Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
File: aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft (raw, json)
Hash identifier: QwnLpFD/xT0Vns7Z2o6ciZBvqXVlPVseCyPONOUolc8=
Subject key identifier: 2A:57:B9:84:51:8D:61:E2:C3:1E:4D:BC:ED:A8:8E:51:B2:59:E1:47
Authority key identifier: 69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
Certificate issuer: /CN=6987d0047fb1d8912c63f911305a714f438b1e71
Certificate serial: 0196767A3D0FE5BF0EDD4CE81ED47DB62E0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
Manifest number: 150E
Signing time: Sun 27 Apr 2025 09:00:44 +0000
Manifest this update: Sun 27 Apr 2025 09:00:44 +0000
Manifest next update: Mon 28 Apr 2025 09:00:44 +0000
Files and hashes: 1: Atkr4h8_-iWKS-lQ1C-yvRl84ME.roa (hash: 2T7HRH5eHvmAemXfiDHO7EMODqi7SWlhFBBbiZ8y44c=)
2: aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl (hash: HpSXpYiIkN38J3DyaXTcL4VrRvKc3qkN+cLuuTievOg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:7a:3d:0f:e5:bf:0e:dd:4c:e8:1e:d4:7d:b6:2e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d0047fb1d8912c63f911305a714f438b1e71
Validity
Not Before: Apr 27 09:00:44 2025 GMT
Not After : Apr 28 09:00:44 2025 GMT
Subject: CN=2a57b984518d61e2c31e4dbceda88e51b259e147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:e7:df:e0:a0:8a:5d:db:e8:dc:07:0d:89:
4c:ca:c7:a5:91:87:e3:65:ac:51:58:79:75:a2:36:
6f:3c:26:bd:75:aa:16:71:ae:6e:8b:95:4a:88:b6:
6c:28:4a:6a:7f:dd:4a:77:b3:69:95:4e:67:f9:8f:
a9:6f:7b:f3:c5:01:a4:fd:f4:4b:09:48:77:71:ed:
b0:79:c7:3c:de:5d:13:23:22:f2:fa:ff:32:90:7b:
0b:20:17:da:d9:0d:52:20:39:52:cc:15:82:4c:dd:
18:91:2e:a0:d7:5c:c8:7c:6a:1f:00:07:64:cc:ac:
53:5a:13:93:dc:8c:62:bd:d1:fe:d7:90:13:58:68:
81:13:14:43:5e:b2:93:20:a7:c5:a5:07:ae:13:f9:
5d:60:51:59:0c:7d:88:80:a2:c9:66:dc:38:89:a7:
5b:b1:19:9f:a5:82:d6:0e:f8:43:0e:bc:d2:3f:87:
8a:d7:0e:25:f2:74:00:5a:83:e5:a2:9c:52:af:53:
c5:ab:49:12:1b:2b:08:21:a3:5c:26:6e:10:c6:07:
3e:ca:ca:f0:83:97:4a:ec:91:8f:56:dd:60:c4:7a:
d2:60:95:b0:87:22:16:35:00:1a:6d:c2:8f:24:d0:
cd:0c:78:6b:e1:18:54:a9:cc:d6:65:5b:06:67:de:
e4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:57:B9:84:51:8D:61:E2:C3:1E:4D:BC:ED:A8:8E:51:B2:59:E1:47
X509v3 Authority Key Identifier:
keyid:69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cf:f4:5b:ef:dd:43:e7:88:bf:3d:21:e7:f0:01:f0:0e:38:69:
a9:57:e3:46:13:bd:4a:bb:6b:ed:31:ac:ce:45:e1:a0:5f:a5:
22:cf:29:2d:9a:1c:e3:6f:37:87:4c:5b:28:31:18:40:35:fe:
58:48:cc:b0:df:65:70:9e:d0:39:52:f1:34:5f:98:e3:df:2f:
2c:12:98:16:2d:63:89:76:03:f5:a8:40:81:c5:36:94:99:24:
03:2b:9a:55:07:1b:34:54:fb:9e:0c:26:be:eb:81:c3:d6:17:
c2:e2:ab:be:91:46:24:31:06:c4:91:94:7e:2a:a2:b6:44:73:
32:f9:5d:d6:3d:93:f2:3f:44:20:dd:26:1a:7a:30:c9:dd:1d:
50:fc:b7:3a:2e:34:ff:31:4a:e5:ba:2c:ef:a7:20:e0:74:d6:
73:c4:f3:47:01:7f:24:83:1c:f0:e8:e0:a9:29:7a:51:6e:7f:
e4:43:2e:b7:14:35:97:db:d0:d9:4c:f3:05:90:70:78:cc:35:
fe:8a:a0:52:52:a8:42:ec:72:14:c7:f2:a2:37:d7:03:4a:a3:
c0:de:2e:b7:6c:11:f4:94:20:48:b0:bb:f5:24:4e:21:9f:14:
d0:b9:98:27:9b:e2:5c:35:52:87:a2:8f:98:cc:6e:8f:6a:6d:
84:dd:c8:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2ej0P5b8O3UzoHtR9ti4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkMDA0N2ZiMWQ4OTEyYzYzZjkxMTMwNWE3MTRmNDM4
YjFlNzEwHhcNMjUwNDI3MDkwMDQ0WhcNMjUwNDI4MDkwMDQ0WjAzMTEwLwYDVQQD
EygyYTU3Yjk4NDUxOGQ2MWUyYzMxZTRkYmNlZGE4OGU1MWIyNTllMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2Dn3+Cgil3b6NwHDYlMyselkYfj
ZaxRWHl1ojZvPCa9daoWca5ui5VKiLZsKEpqf91Kd7NplU5n+Y+pb3vzxQGk/fRL
CUh3ce2wecc83l0TIyLy+v8ykHsLIBfa2Q1SIDlSzBWCTN0YkS6g11zIfGofAAdk
zKxTWhOT3IxivdH+15ATWGiBExRDXrKTIKfFpQeuE/ldYFFZDH2IgKLJZtw4iadb
sRmfpYLWDvhDDrzSP4eK1w4l8nQAWoPlopxSr1PFq0kSGysIIaNcJm4Qxgc+ysrw
g5dK7JGPVt1gxHrSYJWwhyIWNQAabcKPJNDNDHhr4RhUqczWZVsGZ97k0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpXuYRRjWHiwx5NvO2ojlGyWeFHMB8GA1UdIwQY
MBaAFGmH0AR/sdiRLGP5ETBacU9Dix5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMt
NDI5MTRiZTBhYTA0LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMtNDI5MTRiZTBhYTA0
LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz/Rb791D
54i/PSHn8AHwDjhpqVfjRhO9Srtr7TGszkXhoF+lIs8pLZoc4283h0xbKDEYQDX+
WEjMsN9lcJ7QOVLxNF+Y498vLBKYFi1jiXYD9ahAgcU2lJkkAyuaVQcbNFT7ngwm
vuuBw9YXwuKrvpFGJDEGxJGUfiqitkRzMvld1j2T8j9EIN0mGnowyd0dUPy3Oi40
/zFK5bos76cg4HTWc8TzRwF/JIMc8OjgqSl6UW5/5EMutxQ1l9vQ2UzzBZBweMw1
/oqgUlKoQuxyFMfyojfXA0qjwN4ut2wR9JQgSLC79SROIZ8U0LmYJ5viXDVSh6KP
mMxuj2pthN3I9A==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:56:17 2025 by rpki-client