Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: mwClLYTSvgQQeXCVewgAWdwJQbSZV4/eyBAqAnEYons=
Subject key identifier: 0B:47:2F:6F:61:B5:C8:D3:FE:BC:50:36:0E:C3:E5:C7:1C:DD:5C:B5
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 019689CA75CFB867890051F5B6D0FC4F4DEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 151C
Signing time: Thu 01 May 2025 03:01:09 +0000
Manifest this update: Thu 01 May 2025 03:01:09 +0000
Manifest next update: Fri 02 May 2025 03:01:09 +0000
Files and hashes: 1: 34veN2ucTJBbi388PrmLekhLRzM.roa (hash: zPkkR8nXQL9mfEVd+D/kn8bIVDt7EDLAoyKRPC1BVEk=)
2: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: fWEy29JmWcaC2HOHkngRJyLffFg1TLKFJi4k6Ez9PVU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 03:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:89:ca:75:cf:b8:67:89:00:51:f5:b6:d0:fc:4f:4d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: May 1 03:01:09 2025 GMT
Not After : May 2 03:01:09 2025 GMT
Subject: CN=0b472f6f61b5c8d3febc50360ec3e5c71cdd5cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:76:17:77:d9:ff:4e:73:69:17:c3:8b:ca:5b:
30:21:0f:41:f7:50:ab:a3:02:6c:83:8a:94:9c:70:
22:11:bc:96:a2:21:b1:f9:eb:89:ff:ad:ab:39:2a:
2f:2f:94:b2:21:73:02:8b:9a:1f:49:2d:82:67:32:
b2:17:5d:43:c2:b8:13:17:12:d3:e1:16:5a:0a:06:
52:3a:45:12:32:cf:82:3a:3b:34:49:76:48:c5:88:
de:57:56:81:2f:af:73:d0:c8:ac:fd:f4:b5:a5:48:
b0:6b:c9:87:77:c0:96:ac:25:4e:64:d7:b9:29:a5:
a3:0f:a7:3f:c8:d1:3e:e6:08:46:8e:a6:45:44:8c:
1c:61:a8:99:00:e0:81:1d:0a:6f:5b:ad:45:89:71:
54:ae:50:21:54:22:18:aa:7c:e5:16:b7:b9:a2:c4:
76:e4:aa:63:4b:70:8e:bd:ab:0a:13:90:ea:07:c6:
ad:8f:b7:cd:78:03:45:a1:0e:1e:21:cb:33:06:69:
cb:77:66:56:93:56:e8:d7:ad:df:67:8d:60:47:04:
6d:9d:35:53:88:d6:75:b7:67:e1:d7:bf:99:87:44:
79:86:7e:1b:c7:8b:74:08:cd:ba:01:5d:08:60:de:
c0:70:e6:09:69:51:4c:c8:e0:82:f1:b5:14:cd:8f:
0f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:47:2F:6F:61:B5:C8:D3:FE:BC:50:36:0E:C3:E5:C7:1C:DD:5C:B5
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:20:b4:cd:c7:1d:f5:72:59:0a:a1:33:3f:04:ac:ba:62:36:
57:c4:ef:9d:dd:b2:75:58:15:79:2e:bc:43:fc:18:86:8d:f4:
97:24:3b:71:51:1a:d2:aa:39:14:b1:c1:ca:f1:a6:78:44:d1:
e5:97:ea:51:9f:4e:7a:47:07:6a:45:19:04:ea:25:61:24:67:
70:16:26:66:2b:c7:6f:d0:6c:30:3e:b4:a6:5f:d7:74:bf:b5:
23:a4:35:ed:7d:27:47:d4:7f:1c:d0:7b:c3:65:e2:90:d9:f6:
ca:bb:bc:48:e4:ab:7d:b7:8f:63:4c:ae:db:86:82:f5:76:5f:
f3:e1:33:34:35:21:82:7b:5e:4f:43:cc:2d:3b:5b:84:4c:56:
59:ca:2a:50:0f:aa:61:68:5e:46:ef:98:42:85:c5:4c:5f:01:
a7:48:34:a4:ff:5f:02:9f:56:32:1f:6a:46:7d:ad:57:5e:53:
9d:aa:d3:ec:e8:b0:35:d4:c5:4a:79:a5:0d:49:37:d6:08:fb:
44:ad:13:67:71:87:ea:a8:cf:86:a4:0f:64:6a:56:0d:cd:83:
e1:11:13:19:9e:25:8e:62:3d:24:4d:be:6e:da:a9:32:49:42:
ee:a9:a4:48:40:64:51:b2:54:f0:e7:8d:bd:b5:54:a7:f6:61:
55:e3:15:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJynXPuGeJAFH1ttD8T03sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjUwNTAxMDMwMTA5WhcNMjUwNTAyMDMwMTA5WjAzMTEwLwYDVQQD
EygwYjQ3MmY2ZjYxYjVjOGQzZmViYzUwMzYwZWMzZTVjNzFjZGQ1Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXYXd9n/TnNpF8OLylswIQ9B91Cr
owJsg4qUnHAiEbyWoiGx+euJ/62rOSovL5SyIXMCi5ofSS2CZzKyF11DwrgTFxLT
4RZaCgZSOkUSMs+COjs0SXZIxYjeV1aBL69z0Mis/fS1pUiwa8mHd8CWrCVOZNe5
KaWjD6c/yNE+5ghGjqZFRIwcYaiZAOCBHQpvW61FiXFUrlAhVCIYqnzlFre5osR2
5KpjS3COvasKE5DqB8atj7fNeANFoQ4eIcszBmnLd2ZWk1bo163fZ41gRwRtnTVT
iNZ1t2fh17+Zh0R5hn4bx4t0CM26AV0IYN7AcOYJaVFMyOCC8bUUzY8PeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtHL29htcjT/rxQNg7D5ccc3Vy1MB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYiC0zccd
9XJZCqEzPwSsumI2V8Tvnd2ydVgVeS68Q/wYho30lyQ7cVEa0qo5FLHByvGmeETR
5ZfqUZ9OekcHakUZBOolYSRncBYmZivHb9BsMD60pl/XdL+1I6Q17X0nR9R/HNB7
w2XikNn2yru8SOSrfbePY0yu24aC9XZf8+EzNDUhgnteT0PMLTtbhExWWcoqUA+q
YWheRu+YQoXFTF8Bp0g0pP9fAp9WMh9qRn2tV15TnarT7OiwNdTFSnmlDUk31gj7
RK0TZ3GH6qjPhqQPZGpWDc2D4RETGZ4ljmI9JE2+btqpMklC7qmkSEBkUbJU8OeN
vbVUp/ZhVeMVDA==
-----END CERTIFICATE-----
Generated at Thu May 1 09:05:38 2025 by rpki-client