Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
File: o52_aHirAKRS-LB_iQ06s0g3Yns.mft (raw, json)
Hash identifier: ZfL96OFygqxlO9UA9lLcv488IseBzkXuO3ZumcDIJyE=
Subject key identifier: D4:71:68:18:B8:73:85:28:3E:85:EE:DC:EC:88:F2:E2:AA:34:E0:53
Authority key identifier: A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B
Certificate issuer: /CN=a39dbf6878ab00a452f8b07f890d3ab34837627b
Certificate serial: 01968391160026C8D969F3D05640DEDF9F01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
Manifest number: 03D9
Signing time: Tue 29 Apr 2025 22:00:45 +0000
Manifest this update: Tue 29 Apr 2025 22:00:45 +0000
Manifest next update: Wed 30 Apr 2025 22:00:45 +0000
Files and hashes: 1: ExGaGMHRMHV6Wwq7HUUBGaTmIOs.roa (hash: GrRPycpKBiqBeJAl7ze1jROyMQik0DJu7nFgEpAVFB8=)
2: o52_aHirAKRS-LB_iQ06s0g3Yns.crl (hash: bfrTanq9FffOA8fIVBcyhedBLTTOIQFoOd1o65ld/sQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 22:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:91:16:00:26:c8:d9:69:f3:d0:56:40:de:df:9f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a39dbf6878ab00a452f8b07f890d3ab34837627b
Validity
Not Before: Apr 29 22:00:45 2025 GMT
Not After : Apr 30 22:00:45 2025 GMT
Subject: CN=d4716818b87385283e85eedcec88f2e2aa34e053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9d:7c:ff:57:2c:5e:37:aa:96:dd:75:b6:74:
ae:ee:23:6e:7a:54:b8:dc:28:ec:93:a9:e0:72:68:
d4:cd:f4:7e:49:ce:a4:9c:04:45:53:4d:82:41:94:
d7:71:a3:d5:57:8c:b5:b8:e5:17:5b:6e:c6:5b:4d:
3b:da:78:03:19:cf:f8:08:47:00:56:39:93:c1:2f:
49:3c:6a:3a:08:81:95:24:c1:6e:67:53:d1:ea:e8:
b6:04:cc:0c:ff:70:5a:b4:86:b0:e5:83:1e:24:8c:
3c:a8:97:05:6e:51:ed:72:03:d3:e2:85:b3:42:fc:
ce:76:c0:c2:00:a9:61:4b:52:d1:f7:71:09:b5:a3:
bd:c1:f5:18:c6:87:d0:fe:4b:65:d1:fa:53:6c:01:
6c:71:ae:0e:2a:57:71:bf:ef:ba:67:09:38:3c:e3:
35:c2:9e:6f:02:ac:f2:27:f2:66:8c:fa:7a:35:60:
65:ed:d0:db:e8:07:9f:4e:cb:ba:35:2c:dd:f9:fb:
aa:7f:2d:4e:9c:ab:b3:68:3d:c4:7b:d7:84:9f:52:
65:6f:2a:f9:a6:ef:38:b9:e0:6b:91:17:d4:a8:5f:
e0:92:df:cd:4a:23:4d:96:47:1f:93:02:d1:9e:25:
2e:26:6f:bd:23:d0:4b:52:98:72:4a:8c:03:a0:65:
2b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:71:68:18:B8:73:85:28:3E:85:EE:DC:EC:88:F2:E2:AA:34:E0:53
X509v3 Authority Key Identifier:
keyid:A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:64:05:45:f0:52:cf:12:93:54:7e:ea:70:ad:9f:48:03:a5:
32:05:13:63:43:d7:3f:3f:70:67:45:d1:53:35:40:c0:c4:50:
50:78:a6:5f:bd:93:3b:ab:2b:de:ea:3c:a1:72:6a:16:ac:1c:
62:a7:92:0e:08:3c:ca:30:ce:40:b0:c0:8e:ad:e7:9d:c8:60:
39:31:7e:89:5e:4d:db:da:e0:5b:76:0b:a8:95:fc:b5:dc:84:
9c:90:22:eb:75:90:63:ef:15:6e:31:de:9d:04:e8:21:31:46:
2e:32:94:db:7f:3e:e5:e9:ae:e5:91:89:d5:d5:b7:0a:e4:00:
0e:6d:95:82:c8:cd:12:b1:eb:04:85:11:a9:b2:3c:3a:e3:16:
ce:60:b0:4b:c4:91:40:d7:ea:bb:08:35:9c:aa:b8:66:a4:6c:
d6:4d:b9:be:ee:87:e9:57:a8:ce:48:97:24:27:0b:a9:02:4c:
40:cf:45:e0:9b:df:50:5e:8f:51:7c:24:96:c9:a0:a3:ec:e6:
b8:34:ff:ca:56:59:b3:cf:60:bb:38:03:94:55:94:52:94:38:
39:b0:34:ee:99:43:30:35:6d:82:1a:5f:b4:30:92:be:e6:9f:
ca:c1:2a:5f:f8:ac:29:c1:f7:c2:7d:24:80:69:b1:56:07:b8:
d7:0f:e7:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkRYAJsjZafPQVkDe358BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWRiZjY4NzhhYjAwYTQ1MmY4YjA3Zjg5MGQzYWIzNDgz
NzYyN2IwHhcNMjUwNDI5MjIwMDQ1WhcNMjUwNDMwMjIwMDQ1WjAzMTEwLwYDVQQD
EyhkNDcxNjgxOGI4NzM4NTI4M2U4NWVlZGNlYzg4ZjJlMmFhMzRlMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz518/1csXjeqlt11tnSu7iNuelS4
3Cjsk6ngcmjUzfR+Sc6knARFU02CQZTXcaPVV4y1uOUXW27GW0072ngDGc/4CEcA
VjmTwS9JPGo6CIGVJMFuZ1PR6ui2BMwM/3BatIaw5YMeJIw8qJcFblHtcgPT4oWz
QvzOdsDCAKlhS1LR93EJtaO9wfUYxofQ/ktl0fpTbAFsca4OKldxv++6Zwk4POM1
wp5vAqzyJ/JmjPp6NWBl7dDb6AefTsu6NSzd+fuqfy1OnKuzaD3Ee9eEn1Jlbyr5
pu84ueBrkRfUqF/gkt/NSiNNlkcfkwLRniUuJm+9I9BLUphySowDoGUrpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRxaBi4c4UoPoXu3OyI8uKqNOBTMB8GA1UdIwQY
MBaAFKOdv2h4qwCkUviwf4kNOrNIN2J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAt
YWQ0NDIzNzY1ODkyLzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAtYWQ0NDIzNzY1ODky
LzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ2QFRfBS
zxKTVH7qcK2fSAOlMgUTY0PXPz9wZ0XRUzVAwMRQUHimX72TO6sr3uo8oXJqFqwc
YqeSDgg8yjDOQLDAjq3nnchgOTF+iV5N29rgW3YLqJX8tdyEnJAi63WQY+8VbjHe
nQToITFGLjKU238+5emu5ZGJ1dW3CuQADm2VgsjNErHrBIURqbI8OuMWzmCwS8SR
QNfquwg1nKq4ZqRs1k25vu6H6VeozkiXJCcLqQJMQM9F4JvfUF6PUXwklsmgo+zm
uDT/ylZZs89guzgDlFWUUpQ4ObA07plDMDVtghpftDCSvuafysEqX/isKcH3wn0k
gGmxVge41w/nKg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:28:29 2025 by rpki-client