Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: eq7lq95rUaBVc80QLep/PUFikmt95gHh+Ju67zyC5ac=
Subject key identifier: AD:0B:74:FA:11:07:E9:B2:BC:5F:75:94:35:6F:FA:D8:D1:F2:E0:77
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 019679B21571A82C8A3F39FEB636A160E4DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 1514
Signing time: Mon 28 Apr 2025 00:00:36 +0000
Manifest this update: Mon 28 Apr 2025 00:00:36 +0000
Manifest next update: Tue 29 Apr 2025 00:00:36 +0000
Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: 4VMIdmW/XvOyX1C9GzUppk4Dfyn0XfF9oBMN9AHRNEM=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:b2:15:71:a8:2c:8a:3f:39:fe:b6:36:a1:60:e4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Apr 28 00:00:36 2025 GMT
Not After : Apr 29 00:00:36 2025 GMT
Subject: CN=ad0b74fa1107e9b2bc5f7594356ffad8d1f2e077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f1:2f:47:4b:00:c9:28:de:ad:a7:4d:02:ea:
76:ba:6c:72:a4:36:50:f6:8f:ce:bd:4a:71:18:91:
bb:2b:1b:14:83:08:dd:bd:74:76:d3:39:98:63:fe:
16:f5:67:43:ec:e2:de:dd:db:b4:90:d5:0f:2c:6d:
2d:b0:b9:a1:e2:ec:10:00:cd:3a:53:b3:e8:62:8a:
a5:33:f4:a6:d9:4f:c0:97:d5:f3:83:47:a4:63:40:
16:aa:4e:23:1b:a5:1e:fa:98:cf:73:79:53:18:35:
6b:6d:36:ad:6b:06:ff:70:ac:8e:56:75:21:e8:1b:
43:eb:91:a7:80:b2:97:98:bb:f7:ac:c0:49:c1:a2:
34:be:ea:f5:f8:27:bb:fc:63:0f:0e:c3:55:12:e5:
83:a1:e9:0a:57:9e:80:0e:ce:9c:2c:2e:9b:a9:8d:
65:fd:04:fc:eb:da:8e:25:01:37:e0:b0:79:b4:bd:
7f:f8:8a:59:90:44:c6:85:77:39:dd:22:02:75:c6:
f5:fa:e6:fc:77:c8:c3:b7:2b:d0:e5:44:c3:c1:14:
f8:b4:20:1a:b8:60:db:df:8e:53:d6:eb:9f:ce:2d:
e8:7a:2c:cb:ad:63:c1:57:1c:17:2d:73:d5:bd:b7:
f4:82:4e:b2:69:dd:65:b6:05:1a:3c:6a:43:4d:2d:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0B:74:FA:11:07:E9:B2:BC:5F:75:94:35:6F:FA:D8:D1:F2:E0:77
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:e7:f7:fc:14:63:85:65:55:71:ce:05:85:28:62:3c:25:1d:
3f:9c:ba:db:21:40:30:ec:93:36:3c:d3:a1:59:f6:10:2b:b0:
92:18:fa:b7:c7:ac:dc:1d:96:4b:4b:b8:4b:dd:5c:d5:6f:bd:
72:39:61:3e:bb:cd:59:cc:49:51:e5:35:54:6d:15:f1:66:42:
e9:dd:a1:6d:3c:3f:c5:ea:e9:14:be:df:bc:57:b9:d1:5a:86:
47:9b:ee:ee:99:e1:ac:99:23:fa:66:c6:b7:06:7f:54:96:7a:
a6:85:6a:df:19:5a:ba:00:8b:da:f2:50:58:c4:d9:16:0c:5b:
a8:5f:34:81:3e:0d:d1:d9:a0:4f:25:5e:0b:80:8e:4e:e4:59:
72:1a:aa:61:8d:95:ea:d0:0e:71:22:cf:00:a2:2a:9d:2c:29:
64:9f:8e:55:e4:bf:d7:4b:0e:53:8e:35:4a:f2:e5:54:14:7e:
dd:2f:b9:26:2b:eb:52:d2:ca:37:77:83:90:db:6a:3c:12:8a:
21:60:c0:89:ce:a8:04:25:e3:8f:64:c6:fe:d4:c2:4e:01:75:
82:db:bd:92:82:0f:bc:c5:8c:10:6a:19:b5:ab:b7:46:74:f7:
9f:94:83:46:d0:28:25:a6:0e:1c:a2:6a:98:09:d6:06:b3:97:
61:3a:08:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5shVxqCyKPzn+tjahYOTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwNDI4MDAwMDM2WhcNMjUwNDI5MDAwMDM2WjAzMTEwLwYDVQQD
EyhhZDBiNzRmYTExMDdlOWIyYmM1Zjc1OTQzNTZmZmFkOGQxZjJlMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfEvR0sAySjeradNAup2umxypDZQ
9o/OvUpxGJG7KxsUgwjdvXR20zmYY/4W9WdD7OLe3du0kNUPLG0tsLmh4uwQAM06
U7PoYoqlM/Sm2U/Al9Xzg0ekY0AWqk4jG6Ue+pjPc3lTGDVrbTatawb/cKyOVnUh
6BtD65GngLKXmLv3rMBJwaI0vur1+Ce7/GMPDsNVEuWDoekKV56ADs6cLC6bqY1l
/QT869qOJQE34LB5tL1/+IpZkETGhXc53SICdcb1+ub8d8jDtyvQ5UTDwRT4tCAa
uGDb345T1uufzi3oeizLrWPBVxwXLXPVvbf0gk6yad1ltgUaPGpDTS0LfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0LdPoRB+myvF91lDVv+tjR8uB3MB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiOf3/BRj
hWVVcc4FhShiPCUdP5y62yFAMOyTNjzToVn2ECuwkhj6t8es3B2WS0u4S91c1W+9
cjlhPrvNWcxJUeU1VG0V8WZC6d2hbTw/xerpFL7fvFe50VqGR5vu7pnhrJkj+mbG
twZ/VJZ6poVq3xlaugCL2vJQWMTZFgxbqF80gT4N0dmgTyVeC4COTuRZchqqYY2V
6tAOcSLPAKIqnSwpZJ+OVeS/10sOU441SvLlVBR+3S+5JivrUtLKN3eDkNtqPBKK
IWDAic6oBCXjj2TG/tTCTgF1gtu9koIPvMWMEGoZtau3RnT3n5SDRtAoJaYOHKJq
mAnWBrOXYToIVA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:10:11 2025 by rpki-client