Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.mft
File: KRl7xzMOqZkA9PyRAzozF-VvdeI.mft (raw, json)
Hash identifier: tt9vwwgA8OdroNI4sC+MjOBCh8ldejUp2jVFFn9lY2M=
Subject key identifier: 19:37:53:D9:FB:E2:50:95:5B:44:00:01:80:EC:E2:9C:A4:4B:27:CE
Authority key identifier: 29:19:7B:C7:33:0E:A9:99:00:F4:FC:91:03:3A:33:17:E5:6F:75:E2
Certificate issuer: /CN=29197bc7330ea99900f4fc91033a3317e56f75e2
Certificate serial: 01967A8D9255167B3F96EAB6BB764334470D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.mft
Manifest number: 0333
Signing time: Mon 28 Apr 2025 04:00:20 +0000
Manifest this update: Mon 28 Apr 2025 04:00:20 +0000
Manifest next update: Tue 29 Apr 2025 04:00:20 +0000
Files and hashes: 1: KRl7xzMOqZkA9PyRAzozF-VvdeI.crl (hash: BD+f4vWfyOX3AeAf8e399H8E21gdDZZb/qANJscrVRc=)
2: lzjPjehPcPKbzhp_BORqJSFXL5w.roa (hash: o7m8VbYXK8WyV5y7PTGt6HIYSCCP18Dfj928jAcIW9s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:8d:92:55:16:7b:3f:96:ea:b6:bb:76:43:34:47:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29197bc7330ea99900f4fc91033a3317e56f75e2
Validity
Not Before: Apr 28 04:00:20 2025 GMT
Not After : Apr 29 04:00:20 2025 GMT
Subject: CN=193753d9fbe250955b44000180ece29ca44b27ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a3:3e:88:19:a5:b4:24:46:91:89:8a:b2:2e:
a1:59:67:4d:df:b1:22:be:5f:db:81:84:89:a9:d8:
4a:dc:96:86:83:52:8f:a8:f0:ef:d8:9b:da:bb:5b:
c9:a0:d7:ff:c2:14:d7:21:3c:e9:19:49:a8:20:02:
df:57:c7:c8:af:ca:39:7c:f8:6d:a6:e1:82:d1:b8:
e9:2c:1f:58:ed:04:71:9b:5f:c9:11:de:10:da:da:
a5:35:25:f4:9d:a7:73:6c:60:bd:cb:30:ae:e1:cc:
1f:bb:6a:84:7b:cb:96:77:9b:be:77:a9:48:17:52:
54:68:3a:f1:82:e3:26:45:77:c3:f1:b8:e3:45:a4:
14:10:5e:3a:b0:f5:4e:34:82:02:f8:51:ed:c9:4e:
6d:31:fd:ca:a1:a8:93:73:f2:52:31:7f:fa:e9:92:
dd:00:c3:85:27:fd:d9:5b:ac:fc:9e:d6:72:98:18:
c4:58:87:c5:da:d3:24:8e:05:d9:75:1c:da:87:e7:
f7:20:6c:65:89:89:37:e5:d9:a0:03:a7:24:cf:68:
92:49:38:8f:5c:1c:6e:2e:4b:8a:1a:7f:4b:c0:57:
f4:48:77:cb:86:b6:13:c9:8a:ea:24:76:48:c7:0e:
17:17:a9:bf:d1:81:c2:cc:89:81:3e:db:2e:cb:c9:
3f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:37:53:D9:FB:E2:50:95:5B:44:00:01:80:EC:E2:9C:A4:4B:27:CE
X509v3 Authority Key Identifier:
keyid:29:19:7B:C7:33:0E:A9:99:00:F4:FC:91:03:3A:33:17:E5:6F:75:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:cf:d9:a1:f8:a5:0b:28:79:63:3d:38:f9:2e:01:86:50:20:
e9:24:4a:90:b4:eb:7b:99:15:d1:98:00:59:46:b3:9e:d8:d8:
0e:c7:87:68:84:09:c9:52:78:89:27:11:9a:0d:c6:48:cd:27:
3c:6a:c3:37:a0:6c:ee:0f:e1:d1:9c:e0:9c:9d:5e:71:d1:9c:
27:ea:0b:60:eb:a0:48:9e:49:18:fd:0f:d2:b4:8c:f8:de:f1:
fa:2a:d2:e7:a7:4c:c9:b9:3a:36:73:c2:7b:3e:c8:3c:67:a6:
51:b2:a0:73:a5:8c:c9:0f:03:87:5a:b0:e3:86:37:5d:e1:bb:
25:a8:74:5a:2a:f3:22:b5:14:10:9c:19:e2:49:48:84:42:98:
ff:a7:1c:99:88:02:d7:89:4c:4e:11:59:d2:dc:05:92:fc:31:
d9:2c:b4:cc:0f:ea:e3:6a:d9:90:e1:94:30:78:7f:39:b1:69:
44:71:05:7d:89:dd:40:f1:8a:41:cb:46:19:ed:73:07:a1:ad:
24:df:9f:88:ec:9f:f5:b9:d2:ec:59:b8:4e:c1:db:84:b6:76:
80:4c:54:48:a2:70:d2:dc:0e:18:74:0e:a7:38:80:fa:5e:fd:
f3:48:b3:28:ac:c2:7e:e0:fe:b5:c4:01:e7:19:37:a5:af:0e:
62:23:6f:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6jZJVFns/luq2u3ZDNEcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTk3YmM3MzMwZWE5OTkwMGY0ZmM5MTAzM2EzMzE3ZTU2
Zjc1ZTIwHhcNMjUwNDI4MDQwMDIwWhcNMjUwNDI5MDQwMDIwWjAzMTEwLwYDVQQD
EygxOTM3NTNkOWZiZTI1MDk1NWI0NDAwMDE4MGVjZTI5Y2E0NGIyN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaM+iBmltCRGkYmKsi6hWWdN37Ei
vl/bgYSJqdhK3JaGg1KPqPDv2Jvau1vJoNf/whTXITzpGUmoIALfV8fIr8o5fPht
puGC0bjpLB9Y7QRxm1/JEd4Q2tqlNSX0nadzbGC9yzCu4cwfu2qEe8uWd5u+d6lI
F1JUaDrxguMmRXfD8bjjRaQUEF46sPVONIIC+FHtyU5tMf3KoaiTc/JSMX/66ZLd
AMOFJ/3ZW6z8ntZymBjEWIfF2tMkjgXZdRzah+f3IGxliYk35dmgA6ckz2iSSTiP
XBxuLkuKGn9LwFf0SHfLhrYTyYrqJHZIxw4XF6m/0YHCzImBPtsuy8k/LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBk3U9n74lCVW0QAAYDs4pykSyfOMB8GA1UdIwQY
MBaAFCkZe8czDqmZAPT8kQM6Mxflb3XiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JsN3h6TU9xWmtBOVB5UkF6b3pGLVZ2ZGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDQzYTctYjI3Ni00MGRjLTlmNjct
MzUwMDRhZjVjOTM1LzEvS1JsN3h6TU9xWmtBOVB5UkF6b3pGLVZ2ZGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMDQzYTctYjI3Ni00MGRjLTlmNjctMzUwMDRhZjVjOTM1
LzEvS1JsN3h6TU9xWmtBOVB5UkF6b3pGLVZ2ZGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATc/Zofil
Cyh5Yz04+S4BhlAg6SRKkLTre5kV0ZgAWUazntjYDseHaIQJyVJ4iScRmg3GSM0n
PGrDN6Bs7g/h0ZzgnJ1ecdGcJ+oLYOugSJ5JGP0P0rSM+N7x+irS56dMybk6NnPC
ez7IPGemUbKgc6WMyQ8Dh1qw44Y3XeG7Jah0WirzIrUUEJwZ4klIhEKY/6ccmYgC
14lMThFZ0twFkvwx2Sy0zA/q42rZkOGUMHh/ObFpRHEFfYndQPGKQctGGe1zB6Gt
JN+fiOyf9bnS7Fm4TsHbhLZ2gExUSKJw0twOGHQOpziA+l7980izKKzCfuD+tcQB
5xk3pa8OYiNvIw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:24:00 2025 by rpki-client