Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
File: SFk-QNpaUvMi21oEwg-0htThVQI.mft (raw, json)
Hash identifier: JpSk2DpaGcwtlDw9kva2EK0E79veH+jwxwqPtmprU3E=
Subject key identifier: AD:8E:15:49:11:22:A3:AD:8C:84:80:D7:13:0A:64:29:1D:39:20:28
Authority key identifier: 48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
Certificate issuer: /CN=48593e40da5a52f322db5a04c20fb486d4e15502
Certificate serial: 0196760CD1385F6BDB9FDE16547BEA4DB3AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
Manifest number: 11CA
Signing time: Sun 27 Apr 2025 07:01:13 +0000
Manifest this update: Sun 27 Apr 2025 07:01:13 +0000
Manifest next update: Mon 28 Apr 2025 07:01:13 +0000
Files and hashes: 1: SFk-QNpaUvMi21oEwg-0htThVQI.crl (hash: sr1GR5M+jkkjl1p2CNkXJOfpKZfbvVB2jyWqTppgjRM=)
2: Xe1gxuRIIOL95lwNFDlJJ4LeD98.roa (hash: E3ThdKoNF/zSVQO/0Rh8O4e1tJqwTsPdKIVV0WmD0l8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:0c:d1:38:5f:6b:db:9f:de:16:54:7b:ea:4d:b3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48593e40da5a52f322db5a04c20fb486d4e15502
Validity
Not Before: Apr 27 07:01:13 2025 GMT
Not After : Apr 28 07:01:13 2025 GMT
Subject: CN=ad8e15491122a3ad8c8480d7130a64291d392028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d6:63:9f:de:5e:41:c9:1a:ab:f7:2b:e4:63:
2c:46:d0:ff:b3:e3:3b:31:02:af:a9:bb:c9:10:13:
61:dc:54:fe:9e:14:ac:d8:04:16:eb:1b:0b:85:bc:
08:7e:5d:47:bf:6d:ea:99:dd:35:f5:15:32:d8:69:
57:e0:28:d7:fe:e2:f6:9c:07:10:53:0d:df:0e:49:
e5:ab:c6:8c:c0:d3:37:5e:0a:4e:e6:7b:4b:29:11:
80:2e:e1:c7:2d:c4:66:8a:78:78:6b:56:41:4b:54:
22:08:05:5f:57:74:f9:a6:29:ba:ff:42:34:d9:4e:
c4:84:09:4a:b6:da:65:35:2c:99:bf:d4:12:07:25:
4b:3f:57:cd:ab:51:44:18:67:68:56:45:d3:ed:f3:
45:31:87:ed:d1:5b:0e:db:b0:57:42:4b:83:36:b4:
e8:89:31:7f:37:09:9d:69:51:10:d3:92:c4:e4:1a:
e9:c3:d7:b5:67:7b:d8:4d:fb:3f:cf:e8:f3:27:ae:
ed:4c:32:10:d2:dc:75:6e:6d:2e:78:53:81:8b:db:
9b:8e:82:fb:81:de:ac:ae:de:06:46:32:c9:7d:74:
f9:48:43:01:f2:e6:60:b0:41:e1:14:89:bf:7a:20:
b6:f1:f4:c9:99:aa:c6:3f:0f:be:3b:4e:d3:b6:40:
ff:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:8E:15:49:11:22:A3:AD:8C:84:80:D7:13:0A:64:29:1D:39:20:28
X509v3 Authority Key Identifier:
keyid:48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:fa:22:08:d0:fa:9b:74:ff:af:9f:fd:0d:6a:8d:fa:55:7b:
f8:3b:72:e5:c0:96:d0:06:3c:46:17:3c:cf:dd:24:c2:da:b6:
0b:c0:72:ca:12:09:65:c2:69:2a:32:09:46:a9:08:2a:f1:65:
82:c8:ac:a7:de:be:78:60:fd:29:26:e2:4a:9b:03:26:fc:f3:
a3:25:e2:ee:fd:d8:86:26:f6:7e:4d:79:e0:e8:61:e1:df:26:
e4:59:3c:58:4a:ec:11:c3:33:29:ff:c6:b0:6d:bd:d9:02:e5:
4f:78:d6:c5:d4:67:34:da:88:61:5b:59:ff:ee:a5:bf:0b:71:
97:92:23:fe:36:72:e0:6e:26:04:c6:c3:27:e0:4b:a8:a8:05:
ca:aa:e6:1e:44:69:6b:97:b1:2f:ce:78:fc:1e:eb:74:48:ba:
8e:bd:a9:ef:c8:5e:f0:7c:61:a0:6a:7f:e2:8f:f1:6b:00:66:
9e:9f:37:5a:e8:0c:11:b3:cb:7a:7e:17:55:04:d7:e8:aa:f4:
a9:8a:83:84:33:61:2f:ef:8e:35:fc:d1:b0:29:bb:46:9e:01:
57:44:95:d5:ad:5a:e1:68:68:77:45:49:27:be:b6:57:c9:b4:
e4:e0:81:5d:84:57:c1:e3:3d:d9:e8:4a:c7:9f:64:45:4b:cf:
e0:c2:60:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DNE4X2vbn94WVHvqTbOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTkzZTQwZGE1YTUyZjMyMmRiNWEwNGMyMGZiNDg2ZDRl
MTU1MDIwHhcNMjUwNDI3MDcwMTEzWhcNMjUwNDI4MDcwMTEzWjAzMTEwLwYDVQQD
EyhhZDhlMTU0OTExMjJhM2FkOGM4NDgwZDcxMzBhNjQyOTFkMzkyMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtZjn95eQckaq/cr5GMsRtD/s+M7
MQKvqbvJEBNh3FT+nhSs2AQW6xsLhbwIfl1Hv23qmd019RUy2GlX4CjX/uL2nAcQ
Uw3fDknlq8aMwNM3XgpO5ntLKRGALuHHLcRminh4a1ZBS1QiCAVfV3T5pim6/0I0
2U7EhAlKttplNSyZv9QSByVLP1fNq1FEGGdoVkXT7fNFMYft0VsO27BXQkuDNrTo
iTF/NwmdaVEQ05LE5Brpw9e1Z3vYTfs/z+jzJ67tTDIQ0tx1bm0ueFOBi9ubjoL7
gd6srt4GRjLJfXT5SEMB8uZgsEHhFIm/eiC28fTJmarGPw++O07TtkD/UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2OFUkRIqOtjISA1xMKZCkdOSAoMB8GA1UdIwQY
MBaAFEhZPkDaWlLzIttaBMIPtIbU4VUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEt
ZTY4YTA4ZDllNTRmLzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEtZTY4YTA4ZDllNTRm
LzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqfoiCND6
m3T/r5/9DWqN+lV7+Dty5cCW0AY8Rhc8z90kwtq2C8ByyhIJZcJpKjIJRqkIKvFl
gsisp96+eGD9KSbiSpsDJvzzoyXi7v3Yhib2fk154Ohh4d8m5Fk8WErsEcMzKf/G
sG292QLlT3jWxdRnNNqIYVtZ/+6lvwtxl5Ij/jZy4G4mBMbDJ+BLqKgFyqrmHkRp
a5exL854/B7rdEi6jr2p78he8HxhoGp/4o/xawBmnp83WugMEbPLen4XVQTX6Kr0
qYqDhDNhL++ONfzRsCm7Rp4BV0SV1a1a4Whod0VJJ762V8m05OCBXYRXweM92ehK
x59kRUvP4MJgdA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:07:51 2025 by rpki-client