Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier: XOJ+Tz2ATvPKgdFOnVuYxloHA5rrYF2Far4BAFyH59k=
Subject key identifier: 8A:F1:D3:2B:46:BC:8A:6E:18:D4:9D:80:5B:3B:EA:E0:3D:0D:FD:DE
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial: 01968BEF024455A7880C39745524C3BFE936
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number: 0DB3
Signing time: Thu 01 May 2025 13:00:18 +0000
Manifest this update: Thu 01 May 2025 13:00:18 +0000
Manifest next update: Fri 02 May 2025 13:00:18 +0000
Files and hashes: 1: 5KKpk9qEveM_ucLAOYR8lDjQsvs.roa (hash: FsEABHDgSk6DaTySsepeca9yMLpdy1J0E11YMBOaZ9k=)
2: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: rrkzTaimYek2XVJxY8FkOW1ERDMtPld91zM04/n2UaI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:ef:02:44:55:a7:88:0c:39:74:55:24:c3:bf:e9:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Validity
Not Before: May 1 13:00:18 2025 GMT
Not After : May 2 13:00:18 2025 GMT
Subject: CN=8af1d32b46bc8a6e18d49d805b3beae03d0dfdde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:59:f0:b4:e9:65:f6:2c:86:a4:e6:b0:80:0d:
77:f2:df:97:4c:ca:f2:db:dc:67:2b:07:23:9b:36:
4c:f4:0b:fa:51:f9:6f:3c:88:c3:a0:a4:43:c8:e4:
3b:20:dd:56:5b:6e:43:c6:e5:16:4c:40:bc:65:4a:
48:58:d2:4e:9d:2a:f8:b3:79:5d:fb:d6:62:4d:0a:
d9:28:78:44:f3:e1:88:7a:23:29:d5:3c:ce:61:00:
9d:5d:25:2f:f6:11:ec:03:12:5c:4b:d8:75:27:0a:
07:b0:b1:b3:ce:02:62:41:05:82:33:2c:6b:a8:d3:
78:54:29:1c:a8:29:e4:b2:12:13:44:1f:c8:25:96:
7b:4e:62:ae:fe:10:d3:c1:2e:6b:0a:a4:57:8d:a9:
dc:33:58:b1:cb:09:84:6d:f2:f4:d6:f7:46:6f:12:
e0:ec:f8:76:dc:1c:43:36:b3:bf:50:9e:f1:e2:05:
45:36:ac:e1:ea:21:1c:7b:ec:b0:6c:f5:1c:c3:14:
58:bc:04:e0:28:1c:08:2a:1f:d5:4c:55:4c:ec:8f:
8d:de:d7:54:c7:21:78:e0:e4:7d:88:e5:75:5c:cc:
75:f3:47:92:95:36:5b:09:ae:a3:10:ad:8c:48:fd:
69:57:63:33:ba:6f:71:6a:b8:52:b9:96:88:ee:4a:
30:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F1:D3:2B:46:BC:8A:6E:18:D4:9D:80:5B:3B:EA:E0:3D:0D:FD:DE
X509v3 Authority Key Identifier:
keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:e8:00:bf:e4:97:de:03:46:dd:a1:18:57:78:31:83:2d:ea:
0b:7c:b6:1e:e4:aa:54:3a:65:4c:f9:68:73:5c:9d:69:d4:bd:
9c:46:8e:64:1c:ec:1f:8b:1b:97:fd:7f:97:72:54:71:45:45:
67:fb:b9:91:fe:ab:56:84:71:5c:74:e3:ed:77:7d:3d:55:09:
70:2b:da:bf:c9:da:3e:ed:33:74:79:86:b2:d3:2d:66:40:71:
32:4a:81:e2:f1:ae:f3:e0:4c:e2:ea:c6:b6:4b:4d:37:8b:2e:
cb:de:02:e0:84:d5:38:e8:4c:dd:85:69:a4:27:89:d1:b6:05:
7f:b4:90:0a:0e:ef:54:60:bd:ab:6a:dc:3f:a5:d6:a0:fa:f6:
84:d6:f0:5d:f5:43:b4:95:de:9b:6b:17:e9:f0:9f:e9:b4:64:
04:cd:b0:41:eb:bf:4e:80:05:a7:07:62:c3:4d:db:92:f1:b1:
c2:8d:c6:58:4b:7a:91:a0:20:f5:28:ed:1c:51:6b:d8:c7:38:
88:37:ba:34:e4:bf:21:2d:91:e1:47:ad:f7:fe:c1:48:82:d1:
03:88:45:df:22:5c:c9:e5:6a:a5:bc:7c:b2:7a:08:bb:f4:d3:
35:08:5b:c5:e9:5a:f8:55:57:39:43:e8:42:23:9c:48:4d:b2:
7c:4e:46:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaL7wJEVaeIDDl0VSTDv+k2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjUwNTAxMTMwMDE4WhcNMjUwNTAyMTMwMDE4WjAzMTEwLwYDVQQD
Eyg4YWYxZDMyYjQ2YmM4YTZlMThkNDlkODA1YjNiZWFlMDNkMGRmZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVnwtOll9iyGpOawgA138t+XTMry
29xnKwcjmzZM9Av6UflvPIjDoKRDyOQ7IN1WW25DxuUWTEC8ZUpIWNJOnSr4s3ld
+9ZiTQrZKHhE8+GIeiMp1TzOYQCdXSUv9hHsAxJcS9h1JwoHsLGzzgJiQQWCMyxr
qNN4VCkcqCnkshITRB/IJZZ7TmKu/hDTwS5rCqRXjancM1ixywmEbfL01vdGbxLg
7Ph23BxDNrO/UJ7x4gVFNqzh6iEce+ywbPUcwxRYvATgKBwIKh/VTFVM7I+N3tdU
xyF44OR9iOV1XMx180eSlTZbCa6jEK2MSP1pV2Mzum9xarhSuZaI7kowuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrx0ytGvIpuGNSdgFs76uA9Df3eMB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc+gAv+SX
3gNG3aEYV3gxgy3qC3y2HuSqVDplTPloc1ydadS9nEaOZBzsH4sbl/1/l3JUcUVF
Z/u5kf6rVoRxXHTj7Xd9PVUJcCvav8naPu0zdHmGstMtZkBxMkqB4vGu8+BM4urG
tktNN4suy94C4ITVOOhM3YVppCeJ0bYFf7SQCg7vVGC9q2rcP6XWoPr2hNbwXfVD
tJXem2sX6fCf6bRkBM2wQeu/ToAFpwdiw03bkvGxwo3GWEt6kaAg9SjtHFFr2Mc4
iDe6NOS/IS2R4Uet9/7BSILRA4hF3yJcyeVqpbx8snoIu/TTNQhbxela+FVXOUPo
QiOcSE2yfE5Gsw==
-----END CERTIFICATE-----
Generated at Thu May 1 16:59:43 2025 by rpki-client