Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
File: sd-OADfxroL3viI1rmEsQBD2_pE.mft (raw, json)
Hash identifier: BTen1uRbmJjWTPkNFfG8ln5FGdvBPGXsgQXYssX5LQI=
Subject key identifier: 53:44:49:02:FE:41:DE:70:20:6D:BC:23:13:9F:45:09:46:7B:BE:5B
Authority key identifier: B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91
Certificate issuer: /CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91
Certificate serial: 01967EA174D8152807EBAAE0FFEC35F2E585
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
Manifest number: 29
Signing time: Mon 28 Apr 2025 23:00:32 +0000
Manifest this update: Mon 28 Apr 2025 23:00:32 +0000
Manifest next update: Tue 29 Apr 2025 23:00:32 +0000
Files and hashes: 1: GdRMKH6WdmmVubPmURRtVnS8GV8.roa (hash: gQYTKVfews/6lfRAQlloM0LgEpj91iqOXwXozcwIpNc=)
2: sd-OADfxroL3viI1rmEsQBD2_pE.crl (hash: ofsorbkhyQKkHp5jZO6Pe0AtUk9SqSsq7pqqtaMd+1I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 23:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:a1:74:d8:15:28:07:eb:aa:e0:ff:ec:35:f2:e5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91
Validity
Not Before: Apr 28 23:00:32 2025 GMT
Not After : Apr 29 23:00:32 2025 GMT
Subject: CN=53444902fe41de70206dbc23139f4509467bbe5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a8:58:8c:1a:d8:e3:08:5e:de:b2:8c:63:a8:
1f:c6:b8:f0:7b:81:c2:fc:00:ca:b1:19:43:cd:1e:
c1:62:7c:48:31:aa:bf:c0:cd:e0:de:ae:21:56:ef:
c7:44:49:1f:09:35:74:df:a8:a2:e5:4a:73:8d:b8:
fa:5f:bb:34:75:99:b3:a9:c7:96:27:98:55:09:36:
6c:ec:61:49:e7:67:e9:72:16:c3:17:a0:0c:a3:90:
c9:1a:af:d4:d7:46:9e:a9:0a:37:e2:25:b9:b4:06:
ea:4d:56:72:2a:10:ee:3d:ac:c2:ab:6f:2d:ef:5d:
19:be:9d:ca:19:4f:95:49:2e:1b:0c:23:29:4c:2b:
9a:d0:51:27:a7:63:84:cd:ee:fb:6d:0f:cd:93:dd:
d7:dc:3e:36:83:39:37:57:42:27:70:07:c8:f7:d7:
aa:4a:ec:f9:40:d8:d7:f3:05:aa:75:06:08:bc:33:
42:2e:bd:8f:23:27:ae:f4:22:2a:55:b9:69:53:57:
de:ee:44:ae:f7:aa:05:20:60:fc:8f:a3:d6:80:c2:
50:03:73:81:0c:87:3a:0c:ee:36:54:b3:7f:0a:c2:
8e:ee:51:b5:af:5c:f1:a1:df:57:a2:ae:34:48:bf:
60:29:15:d1:f9:01:5f:55:4d:19:f6:af:1c:f3:78:
3c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:44:49:02:FE:41:DE:70:20:6D:BC:23:13:9F:45:09:46:7B:BE:5B
X509v3 Authority Key Identifier:
keyid:B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:1b:8e:44:f3:c0:71:0e:56:94:9e:21:ed:56:e3:d2:56:17:
22:44:4b:42:ab:85:36:fc:ca:c0:87:6d:30:ae:ac:8b:ba:ae:
3d:13:90:60:96:9e:02:d3:04:21:ba:66:2c:8b:3f:c7:cb:e6:
01:93:d8:5f:00:9b:69:4e:b7:22:16:bc:4b:24:6c:40:03:77:
c7:db:6e:55:57:ad:af:1c:92:5b:a5:c2:f5:67:80:56:1a:d0:
5f:5c:63:78:36:5f:99:39:ba:dd:f4:77:bd:1a:7e:bd:01:23:
44:ca:20:ad:45:90:9d:45:cf:55:37:53:7c:e2:f7:d2:8b:ea:
8e:9e:83:ae:6e:6c:46:cd:b2:9c:07:ea:d2:28:ef:25:eb:20:
c7:4c:14:5a:03:dd:58:b1:9d:35:30:ae:aa:c7:d3:b9:8e:a2:
59:46:b9:91:05:79:56:18:46:08:f0:42:15:7d:0b:26:07:8b:
4b:bb:88:42:0a:c2:3a:29:7c:ed:62:d6:fa:2b:83:e5:39:09:
87:cb:0f:e9:12:60:d9:61:3a:85:4d:ed:54:c5:ea:60:54:00:
93:c1:44:86:72:52:de:96:76:1b:d4:07:a1:73:d9:a9:6e:86:
a1:d4:fb:e9:26:30:9a:69:3a:e4:20:b4:28:56:df:d7:ae:69:
47:39:c2:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+oXTYFSgH66rg/+w18uWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGY4ZTAwMzdmMWFlODJmN2JlMjIzNWFlNjEyYzQwMTBm
NmZlOTEwHhcNMjUwNDI4MjMwMDMyWhcNMjUwNDI5MjMwMDMyWjAzMTEwLwYDVQQD
Eyg1MzQ0NDkwMmZlNDFkZTcwMjA2ZGJjMjMxMzlmNDUwOTQ2N2JiZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6hYjBrY4whe3rKMY6gfxrjwe4HC
/ADKsRlDzR7BYnxIMaq/wM3g3q4hVu/HREkfCTV036ii5Upzjbj6X7s0dZmzqceW
J5hVCTZs7GFJ52fpchbDF6AMo5DJGq/U10aeqQo34iW5tAbqTVZyKhDuPazCq28t
710Zvp3KGU+VSS4bDCMpTCua0FEnp2OEze77bQ/Nk93X3D42gzk3V0IncAfI99eq
Suz5QNjX8wWqdQYIvDNCLr2PIyeu9CIqVblpU1fe7kSu96oFIGD8j6PWgMJQA3OB
DIc6DO42VLN/CsKO7lG1r1zxod9Xoq40SL9gKRXR+QFfVU0Z9q8c83g8rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNESQL+Qd5wIG28IxOfRQlGe75bMB8GA1UdIwQY
MBaAFLHfjgA38a6C974iNa5hLEAQ9v6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEt
MTljYTUwY2YzNGFiLzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEtMTljYTUwY2YzNGFi
LzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdBuORPPA
cQ5WlJ4h7Vbj0lYXIkRLQquFNvzKwIdtMK6si7quPROQYJaeAtMEIbpmLIs/x8vm
AZPYXwCbaU63Iha8SyRsQAN3x9tuVVetrxySW6XC9WeAVhrQX1xjeDZfmTm63fR3
vRp+vQEjRMogrUWQnUXPVTdTfOL30ovqjp6Drm5sRs2ynAfq0ijvJesgx0wUWgPd
WLGdNTCuqsfTuY6iWUa5kQV5VhhGCPBCFX0LJgeLS7uIQgrCOil87WLW+iuD5TkJ
h8sP6RJg2WE6hU3tVMXqYFQAk8FEhnJS3pZ2G9QHoXPZqW6GodT76SYwmmk65CC0
KFbf165pRznCHQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:47:48 2025 by rpki-client