb:14:5e:d6:81:23:b7:0b:
d5:a4:97:7d:75:af:e3:ea:dd:e3:bc:c6:e8:94:60:0a:b4:41:
d0:4c:2e:23:00:5b:8d:eb:08:95:3b:f1:f9:f3:f5:81:09:17:
ca:b0:89:14:a1:d3:4e:c8:78:61:d4:d7:44:a0:24:5c:19:f0:
d2:e4:0e:2c:c5:77:ff:d1:2d:68:0d:0a:86:14:22:a9:a4:f1:
7a:12:ba:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9jrViAXUMmKS5a2LURoxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUwNDI4MTgwMDI2WhcNMjUwNDI5MTgwMDI2WjAzMTEwLwYDVQQD
Eyg0NmJjNjVkMGZkZDZmZjQ1NGM1MDhlZTc0YmZhYjMxNTI1ZGY3ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wu2mxLGNAUv5Ua0JhER3bPqwy2Q
JWPTU14PfZNYh4iWNEDQDJNtCeiaiBHumiftuoIDZHn7y2Zs04srXFJggp/Vcjvx
xIkst7yzGzovNn0Mcel1IbWuIt/LPCssA2T69K2QYW7kxapgGnd+hxj+R7edNYZg
VAjLh5UrI2xng0zXmlUulvQr6e+YBs2ZTIGxSbARMTF4c1PK5q+dt9CKujcbYe6k
oPWMqW5fC7z7NqICg7T1Z8+Aol2jI5rpdLbvbneNSwamoCHc0H0vW6iLWmfsYyA4
ex+WmUnbUdqPWmVT31lbVaZaXB42bc1yvMdb/qd7ZLmziHxxMBbNUNNN/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEa8ZdD91v9FTFCO50v6sxUl331tMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5KkUKWV
Txvjf5oFYmfLEh8q3Cdj2G8Ms68pKo/px8iuztfdwTvDHEqFi/LWesg6DHeJOY6N
tpeubyuFnNWJ489371vS7lv25UvxXWrWRBSQGGALjOro6GaJsgi/oxv8A8xECHjt
ShWOQQUQB5TmNG/dvucwN2bzmOhLCdjpE7iCds/i9KrxGL9Q6mAqFbczfmaqM2DJ
hI2XNaDkqYxQQhC4rmrDSrV8qB1XK7sUXtaBI7cL1aSXfXWv4+rd47zG6JRgCrRB
0EwuIwBbjesIlTvx+fP1gQkXyrCJFKHTTsh4YdTXRKAkXBnw0uQOLMV3/9EtaA0K
hhQiqaTxehK6Aw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:49:48 2025 by rpki-client