Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
File: nGfqNKARpHc4cVg-w5VOeR2MAo0.mft (raw, json)
Hash identifier: 3KORhZAAVbAvqrhxdzPAR8H3pC6SffXfqxKd4yHr/eg=
Subject key identifier: 7E:1C:5A:CA:5A:DF:40:DE:48:E2:06:42:28:02:1A:1F:DD:50:B7:C2
Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d
Certificate serial: 0196865B5A67AA7FA327DC04B6D214191FF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
Manifest number: 0BFC
Signing time: Wed 30 Apr 2025 11:00:55 +0000
Manifest this update: Wed 30 Apr 2025 11:00:55 +0000
Manifest next update: Thu 01 May 2025 11:00:55 +0000
Files and hashes: 1: NCPzn1GpZq4vT4gRDeBcmpEUhRQ.roa (hash: Vq8Q1+OKJnlcLx/yX0O6NcYNdeQRXSpw2T1WMWL6+Zw=)
2: nGfqNKARpHc4cVg-w5VOeR2MAo0.crl (hash: vSc3lqNtqcJoy5p/eC4D7w5/pmmZaFXcPc6LDcwXxac=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:5b:5a:67:aa:7f:a3:27:dc:04:b6:d2:14:19:1f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d
Validity
Not Before: Apr 30 11:00:55 2025 GMT
Not After : May 1 11:00:55 2025 GMT
Subject: CN=7e1c5aca5adf40de48e2064228021a1fdd50b7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f0:7b:74:43:c4:ec:54:08:02:dd:c0:c3:c1:
f3:9d:66:6f:e1:28:ee:2d:d2:02:f9:b7:5c:ae:67:
a1:8e:c9:c0:b1:a8:55:8c:9d:9d:3b:60:c4:b7:6b:
f6:f0:b7:f5:68:a5:90:1c:bf:45:df:7e:9a:a1:ca:
01:d0:52:16:bb:31:e6:33:f5:51:2f:77:cb:9e:c8:
d7:58:7a:ee:c8:df:51:7a:24:92:56:0a:e5:f2:78:
3d:d2:52:0b:a5:cc:f5:a9:90:d9:c7:8a:25:53:7e:
df:94:69:cb:fd:21:dd:e2:0d:da:1d:a5:01:ef:5b:
92:95:37:25:a5:84:d6:1b:f0:39:dd:a0:2c:36:b6:
1f:ce:e4:58:b0:f8:b7:32:89:53:60:10:12:08:be:
48:7b:f7:ca:e7:6b:5f:f2:4c:6c:a7:fb:ab:e8:b4:
d6:e2:e4:d5:1c:ff:f6:87:10:e5:c5:0d:f2:55:16:
dd:b5:03:2d:25:87:dc:0f:87:db:51:53:1d:9c:06:
40:85:75:65:66:34:e0:e6:05:6c:75:77:8d:8f:b7:
e5:7d:db:49:c7:39:a3:67:f2:08:6a:59:f3:cc:12:
bb:40:96:5e:a6:71:e0:3a:7c:c8:c8:3c:05:15:82:
1b:d0:27:fd:28:dc:ea:2d:5c:04:78:91:fb:df:cd:
b7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1C:5A:CA:5A:DF:40:DE:48:E2:06:42:28:02:1A:1F:DD:50:B7:C2
X509v3 Authority Key Identifier:
keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:69:cb:56:b3:44:10:ec:f5:5f:31:df:9b:76:0d:53:f2:aa:
27:76:8b:9a:f2:00:35:f8:90:52:0a:71:b2:85:e1:83:49:5c:
02:0a:40:bf:70:ee:c9:52:d9:23:8c:b9:37:c9:72:20:8e:f0:
37:cd:7f:c3:56:86:3b:24:b1:d0:f4:b8:bf:82:d9:85:1f:d8:
5f:5a:7c:62:1a:bb:a4:ac:51:5e:bf:10:ce:51:78:ae:f8:7a:
3f:45:c2:25:c3:fb:f5:9f:df:0c:44:9f:b9:e3:f2:14:7c:3b:
1f:78:a9:82:23:1c:13:c8:e5:43:dd:f1:b4:5f:f8:fb:3e:ae:
1f:5a:13:1e:6d:92:56:e5:92:1c:5d:2a:03:31:ea:5d:1a:bf:
ea:15:68:1f:c5:d1:50:c0:4b:d5:78:5d:6b:1e:89:1b:cd:df:
e4:89:c0:b6:3c:11:2f:a6:86:16:07:d6:06:d1:3a:0d:dc:fb:
4f:3d:c1:f9:69:a2:34:e1:56:e6:34:66:45:37:db:ab:f3:48:
f2:eb:29:d2:50:7c:f7:0c:68:26:a3:e4:70:c3:83:8c:fd:41:
3f:6a:60:83:44:09:a7:ec:53:d6:aa:d6:9f:74:63:f5:67:42:
1f:a4:98:de:27:3d:44:b1:b3:a5:cc:66:be:98:7f:74:95:c3:
2f:61:3c:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGW1pnqn+jJ9wEttIUGR/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4
YzAyOGQwHhcNMjUwNDMwMTEwMDU1WhcNMjUwNTAxMTEwMDU1WjAzMTEwLwYDVQQD
Eyg3ZTFjNWFjYTVhZGY0MGRlNDhlMjA2NDIyODAyMWExZmRkNTBiN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vB7dEPE7FQIAt3Aw8HznWZv4Sju
LdIC+bdcrmehjsnAsahVjJ2dO2DEt2v28Lf1aKWQHL9F336aocoB0FIWuzHmM/VR
L3fLnsjXWHruyN9ReiSSVgrl8ng90lILpcz1qZDZx4olU37flGnL/SHd4g3aHaUB
71uSlTclpYTWG/A53aAsNrYfzuRYsPi3MolTYBASCL5Ie/fK52tf8kxsp/ur6LTW
4uTVHP/2hxDlxQ3yVRbdtQMtJYfcD4fbUVMdnAZAhXVlZjTg5gVsdXeNj7flfdtJ
xzmjZ/IIalnzzBK7QJZepnHgOnzIyDwFFYIb0Cf9KNzqLVwEeJH73823VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4cWspa30DeSOIGQigCGh/dULfCMB8GA1UdIwQY
MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt
ODJjNjdjNjllOTIzLzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz
LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ2nLVrNE
EOz1XzHfm3YNU/KqJ3aLmvIANfiQUgpxsoXhg0lcAgpAv3DuyVLZI4y5N8lyII7w
N81/w1aGOySx0PS4v4LZhR/YX1p8Yhq7pKxRXr8QzlF4rvh6P0XCJcP79Z/fDESf
uePyFHw7H3ipgiMcE8jlQ93xtF/4+z6uH1oTHm2SVuWSHF0qAzHqXRq/6hVoH8XR
UMBL1Xhdax6JG83f5InAtjwRL6aGFgfWBtE6Ddz7Tz3B+WmiNOFW5jRmRTfbq/NI
8usp0lB89wxoJqPkcMODjP1BP2pgg0QJp+xT1qrWn3Rj9WdCH6SY3ic9RLGzpcxm
vph/dJXDL2E8zg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:36:43 2025 by rpki-client