Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.mft
File: CuQnEByy4r1WUITeZHH260jST5Y.mft (raw, json)
Hash identifier: 51EMro5wNZLEtphrcN5sXi2MTdzTSZckzWEGSaXsyto=
Subject key identifier: 61:7D:18:51:B5:65:54:08:54:BC:31:B1:02:95:9C:7A:FC:12:EB:DA
Authority key identifier: 0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
Certificate issuer: /CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Certificate serial: 019680593750AAD476DDA701A8386846F318
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.mft
Manifest number: 0AB2
Signing time: Tue 29 Apr 2025 07:00:52 +0000
Manifest this update: Tue 29 Apr 2025 07:00:52 +0000
Manifest next update: Wed 30 Apr 2025 07:00:52 +0000
Files and hashes: 1: CuQnEByy4r1WUITeZHH260jST5Y.crl (hash: c2UldADmh6EP2UKoHa6c0qyHouuoeJp6DyHsWVvwrKk=)
2: LfJ8ODju367d2avuOQm5piH-KjI.roa (hash: o3ZK8YLnbi2AKR9dzokceRf3/tnSGkPPHYTuBxrwd0c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:59:37:50:aa:d4:76:dd:a7:01:a8:38:68:46:f3:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Validity
Not Before: Apr 29 07:00:52 2025 GMT
Not After : Apr 30 07:00:52 2025 GMT
Subject: CN=617d1851b565540854bc31b102959c7afc12ebda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:55:fb:3c:e0:03:87:d8:b2:d0:c0:35:37:e9:
bf:74:38:17:3a:d8:3c:35:43:50:a2:ce:9d:72:c5:
5c:89:29:4d:b2:ce:5f:74:79:5b:3c:61:11:f0:57:
3a:e2:ea:6e:ff:73:1b:23:12:6d:6f:d4:9f:d6:8e:
75:9d:b4:41:32:62:8d:7d:73:f3:be:3a:3d:cf:62:
d6:69:fa:54:e9:7b:52:02:76:fc:41:ac:2b:89:be:
70:1d:44:77:3b:fe:93:c6:3f:b2:10:85:29:ce:02:
c0:9b:0c:bb:44:81:bb:16:3e:86:24:e5:73:45:ee:
79:5f:e1:ee:e7:77:7a:ce:7d:75:c9:1f:49:24:9d:
9e:1a:6a:7b:2e:20:29:ae:9f:74:1f:60:f4:5c:a5:
6e:ef:0e:b7:1e:64:48:c5:92:72:5d:0e:9d:87:89:
f6:f6:c4:01:27:4f:aa:9f:93:6b:be:59:59:51:82:
d7:b5:4f:67:c8:ce:80:1d:3b:3e:11:6c:b1:05:68:
39:7b:33:b3:40:3d:dc:b3:4a:05:05:40:87:96:a2:
d9:b0:d0:c8:a9:20:74:a0:29:34:c0:5d:0e:ac:5a:
52:9a:c9:e3:63:81:cc:89:4b:d5:32:a1:b8:9b:ae:
2a:e9:78:9b:00:11:e6:9d:0c:d0:9f:35:d4:44:df:
5d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:7D:18:51:B5:65:54:08:54:BC:31:B1:02:95:9C:7A:FC:12:EB:DA
X509v3 Authority Key Identifier:
keyid:0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:6b:4c:38:ec:c9:c6:cb:1f:d3:75:44:01:69:c0:8c:6b:39:
53:17:75:d6:60:66:bb:d6:1a:87:36:0e:22:0d:22:8e:50:fb:
79:1f:8a:b3:e7:ed:aa:17:74:3e:ea:c4:81:04:a0:66:ac:4d:
5d:aa:51:60:df:0b:6a:ba:5d:40:80:91:94:7e:76:be:b3:16:
75:4a:a8:61:1c:db:58:09:8d:21:25:e0:87:89:f1:bc:12:da:
90:2a:49:ec:2c:67:99:32:9e:c9:71:da:c1:09:4e:be:49:49:
cf:86:58:30:da:da:78:b4:e8:13:a4:2d:50:a1:b4:c3:42:c4:
31:e2:b3:5d:fe:32:45:0c:1c:24:28:20:df:75:e1:80:e1:41:
eb:5c:81:8c:97:08:80:03:b0:28:66:cc:be:58:12:36:9e:9b:
bb:37:dd:0e:1a:67:e9:32:cd:2b:a7:eb:77:68:61:52:f3:75:
9d:0e:0f:4a:37:58:98:3b:3b:5b:33:eb:9e:5a:19:43:41:6d:
ee:cf:63:6d:d6:08:1b:48:f6:d6:77:41:cb:a2:a3:78:15:48:
f1:b9:57:df:99:f5:bf:7b:1c:70:3c:3a:06:e1:2b:ef:fd:bf:
da:48:26:42:2e:c6:db:80:6b:63:37:31:97:c1:9d:d4:48:1b:
57:f6:30:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAWTdQqtR23acBqDhoRvMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTQyNzEwMWNiMmUyYmQ1NjUwODRkZTY0NzFmNmViNDhk
MjRmOTYwHhcNMjUwNDI5MDcwMDUyWhcNMjUwNDMwMDcwMDUyWjAzMTEwLwYDVQQD
Eyg2MTdkMTg1MWI1NjU1NDA4NTRiYzMxYjEwMjk1OWM3YWZjMTJlYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6lX7POADh9iy0MA1N+m/dDgXOtg8
NUNQos6dcsVciSlNss5fdHlbPGER8Fc64upu/3MbIxJtb9Sf1o51nbRBMmKNfXPz
vjo9z2LWafpU6XtSAnb8Qawrib5wHUR3O/6Txj+yEIUpzgLAmwy7RIG7Fj6GJOVz
Re55X+Hu53d6zn11yR9JJJ2eGmp7LiAprp90H2D0XKVu7w63HmRIxZJyXQ6dh4n2
9sQBJ0+qn5NrvllZUYLXtU9nyM6AHTs+EWyxBWg5ezOzQD3cs0oFBUCHlqLZsNDI
qSB0oCk0wF0OrFpSmsnjY4HMiUvVMqG4m64q6XibABHmnQzQnzXURN9dpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGF9GFG1ZVQIVLwxsQKVnHr8EuvaMB8GA1UdIwQY
MBaAFArkJxAcsuK9VlCE3mRx9utI0k+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUt
N2M5ZTY4NGNjY2UyLzEvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUtN2M5ZTY4NGNjY2Uy
LzEvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmtMOOzJ
xssf03VEAWnAjGs5Uxd11mBmu9YahzYOIg0ijlD7eR+Ks+ftqhd0PurEgQSgZqxN
XapRYN8LarpdQICRlH52vrMWdUqoYRzbWAmNISXgh4nxvBLakCpJ7CxnmTKeyXHa
wQlOvklJz4ZYMNraeLToE6QtUKG0w0LEMeKzXf4yRQwcJCgg33XhgOFB61yBjJcI
gAOwKGbMvlgSNp6buzfdDhpn6TLNK6frd2hhUvN1nQ4PSjdYmDs7WzPrnloZQ0Ft
7s9jbdYIG0j21ndBy6KjeBVI8blX35n1v3sccDw6BuEr7/2/2kgmQi7G24BrYzcx
l8Gd1EgbV/YwMQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:19:48 2025 by rpki-client