Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: 5yJ4WPaI7Jb/Pco7P8+z7wSt8J/PcmcWH9OgllyzzA4=
Subject key identifier: 1B:89:DE:1A:51:AE:CC:C6:8C:64:BF:78:81:C3:54:ED:19:10:58:44
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 01968DA6A8E3102ED2DF011392A1EA811EEA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 1208
Signing time: Thu 01 May 2025 21:00:31 +0000
Manifest this update: Thu 01 May 2025 21:00:31 +0000
Manifest next update: Fri 02 May 2025 21:00:31 +0000
Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: xveF9nOC3qmKgmK2fT5TSbpZJZ9tpwc2TICDWf08DMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8d:a6:a8:e3:10:2e:d2:df:01:13:92:a1:ea:81:1e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: May 1 21:00:31 2025 GMT
Not After : May 2 21:00:31 2025 GMT
Subject: CN=1b89de1a51aeccc68c64bf7881c354ed19105844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:60:61:95:ed:80:a0:aa:94:0b:70:31:e7:
24:78:6c:0f:92:33:a1:ba:ab:48:6e:8c:ff:07:d2:
6e:29:42:f8:d3:db:ea:28:e9:2f:94:e5:db:2f:46:
ba:07:d7:f9:45:60:b3:23:20:44:23:2b:0f:7a:3c:
d2:37:66:1a:8f:5c:8b:25:56:13:8f:c3:cd:74:e7:
01:4a:70:3f:37:5b:c0:8c:ae:bb:9c:60:a7:70:ea:
52:e4:20:aa:e4:cc:74:72:2a:94:29:ce:22:45:08:
a7:ee:00:e9:a6:7c:d8:7c:e9:e2:26:e6:df:55:dc:
a1:a0:2c:da:a6:2b:79:34:7f:26:00:ca:56:06:de:
8b:e3:8c:88:5a:6d:d3:d5:33:63:9b:69:de:13:7d:
b2:e4:93:8a:09:5c:c2:06:38:9e:22:8a:aa:99:94:
d1:04:9c:5e:e9:7a:86:ef:20:cd:9d:11:df:65:2d:
9c:c6:02:07:20:ca:c6:ea:e2:87:31:6b:95:80:d7:
dc:1e:2e:a9:6e:16:8d:6c:9a:90:c8:a9:c1:fd:97:
8f:55:84:89:4f:1f:87:c0:4f:98:0f:0b:fd:1c:f2:
fd:75:0b:b6:02:5f:db:f7:99:05:9b:9f:8f:7a:73:
8c:ce:af:05:47:3c:5b:bf:80:77:b8:66:6d:56:4b:
fa:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:89:DE:1A:51:AE:CC:C6:8C:64:BF:78:81:C3:54:ED:19:10:58:44
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:51:56:3a:95:bb:b5:92:77:b0:ab:0b:94:ce:5b:e6:65:bf:
ec:7b:d2:90:6b:2b:91:5b:89:ea:8a:4f:f8:43:26:0d:b1:26:
6d:d1:ce:48:ac:d2:ed:b0:09:c6:92:c8:3d:fd:86:c3:06:e2:
ec:0c:bb:5b:11:21:25:1f:5c:39:36:78:e9:c4:e1:19:ab:9a:
2c:64:f3:61:c8:d9:dd:da:3f:ca:1c:38:94:3a:cc:a3:13:88:
49:c7:8b:ed:69:b7:ef:c3:24:bd:47:9e:ff:8a:9a:c1:be:53:
0d:48:75:9c:85:80:4b:2e:af:cb:b5:e1:0c:d4:63:51:80:20:
03:14:b9:0b:23:50:36:a6:9e:6a:b1:26:cc:fc:64:69:02:12:
b2:77:d9:53:1d:0c:f4:3e:12:1e:cc:26:b7:a1:c7:34:0f:14:
2f:f7:94:05:87:b3:7b:da:2b:62:e4:1a:1f:d3:96:7c:8e:af:
74:ab:0f:d7:f6:54:a3:f6:c3:2c:f7:49:e9:cc:8c:82:31:df:
a8:8a:b0:45:29:1d:2c:1e:8e:84:4e:34:0a:08:2e:77:b4:2b:
77:36:dc:d1:bc:79:82:1f:e9:3a:3b:54:bc:cc:a6:2b:3d:38:
71:f6:7d:63:a0:68:4f:5a:d4:52:98:c9:78:26:8f:e0:b5:ff:
aa:fb:03:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaNpqjjEC7S3wETkqHqgR7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjUwNTAxMjEwMDMxWhcNMjUwNTAyMjEwMDMxWjAzMTEwLwYDVQQD
EygxYjg5ZGUxYTUxYWVjY2M2OGM2NGJmNzg4MWMzNTRlZDE5MTA1ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt31gYZXtgKCqlAtwMeckeGwPkjOh
uqtIboz/B9JuKUL409vqKOkvlOXbL0a6B9f5RWCzIyBEIysPejzSN2Yaj1yLJVYT
j8PNdOcBSnA/N1vAjK67nGCncOpS5CCq5Mx0ciqUKc4iRQin7gDppnzYfOniJubf
VdyhoCzapit5NH8mAMpWBt6L44yIWm3T1TNjm2neE32y5JOKCVzCBjieIoqqmZTR
BJxe6XqG7yDNnRHfZS2cxgIHIMrG6uKHMWuVgNfcHi6pbhaNbJqQyKnB/ZePVYSJ
Tx+HwE+YDwv9HPL9dQu2Al/b95kFm5+PenOMzq8FRzxbv4B3uGZtVkv6CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuJ3hpRrszGjGS/eIHDVO0ZEFhEMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfVFWOpW7
tZJ3sKsLlM5b5mW/7HvSkGsrkVuJ6opP+EMmDbEmbdHOSKzS7bAJxpLIPf2Gwwbi
7Ay7WxEhJR9cOTZ46cThGauaLGTzYcjZ3do/yhw4lDrMoxOISceL7Wm378MkvUee
/4qawb5TDUh1nIWASy6vy7XhDNRjUYAgAxS5CyNQNqaearEmzPxkaQISsnfZUx0M
9D4SHswmt6HHNA8UL/eUBYeze9orYuQaH9OWfI6vdKsP1/ZUo/bDLPdJ6cyMgjHf
qIqwRSkdLB6OhE40Cggud7Qrdzbc0bx5gh/pOjtUvMymKz04cfZ9Y6BoT1rUUpjJ
eCaP4LX/qvsDJA==
-----END CERTIFICATE-----
Generated at Fri May 2 01:48:19 2025 by rpki-client