Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
File: nPmIlqiK6PNUCut37KHxqUu9aXg.mft (raw, json)
Hash identifier: cVBCtBZiRTZUpUsNQ7OQoZnCSyJfbSGZ5DDH+Nzn8i4=
Subject key identifier: 32:52:6B:CD:EF:12:D6:85:F8:27:60:1C:16:B5:45:01:F3:33:3B:08
Authority key identifier: 9C:F9:88:96:A8:8A:E8:F3:54:0A:EB:77:EC:A1:F1:A9:4B:BD:69:78
Certificate issuer: /CN=9cf98896a88ae8f3540aeb77eca1f1a94bbd6978
Certificate serial: 0196876DBBA8E17050A6493075F38BC2BF4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nPmIlqiK6PNUCut37KHxqUu9aXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
Manifest number: 06AE
Signing time: Wed 30 Apr 2025 16:00:37 +0000
Manifest this update: Wed 30 Apr 2025 16:00:37 +0000
Manifest next update: Thu 01 May 2025 16:00:37 +0000
Files and hashes: 1: nPmIlqiK6PNUCut37KHxqUu9aXg.crl (hash: K3oeYw8b4773cQBqa799KGQ4C7pnR7ocTWAQTBeRPYE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nPmIlqiK6PNUCut37KHxqUu9aXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 13:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:6d:bb:a8:e1:70:50:a6:49:30:75:f3:8b:c2:bf:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cf98896a88ae8f3540aeb77eca1f1a94bbd6978
Validity
Not Before: Apr 30 16:00:37 2025 GMT
Not After : May 1 16:00:37 2025 GMT
Subject: CN=32526bcdef12d685f827601c16b54501f3333b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:2f:95:ab:3b:20:45:ad:12:92:d0:b0:f3:
22:a0:68:e8:6f:9a:b5:c8:40:65:f3:d0:7c:5b:40:
2b:fb:2c:81:3d:29:9e:24:78:50:a1:54:6a:4e:3a:
00:c8:dc:51:a8:00:b9:81:db:15:57:1a:b7:fa:fd:
f4:c1:e8:fc:17:78:4b:13:8b:a4:39:c5:e7:3f:36:
85:14:ef:79:e4:6c:3d:a2:ca:58:2a:56:bd:15:3e:
9b:47:d6:a7:e1:82:a3:42:b7:01:0b:e4:55:9b:46:
9d:ac:89:18:fa:93:cf:54:77:54:50:82:66:27:5b:
0a:2e:0d:26:95:95:36:15:49:9f:bb:ba:5e:65:02:
9a:64:b1:00:e8:49:ec:f1:cf:69:d4:03:45:f2:80:
d8:e3:1f:49:c3:7b:4e:6c:df:ec:eb:83:98:05:7e:
81:61:24:88:26:93:73:a0:f3:a0:10:5f:cc:b2:c1:
bf:cd:5a:b6:b7:f6:46:e3:10:d2:12:1d:fb:30:b6:
e3:a8:ae:1b:8a:62:90:ca:5d:6e:21:8f:76:52:91:
77:91:3d:8a:41:ee:80:2e:a0:ed:34:95:bf:65:3a:
dc:22:b5:0f:4a:08:7a:36:c3:74:5c:96:9a:76:eb:
a6:e8:a8:ab:fc:d6:e9:e2:4f:7f:1c:ff:d3:b0:18:
d6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:52:6B:CD:EF:12:D6:85:F8:27:60:1C:16:B5:45:01:F3:33:3B:08
X509v3 Authority Key Identifier:
keyid:9C:F9:88:96:A8:8A:E8:F3:54:0A:EB:77:EC:A1:F1:A9:4B:BD:69:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPmIlqiK6PNUCut37KHxqUu9aXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/deb102-423f-4e92-b7c5-73d014e8349b/1/nPmIlqiK6PNUCut37KHxqUu9aXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:a0:e8:c3:f6:ce:f5:78:40:35:5d:e7:94:59:3c:74:75:9c:
eb:e9:e5:9a:0e:13:06:c1:3f:61:13:ac:7f:b5:21:c1:37:33:
c2:83:ad:eb:2a:f0:1a:d9:14:f5:39:02:3a:3d:e8:fb:cd:38:
a9:4e:30:76:94:d0:2c:bf:e4:5b:05:82:78:62:76:85:fe:5e:
9d:07:bf:98:ec:15:c4:df:0c:99:6c:72:ff:9d:e4:d1:1a:c7:
a6:98:af:5c:87:00:35:9c:59:f8:9f:10:a9:a8:4a:b9:f1:d2:
e2:fc:89:33:2f:12:c8:e7:66:9b:29:a7:f8:e7:fb:93:93:6a:
60:6e:d9:af:81:7c:24:89:b2:69:18:59:ac:43:94:10:a6:14:
19:52:b3:2c:32:44:7e:f2:c4:3f:0e:56:dc:f4:fd:e3:d9:09:
8e:40:ce:e1:47:c9:9d:c9:03:95:2a:32:99:dc:41:b8:d2:d2:
38:3f:d2:c3:f7:e6:1e:1d:04:e7:73:4e:b4:33:3d:56:fe:e8:
cd:9d:7d:19:33:ea:3d:e8:8e:69:18:e7:2f:b6:a2:da:2b:e3:
70:d5:ba:86:16:43:9f:23:83:00:fd:54:7c:5a:d4:21:d5:02:
b3:0d:d7:ff:96:37:f9:a9:2b:25:ff:4a:50:fa:34:9d:53:75:
5e:8a:25:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbbuo4XBQpkkwdfOLwr9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjk4ODk2YTg4YWU4ZjM1NDBhZWI3N2VjYTFmMWE5NGJi
ZDY5NzgwHhcNMjUwNDMwMTYwMDM3WhcNMjUwNTAxMTYwMDM3WjAzMTEwLwYDVQQD
EygzMjUyNmJjZGVmMTJkNjg1ZjgyNzYwMWMxNmI1NDUwMWYzMzMzYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO4vlas7IEWtEpLQsPMioGjob5q1
yEBl89B8W0Ar+yyBPSmeJHhQoVRqTjoAyNxRqAC5gdsVVxq3+v30wej8F3hLE4uk
OcXnPzaFFO955Gw9ospYKla9FT6bR9an4YKjQrcBC+RVm0adrIkY+pPPVHdUUIJm
J1sKLg0mlZU2FUmfu7peZQKaZLEA6Ens8c9p1ANF8oDY4x9Jw3tObN/s64OYBX6B
YSSIJpNzoPOgEF/MssG/zVq2t/ZG4xDSEh37MLbjqK4bimKQyl1uIY92UpF3kT2K
Qe6ALqDtNJW/ZTrcIrUPSgh6NsN0XJaaduum6Kir/Nbp4k9/HP/TsBjW+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJSa83vEtaF+CdgHBa1RQHzMzsIMB8GA1UdIwQY
MBaAFJz5iJaoiujzVArrd+yh8alLvWl4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBtSWxxaUs2UE5VQ3V0MzdLSHhxVXU5YVhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kZWIxMDItNDIzZi00ZTkyLWI3YzUt
NzNkMDE0ZTgzNDliLzEvblBtSWxxaUs2UE5VQ3V0MzdLSHhxVXU5YVhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kZWIxMDItNDIzZi00ZTkyLWI3YzUtNzNkMDE0ZTgzNDli
LzEvblBtSWxxaUs2UE5VQ3V0MzdLSHhxVXU5YVhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaKDow/bO
9XhANV3nlFk8dHWc6+nlmg4TBsE/YROsf7UhwTczwoOt6yrwGtkU9TkCOj3o+804
qU4wdpTQLL/kWwWCeGJ2hf5enQe/mOwVxN8MmWxy/53k0RrHppivXIcANZxZ+J8Q
qahKufHS4vyJMy8SyOdmmymn+Of7k5NqYG7Zr4F8JImyaRhZrEOUEKYUGVKzLDJE
fvLEPw5W3PT949kJjkDO4UfJnckDlSoymdxBuNLSOD/Sw/fmHh0E53NOtDM9Vv7o
zZ19GTPqPeiOaRjnL7ai2ivjcNW6hhZDnyODAP1UfFrUIdUCsw3X/5Y3+akrJf9K
UPo0nVN1Xoolqw==
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:03:46 2025 by rpki-client