Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/cW9tEfDOYyMBgac_haZmFw9zib0.mft
File: cW9tEfDOYyMBgac_haZmFw9zib0.mft (raw, json)
Hash identifier: udXMfVKWwpZnLrG4xreC4cFvpBMz/mTMGF8+GI3Y00s=
Subject key identifier: 27:5B:33:55:50:7D:42:ED:19:05:15:DD:B0:94:BE:46:70:86:20:84
Authority key identifier: 71:6F:6D:11:F0:CE:63:23:01:81:A7:3F:85:A6:66:17:0F:73:89:BD
Certificate issuer: /CN=716f6d11f0ce63230181a73f85a666170f7389bd
Certificate serial: 019682101BB19B45B181ADA0FE47CE70C6E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cW9tEfDOYyMBgac_haZmFw9zib0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/cW9tEfDOYyMBgac_haZmFw9zib0.mft
Manifest number: 0A37
Signing time: Tue 29 Apr 2025 15:00:15 +0000
Manifest this update: Tue 29 Apr 2025 15:00:15 +0000
Manifest next update: Wed 30 Apr 2025 15:00:15 +0000
Files and hashes: 1: cW9tEfDOYyMBgac_haZmFw9zib0.crl (hash: u4jdwo1RRHxredXE9bWxlRWGueVFjseyIHlNHD4qvwc=)
2: fS7Vtpenx3ISocQLcsKDmT4cdAc.roa (hash: lsacutCDcdT1KWfBtvedBOBvauWcszwNt+V8+YsxMyc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/cW9tEfDOYyMBgac_haZmFw9zib0.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/cW9tEfDOYyMBgac_haZmFw9zib0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cW9tEfDOYyMBgac_haZmFw9zib0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:10:1b:b1:9b:45:b1:81:ad:a0:fe:47:ce:70:c6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=716f6d11f0ce63230181a73f85a666170f7389bd
Validity
Not Before: Apr 29 15:00:15 2025 GMT
Not After : Apr 30 15:00:15 2025 GMT
Subject: CN=275b3355507d42ed190515ddb094be4670862084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:60:68:c7:49:c1:e4:6d:23:15:4e:e2:a0:69:
9a:41:51:ec:5f:c5:3d:2d:cc:ec:7c:9d:bf:e9:57:
11:ff:11:a1:84:8d:37:97:76:f2:88:14:0f:19:7b:
9b:c5:13:bf:31:9f:5e:3c:86:33:db:19:bc:e1:07:
05:02:2f:d9:fb:7a:39:a4:ba:6f:5f:6b:d5:fc:fd:
f0:5a:49:88:69:d3:c4:bf:a2:ff:e8:a6:9e:41:aa:
40:aa:5a:b3:36:0c:12:c6:d5:bb:e8:f5:79:ac:ed:
0f:7c:ca:d5:0b:5f:f9:d1:45:67:f8:2f:eb:2c:c5:
34:08:69:ce:cc:aa:88:e3:c0:6c:c9:df:c0:b0:21:
99:e6:7f:81:b0:2f:09:a2:d0:3e:d1:5d:09:5e:0c:
38:50:52:d8:29:eb:5f:fd:2d:d0:e6:23:4f:57:01:
fe:43:2e:e5:2b:82:de:ac:ea:af:51:9a:4c:50:5d:
7b:30:66:78:6a:df:6d:10:ce:8f:d5:28:01:32:b5:
58:72:4f:d7:08:a2:49:f3:51:da:08:bc:f8:0b:b4:
e6:d4:de:6b:a3:a9:c2:cb:1b:ab:6c:b9:76:fd:7a:
f1:8a:a5:95:2f:ac:ba:2d:5a:57:ca:e6:4e:6a:c4:
75:8c:49:93:04:cc:64:12:ed:fc:4d:ea:eb:e5:13:
6e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5B:33:55:50:7D:42:ED:19:05:15:DD:B0:94:BE:46:70:86:20:84
X509v3 Authority Key Identifier:
keyid:71:6F:6D:11:F0:CE:63:23:01:81:A7:3F:85:A6:66:17:0F:73:89:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cW9tEfDOYyMBgac_haZmFw9zib0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/cW9tEfDOYyMBgac_haZmFw9zib0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/cW9tEfDOYyMBgac_haZmFw9zib0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:a3:fa:ea:75:15:22:fa:79:1c:c2:91:4a:53:fe:49:b6:b1:
d1:de:bf:5c:80:f0:66:6c:1d:86:ac:e8:4f:27:e8:ec:e7:73:
27:69:7a:69:42:94:67:10:5e:a7:26:79:82:63:95:ed:06:d0:
07:75:58:d9:f3:ed:ce:11:41:8e:ea:34:2e:f1:ea:79:e3:21:
b5:ff:5b:c1:ac:4f:cb:56:f5:c5:b5:2e:c7:77:32:32:48:98:
3d:48:7e:59:e9:16:cc:bc:49:2d:70:6c:da:7e:05:03:95:3b:
25:0d:6a:8a:f6:5f:66:06:3e:82:92:bc:04:d3:11:6d:e4:17:
f4:35:ed:40:4d:b3:f9:c5:96:3c:7a:f2:ac:0f:3b:82:51:6e:
bc:c8:01:c1:d1:b0:27:c9:04:61:16:6c:d0:04:7b:e6:df:21:
de:b7:86:80:16:93:06:d7:de:8f:36:2f:3b:84:ed:4c:f8:69:
8e:ef:74:2b:3b:ce:28:34:f6:6e:e9:34:69:a5:2b:1c:c3:69:
4c:fb:f5:27:41:7c:0d:41:59:33:2b:76:b8:89:a9:e1:40:ca:
7a:b6:94:d0:85:6e:47:f1:8e:a4:d4:6b:ea:d8:55:00:01:1a:
e8:b6:55:c3:53:3c:f1:f8:39:ff:44:7f:94:7c:9e:32:9b:53:
e5:49:65:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCEBuxm0Wxga2g/kfOcMbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNmY2ZDExZjBjZTYzMjMwMTgxYTczZjg1YTY2NjE3MGY3
Mzg5YmQwHhcNMjUwNDI5MTUwMDE1WhcNMjUwNDMwMTUwMDE1WjAzMTEwLwYDVQQD
EygyNzViMzM1NTUwN2Q0MmVkMTkwNTE1ZGRiMDk0YmU0NjcwODYyMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWBox0nB5G0jFU7ioGmaQVHsX8U9
LczsfJ2/6VcR/xGhhI03l3byiBQPGXubxRO/MZ9ePIYz2xm84QcFAi/Z+3o5pLpv
X2vV/P3wWkmIadPEv6L/6KaeQapAqlqzNgwSxtW76PV5rO0PfMrVC1/50UVn+C/r
LMU0CGnOzKqI48Bsyd/AsCGZ5n+BsC8JotA+0V0JXgw4UFLYKetf/S3Q5iNPVwH+
Qy7lK4LerOqvUZpMUF17MGZ4at9tEM6P1SgBMrVYck/XCKJJ81HaCLz4C7Tm1N5r
o6nCyxurbLl2/XrxiqWVL6y6LVpXyuZOasR1jEmTBMxkEu38Terr5RNuNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdbM1VQfULtGQUV3bCUvkZwhiCEMB8GA1UdIwQY
MBaAFHFvbRHwzmMjAYGnP4WmZhcPc4m9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1c5dEVmRE9ZeU1CZ2FjX2hhWm1Gdzl6aWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iNmEyMzMtNmY4MC00ZjRlLTkzMTIt
ZTNmNDlhYzQ5NTYwLzEvY1c5dEVmRE9ZeU1CZ2FjX2hhWm1Gdzl6aWIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iNmEyMzMtNmY4MC00ZjRlLTkzMTItZTNmNDlhYzQ5NTYw
LzEvY1c5dEVmRE9ZeU1CZ2FjX2hhWm1Gdzl6aWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE6P66nUV
Ivp5HMKRSlP+Sbax0d6/XIDwZmwdhqzoTyfo7OdzJ2l6aUKUZxBepyZ5gmOV7QbQ
B3VY2fPtzhFBjuo0LvHqeeMhtf9bwaxPy1b1xbUux3cyMkiYPUh+WekWzLxJLXBs
2n4FA5U7JQ1qivZfZgY+gpK8BNMRbeQX9DXtQE2z+cWWPHryrA87glFuvMgBwdGw
J8kEYRZs0AR75t8h3reGgBaTBtfejzYvO4TtTPhpju90KzvOKDT2buk0aaUrHMNp
TPv1J0F8DUFZMyt2uImp4UDKeraU0IVuR/GOpNRr6thVAAEa6LZVw1M88fg5/0R/
lHyeMptT5Ullbg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:33:30 2025 by rpki-client