Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft
File: 0-2n3wX226CeOefUvex7rg7_urA.mft (raw, json)
Hash identifier: Lo9eixbFHqLVGykpUZ4PMiOeiWO2WhfMeY6dbY8ejTU=
Subject key identifier: 64:5C:D9:37:A9:53:42:28:35:B8:BD:D2:55:26:26:9F:4E:D7:15:1F
Authority key identifier: D3:ED:A7:DF:05:F6:DB:A0:9E:39:E7:D4:BD:EC:7B:AE:0E:FF:BA:B0
Certificate issuer: /CN=d3eda7df05f6dba09e39e7d4bdec7bae0effbab0
Certificate serial: 019676E833956C88F14DF25B9DC89CB8D563
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-2n3wX226CeOefUvex7rg7_urA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft
Manifest number: 0218
Signing time: Sun 27 Apr 2025 11:00:51 +0000
Manifest this update: Sun 27 Apr 2025 11:00:51 +0000
Manifest next update: Mon 28 Apr 2025 11:00:51 +0000
Files and hashes: 1: 0-2n3wX226CeOefUvex7rg7_urA.crl (hash: YmARXBheDqbYWLHIi/14sGQljQMRsYBQXvibzYpAgrY=)
2: mFUkKUV2j8Fct1DGbVQJTzcA0ig.roa (hash: bNr/zF64vk+SVTrKPbIdCfqu6Sowa5lS9V4LG/Ns2g0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-2n3wX226CeOefUvex7rg7_urA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:e8:33:95:6c:88:f1:4d:f2:5b:9d:c8:9c:b8:d5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3eda7df05f6dba09e39e7d4bdec7bae0effbab0
Validity
Not Before: Apr 27 11:00:51 2025 GMT
Not After : Apr 28 11:00:51 2025 GMT
Subject: CN=645cd937a953422835b8bdd25526269f4ed7151f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d9:70:c8:38:09:61:53:84:29:e7:50:c2:63:
94:23:52:43:c2:dd:b6:c2:0a:50:03:91:c0:a7:30:
7c:26:0b:dd:0c:74:8d:ff:c6:84:fd:f8:f5:a0:6c:
72:a9:46:70:cb:55:ed:a4:0d:af:df:dc:2e:d9:d0:
37:f7:71:96:3f:b1:da:d5:78:04:b5:d4:f3:97:a0:
8a:20:b2:97:cc:68:95:45:a9:d3:4c:a3:c1:d6:d3:
ec:ec:05:a4:d0:77:05:85:aa:1f:ce:25:9c:fc:f2:
52:9e:11:0d:90:03:0a:00:63:40:81:6b:fd:0d:b6:
de:ec:c3:fe:ce:e8:39:22:0d:35:7e:c6:8c:79:f1:
27:da:4e:9b:e0:3f:d8:22:51:c1:fb:4f:38:28:13:
f6:68:94:ec:1c:77:4b:e4:c4:36:ef:50:03:c4:85:
cd:e4:84:30:ca:be:b9:59:0d:49:01:53:21:97:ce:
0a:df:09:7e:91:f1:e1:a5:cf:83:08:f5:9a:78:a8:
33:42:f3:19:59:1c:e0:00:5b:44:9c:41:bc:85:b6:
9e:52:cb:d9:1e:4f:b8:a0:fb:33:b4:83:32:08:89:
b6:c7:53:cd:89:14:58:80:17:62:81:9b:fa:ab:43:
d5:05:70:57:bb:6c:33:e5:8d:b3:ee:ba:80:bb:07:
8a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5C:D9:37:A9:53:42:28:35:B8:BD:D2:55:26:26:9F:4E:D7:15:1F
X509v3 Authority Key Identifier:
keyid:D3:ED:A7:DF:05:F6:DB:A0:9E:39:E7:D4:BD:EC:7B:AE:0E:FF:BA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-2n3wX226CeOefUvex7rg7_urA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:1f:54:c3:c1:a4:6b:19:64:77:21:56:f4:a0:96:bf:97:6a:
43:64:5d:bb:a3:66:77:90:5b:d1:26:68:06:16:d5:f1:be:10:
39:6d:e8:5b:c2:bb:8e:04:cd:4c:29:42:c0:21:b2:dd:3c:f9:
bd:a3:74:74:0b:b1:74:17:0d:1c:55:92:21:09:9e:1b:18:13:
4b:b9:a4:70:3b:b5:e1:ad:80:24:ba:3f:92:1d:d2:4d:47:79:
43:3e:e9:7b:4a:67:24:60:eb:6e:ad:68:da:c6:5b:78:43:c0:
53:af:e3:ca:d5:28:be:c4:59:ed:7e:9e:58:e9:d6:66:82:12:
39:20:e1:56:af:0e:bf:80:18:aa:26:63:2d:01:1f:00:ac:1e:
c5:f9:fa:11:71:d2:68:fc:b6:8c:b8:06:bf:48:9b:27:dc:6c:
3d:71:9b:d8:a3:91:35:ef:02:4e:1f:68:c2:0e:b5:c0:3f:50:
a4:10:d4:59:00:99:a5:f2:88:b0:47:90:b2:c3:d7:d9:54:0c:
07:4d:bf:2a:2f:9e:a7:84:12:50:3c:dc:fd:ee:8d:41:35:71:
e8:d2:1c:e2:5e:01:96:0d:27:fb:2a:33:77:39:40:9e:23:dd:
88:b1:19:a8:23:bb:9f:e6:5d:29:30:5b:12:91:11:c8:f8:6a:
3c:ed:6a:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ26DOVbIjxTfJbncicuNVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZWRhN2RmMDVmNmRiYTA5ZTM5ZTdkNGJkZWM3YmFlMGVm
ZmJhYjAwHhcNMjUwNDI3MTEwMDUxWhcNMjUwNDI4MTEwMDUxWjAzMTEwLwYDVQQD
Eyg2NDVjZDkzN2E5NTM0MjI4MzViOGJkZDI1NTI2MjY5ZjRlZDcxNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dlwyDgJYVOEKedQwmOUI1JDwt22
wgpQA5HApzB8JgvdDHSN/8aE/fj1oGxyqUZwy1XtpA2v39wu2dA393GWP7Ha1XgE
tdTzl6CKILKXzGiVRanTTKPB1tPs7AWk0HcFhaofziWc/PJSnhENkAMKAGNAgWv9
Dbbe7MP+zug5Ig01fsaMefEn2k6b4D/YIlHB+084KBP2aJTsHHdL5MQ271ADxIXN
5IQwyr65WQ1JAVMhl84K3wl+kfHhpc+DCPWaeKgzQvMZWRzgAFtEnEG8hbaeUsvZ
Hk+4oPsztIMyCIm2x1PNiRRYgBdigZv6q0PVBXBXu2wz5Y2z7rqAuweKqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRc2TepU0IoNbi90lUmJp9O1xUfMB8GA1UdIwQY
MBaAFNPtp98F9tugnjnn1L3se64O/7qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC0ybjN3WDIyNkNlT2VmVXZleDdyZzdfdXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kYzY0ZjQtY2ZiYS00ZWZkLWI0ZWQt
Njc2YmVkYjE3NDczLzEvMC0ybjN3WDIyNkNlT2VmVXZleDdyZzdfdXJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kYzY0ZjQtY2ZiYS00ZWZkLWI0ZWQtNjc2YmVkYjE3NDcz
LzEvMC0ybjN3WDIyNkNlT2VmVXZleDdyZzdfdXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdB9Uw8Gk
axlkdyFW9KCWv5dqQ2Rdu6Nmd5Bb0SZoBhbV8b4QOW3oW8K7jgTNTClCwCGy3Tz5
vaN0dAuxdBcNHFWSIQmeGxgTS7mkcDu14a2AJLo/kh3STUd5Qz7pe0pnJGDrbq1o
2sZbeEPAU6/jytUovsRZ7X6eWOnWZoISOSDhVq8Ov4AYqiZjLQEfAKwexfn6EXHS
aPy2jLgGv0ibJ9xsPXGb2KORNe8CTh9owg61wD9QpBDUWQCZpfKIsEeQssPX2VQM
B02/Ki+ep4QSUDzc/e6NQTVx6NIc4l4Blg0n+yozdzlAniPdiLEZqCO7n+ZdKTBb
EpERyPhqPO1qGg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:10:07 2025 by rpki-client