Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File: kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier: +hRmxuK2Y5P7Ocje7MdDOt+tPkmnxF/US8OTqLP4ooM=
Subject key identifier: 97:DD:37:38:8C:9A:5B:BE:C4:40:CA:EB:80:9F:53:F0:02:BA:C4:9B
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 0196790CEE35EA9613D0B2719495AD6B2076
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number: 0C30
Signing time: Sun 27 Apr 2025 21:00:12 +0000
Manifest this update: Sun 27 Apr 2025 21:00:12 +0000
Manifest next update: Mon 28 Apr 2025 21:00:12 +0000
Files and hashes: 1: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (hash: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=)
2: WPrYk3ZFYryhbXNF2_g_QVCy5G0.roa (hash: 1/VFn2v02knd9dSenNmn42s5XXg6Yfw+0bFY3ogbnpY=)
3: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: 6Pp2ZiEknvk+cVVnZ/nswWE0dxOHgocxDkRy2a15tDQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:0c:ee:35:ea:96:13:d0:b2:71:94:95:ad:6b:20:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Apr 27 21:00:12 2025 GMT
Not After : Apr 28 21:00:12 2025 GMT
Subject: CN=97dd37388c9a5bbec440caeb809f53f002bac49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d6:d3:08:1e:e8:dc:01:7f:df:d2:0d:80:9e:
e7:41:1f:3c:39:ee:9a:8b:c9:c0:94:7d:cc:21:a9:
56:71:09:df:15:07:ff:76:48:77:b9:69:12:91:04:
44:ad:ca:8c:55:e6:07:5b:a5:e2:a9:b8:2c:ad:63:
b7:cb:0c:1a:ea:27:e7:51:43:a6:4d:04:02:f6:88:
60:7d:22:59:eb:49:ef:8e:67:ad:db:96:fc:2b:78:
c8:cc:1a:2a:11:d1:20:27:31:c6:a0:66:14:1d:cf:
ef:cb:20:61:01:6e:fb:d1:14:a1:52:3c:9a:36:dd:
fa:26:97:ae:26:83:4c:f0:b4:07:7c:5d:19:71:26:
45:3b:e3:78:20:44:f8:38:e4:b7:7a:7a:28:26:17:
46:79:e0:56:45:24:3b:bc:cd:f4:55:87:22:13:a7:
d2:2f:04:a2:aa:d4:da:2e:b9:80:18:f3:7e:9b:66:
13:41:bd:21:69:78:40:05:ce:d7:72:cd:60:4d:9e:
c3:28:30:f8:cc:0a:a4:ee:5a:a8:c3:d6:6a:0c:22:
c4:92:6f:f4:4f:03:6c:72:49:80:3f:be:5b:47:46:
d3:87:30:6d:7a:ab:76:4e:0e:8c:96:14:52:30:16:
a3:1e:0f:69:9a:b2:5f:f8:8f:2d:4e:84:7f:26:49:
49:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:DD:37:38:8C:9A:5B:BE:C4:40:CA:EB:80:9F:53:F0:02:BA:C4:9B
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:f9:27:50:1a:b7:ec:0f:26:d1:6c:bd:88:77:d6:97:21:34:
c5:48:84:4d:ac:ca:bc:f7:2a:29:25:4f:7c:b3:c4:2c:fd:21:
cf:5c:6c:9c:f8:11:c2:38:ce:e1:88:c2:d9:7a:3f:bd:9e:d8:
e8:f2:96:ef:9d:e3:46:6b:e7:9f:e0:57:a7:bf:3e:9d:0e:d3:
ab:42:84:1c:8e:b2:54:5f:36:d0:76:1c:13:d6:85:2a:82:64:
40:8b:f5:74:1a:76:64:12:0c:39:49:47:d5:97:cc:e6:32:92:
35:32:34:84:5c:53:ff:47:c3:80:34:d9:f6:7b:49:c0:5a:9e:
a5:ce:ab:d2:96:b5:3a:15:da:8f:56:98:83:0c:b0:e4:d3:53:
45:ac:82:45:b7:17:bc:9c:f7:1b:fd:b2:10:99:b6:e5:58:cf:
12:8b:50:41:de:88:bd:72:03:4a:a8:35:50:0e:ca:20:7b:96:
77:94:03:2e:f8:cd:cc:28:95:85:dd:90:9d:45:3b:c1:9e:17:
e6:8a:ec:4d:98:8f:55:1d:bd:df:ed:83:f7:13:1a:02:21:51:
27:1d:8e:e8:9e:1d:62:50:87:d4:4a:6b:b2:6b:7a:5f:83:38:
33:6a:83:fd:c3:20:22:45:4c:c6:12:a1:3b:3a:5d:b4:1e:da:
5a:9c:3a:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5DO416pYT0LJxlJWtayB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUwNDI3MjEwMDEyWhcNMjUwNDI4MjEwMDEyWjAzMTEwLwYDVQQD
Eyg5N2RkMzczODhjOWE1YmJlYzQ0MGNhZWI4MDlmNTNmMDAyYmFjNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNbTCB7o3AF/39INgJ7nQR88Oe6a
i8nAlH3MIalWcQnfFQf/dkh3uWkSkQRErcqMVeYHW6XiqbgsrWO3ywwa6ifnUUOm
TQQC9ohgfSJZ60nvjmet25b8K3jIzBoqEdEgJzHGoGYUHc/vyyBhAW770RShUjya
Nt36JpeuJoNM8LQHfF0ZcSZFO+N4IET4OOS3enooJhdGeeBWRSQ7vM30VYciE6fS
LwSiqtTaLrmAGPN+m2YTQb0haXhABc7Xcs1gTZ7DKDD4zAqk7lqow9ZqDCLEkm/0
TwNsckmAP75bR0bThzBteqt2Tg6MlhRSMBajHg9pmrJf+I8tToR/JklJ9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfdNziMmlu+xEDK64CfU/ACusSbMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ/knUBq3
7A8m0Wy9iHfWlyE0xUiETazKvPcqKSVPfLPELP0hz1xsnPgRwjjO4YjC2Xo/vZ7Y
6PKW753jRmvnn+BXp78+nQ7Tq0KEHI6yVF820HYcE9aFKoJkQIv1dBp2ZBIMOUlH
1ZfM5jKSNTI0hFxT/0fDgDTZ9ntJwFqepc6r0pa1OhXaj1aYgwyw5NNTRayCRbcX
vJz3G/2yEJm25VjPEotQQd6IvXIDSqg1UA7KIHuWd5QDLvjNzCiVhd2QnUU7wZ4X
5orsTZiPVR293+2D9xMaAiFRJx2O6J4dYlCH1Eprsmt6X4M4M2qD/cMgIkVMxhKh
OzpdtB7aWpw6cA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:07:39 2025 by rpki-client