Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
File: NiQhSOPmNqkDQ_PpUES439udHNk.mft (raw, json)
Hash identifier: 7Ijh1RhMn/KckMotlpFBWRvleid+FAZSizmkGiGv098=
Subject key identifier: 41:E9:E1:CD:5B:54:AC:4E:91:A4:A2:B0:73:90:4F:90:E5:FD:FF:28
Authority key identifier: 36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
Certificate issuer: /CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Certificate serial: 019693E0143F1B9EAA15AD3AED361225AD5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
Manifest number: 79
Signing time: Sat 03 May 2025 02:00:57 +0000
Manifest this update: Sat 03 May 2025 02:00:57 +0000
Manifest next update: Sun 04 May 2025 02:00:57 +0000
Files and hashes: 1: NiQhSOPmNqkDQ_PpUES439udHNk.crl (hash: jit0b6XIYJHmhOayihYOB12j252qWo66+1cnIYmGPfc=)
2: zIR-Nz3H2D4s_KM8Bm98PoR8Mws.roa (hash: vxeo0iUuDX5Ze9Stf4uTh6KeWV+Vu5qvbWwTZuqVEFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:93:e0:14:3f:1b:9e:aa:15:ad:3a:ed:36:12:25:ad:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36242148e3e636a90343f3e95044b8dfdb9d1cd9
Validity
Not Before: May 3 02:00:57 2025 GMT
Not After : May 4 02:00:57 2025 GMT
Subject: CN=41e9e1cd5b54ac4e91a4a2b073904f90e5fdff28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d5:29:e6:ff:9c:85:9d:8c:5a:5d:ee:3c:7c:
e7:3d:cd:f1:fe:7b:8a:bd:c2:8c:09:2a:3e:24:b1:
68:b0:32:38:80:90:fb:33:d0:5b:b6:9d:df:df:10:
9d:c1:a0:ec:d9:d6:05:39:f9:30:aa:a7:17:d8:ec:
17:89:41:fc:ae:ff:b1:9d:ed:4e:f9:67:78:d5:e1:
61:e9:2e:48:9f:79:e2:eb:6f:19:2a:43:a7:03:0c:
6a:c4:1b:05:35:5a:68:a3:84:ac:a3:9b:77:7f:11:
1e:29:a6:8b:6f:06:61:20:50:60:3f:ff:98:b3:42:
ff:83:ef:7d:0b:fd:dd:10:aa:c7:13:ee:61:8c:b1:
01:f3:13:02:d9:01:2f:3a:45:64:0a:71:49:f0:9b:
55:af:e1:c5:f2:32:5b:73:ac:9b:05:dd:30:88:63:
26:d3:2c:dd:47:9a:e6:a8:80:e9:c4:ea:df:c3:21:
16:00:35:32:de:86:90:0b:bf:e9:e6:29:eb:0b:25:
f0:ff:46:f6:3b:40:ed:8c:9d:63:17:a3:de:50:e9:
ba:68:dc:6c:05:08:6f:48:aa:af:0a:7c:61:a8:66:
95:30:cc:ba:ef:7d:04:60:f4:06:f4:19:f9:40:c7:
08:d1:83:44:b0:51:d2:a7:f4:04:81:b3:8b:a3:95:
f3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E9:E1:CD:5B:54:AC:4E:91:A4:A2:B0:73:90:4F:90:E5:FD:FF:28
X509v3 Authority Key Identifier:
keyid:36:24:21:48:E3:E6:36:A9:03:43:F3:E9:50:44:B8:DF:DB:9D:1C:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiQhSOPmNqkDQ_PpUES439udHNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3c3da0-d3f8-4aa2-8334-26d759365402/1/NiQhSOPmNqkDQ_PpUES439udHNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:38:bf:af:a1:7c:55:e4:cb:4b:f5:e1:3f:48:78:1e:7c:0a:
35:40:62:07:34:05:68:7a:ed:28:7c:54:6f:7e:85:68:5e:dc:
80:5a:71:97:7c:d4:69:dc:9d:65:66:9e:69:06:1c:a4:41:6f:
76:04:67:3d:f9:b0:93:da:b2:bb:d9:17:b7:5f:65:27:fc:57:
ac:8d:c9:57:0e:cd:8d:19:b2:e2:8d:ab:d1:e7:07:b4:1a:02:
c8:03:62:da:49:1c:c9:2f:d2:ff:08:b0:b6:21:e0:ab:1a:2e:
60:9a:1d:f9:ef:65:31:dd:78:35:1e:f6:0e:ae:58:1a:5e:7b:
3d:45:68:91:4a:13:47:f6:56:47:ae:0b:74:26:19:55:af:39:
0e:83:25:aa:33:b0:c5:d5:dd:6f:dd:a8:d2:78:54:93:eb:65:
01:d0:31:02:35:6a:a1:9c:45:bc:c0:48:88:f7:a8:a4:4b:8c:
31:94:1b:ed:cf:f5:e2:69:f4:cd:1e:11:6c:18:9c:8e:fe:9b:
aa:78:af:2a:61:46:74:ef:c3:4c:45:24:e2:61:b3:e1:c7:5e:
a5:49:7a:a1:70:29:5f:03:8d:6a:5f:04:ee:a7:3c:7c:cd:4f:
aa:8e:b7:45:9f:59:04:1e:23:21:0f:62:b5:3b:70:1f:1b:17:
93:d8:97:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaT4BQ/G56qFa067TYSJa1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjQyMTQ4ZTNlNjM2YTkwMzQzZjNlOTUwNDRiOGRmZGI5
ZDFjZDkwHhcNMjUwNTAzMDIwMDU3WhcNMjUwNTA0MDIwMDU3WjAzMTEwLwYDVQQD
Eyg0MWU5ZTFjZDViNTRhYzRlOTFhNGEyYjA3MzkwNGY5MGU1ZmRmZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdUp5v+chZ2MWl3uPHznPc3x/nuK
vcKMCSo+JLFosDI4gJD7M9Bbtp3f3xCdwaDs2dYFOfkwqqcX2OwXiUH8rv+xne1O
+Wd41eFh6S5In3ni628ZKkOnAwxqxBsFNVpoo4Sso5t3fxEeKaaLbwZhIFBgP/+Y
s0L/g+99C/3dEKrHE+5hjLEB8xMC2QEvOkVkCnFJ8JtVr+HF8jJbc6ybBd0wiGMm
0yzdR5rmqIDpxOrfwyEWADUy3oaQC7/p5inrCyXw/0b2O0DtjJ1jF6PeUOm6aNxs
BQhvSKqvCnxhqGaVMMy6730EYPQG9Bn5QMcI0YNEsFHSp/QEgbOLo5Xz+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHp4c1bVKxOkaSisHOQT5Dl/f8oMB8GA1UdIwQY
MBaAFDYkIUjj5japA0Pz6VBEuN/bnRzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQt
MjZkNzU5MzY1NDAyLzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zYzNkYTAtZDNmOC00YWEyLTgzMzQtMjZkNzU5MzY1NDAy
LzEvTmlRaFNPUG1OcWtEUV9QcFVFUzQzOXVkSE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAozi/r6F8
VeTLS/XhP0h4HnwKNUBiBzQFaHrtKHxUb36FaF7cgFpxl3zUadydZWaeaQYcpEFv
dgRnPfmwk9qyu9kXt19lJ/xXrI3JVw7NjRmy4o2r0ecHtBoCyANi2kkcyS/S/wiw
tiHgqxouYJod+e9lMd14NR72Dq5YGl57PUVokUoTR/ZWR64LdCYZVa85DoMlqjOw
xdXdb92o0nhUk+tlAdAxAjVqoZxFvMBIiPeopEuMMZQb7c/14mn0zR4RbBicjv6b
qnivKmFGdO/DTEUk4mGz4cdepUl6oXApXwONal8E7qc8fM1Pqo63RZ9ZBB4jIQ9i
tTtwHxsXk9iXww==
-----END CERTIFICATE-----
Generated at Sat May 3 04:34:51 2025 by rpki-client