Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft
File: IYssahphoXurfAMggKo78kR4tt0.mft (raw, json)
Hash identifier: qitWVrQsYEHV5CGeNefVPMK1zbfdauXgCuIQ1h8b1DM=
Subject key identifier: F8:F3:02:71:67:53:71:04:BC:D8:91:C5:CC:BB:19:BF:49:F5:25:F1
Authority key identifier: 21:8B:2C:6A:1A:61:A1:7B:AB:7C:03:20:80:AA:3B:F2:44:78:B6:DD
Certificate issuer: /CN=218b2c6a1a61a17bab7c032080aa3bf24478b6dd
Certificate serial: 0196816BAF41A9F3239A44C157AF0771763B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft
Manifest number: 0BCF
Signing time: Tue 29 Apr 2025 12:00:40 +0000
Manifest this update: Tue 29 Apr 2025 12:00:40 +0000
Manifest next update: Wed 30 Apr 2025 12:00:40 +0000
Files and hashes: 1: IYssahphoXurfAMggKo78kR4tt0.crl (hash: 4MYbCTSaS8xYUJ/zGF2BnAnsCHavFWPiM7T/V4XbN8c=)
2: wnACGaMKOrsg5i1-6PAAx8VKQ0Y.roa (hash: kxRyBHTXArEsk0qrBdKwIl2FB5x6O/p6TWut1bU4JRM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 12:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:6b:af:41:a9:f3:23:9a:44:c1:57:af:07:71:76:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218b2c6a1a61a17bab7c032080aa3bf24478b6dd
Validity
Not Before: Apr 29 12:00:40 2025 GMT
Not After : Apr 30 12:00:40 2025 GMT
Subject: CN=f8f3027167537104bcd891c5ccbb19bf49f525f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3a:24:34:6a:7e:c0:37:77:54:42:54:3a:c7:
eb:2e:a8:0c:59:65:7b:1e:fe:27:54:1b:9c:24:d0:
c0:92:d0:12:b6:f2:53:8d:ca:df:21:b6:87:7d:ef:
76:b5:2c:91:8f:08:2a:05:05:af:e3:85:07:7e:ea:
82:74:69:5a:48:73:76:0a:f7:7f:76:90:1d:88:17:
f6:a2:7f:6c:9c:2a:65:c0:a5:80:b1:44:e4:6f:ea:
a7:08:90:25:2d:d8:a3:b8:33:92:8c:33:d3:ac:50:
c8:97:89:f6:7f:e0:52:57:ff:48:1c:be:15:92:69:
f8:00:22:d1:bb:16:f4:80:55:44:16:db:a2:0e:54:
21:f2:5f:1c:dc:3d:fc:a7:15:ac:58:c2:54:cf:51:
c9:d9:f7:7d:17:26:c0:79:f8:00:21:25:83:cd:c6:
d5:16:33:fb:10:df:5e:fa:0e:2b:69:6d:54:1c:64:
28:ec:32:b9:63:af:8e:f1:09:22:80:c4:2f:ac:b0:
94:76:ca:78:a9:d4:84:b6:57:9f:f8:cd:2a:2c:65:
64:e1:65:1b:6c:57:74:c8:0b:34:04:1b:5a:65:ee:
b9:ca:8c:00:46:57:08:f0:06:f8:82:02:69:b4:9b:
69:eb:b6:b1:68:ec:42:3e:50:6c:fd:53:37:e6:b8:
99:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F3:02:71:67:53:71:04:BC:D8:91:C5:CC:BB:19:BF:49:F5:25:F1
X509v3 Authority Key Identifier:
keyid:21:8B:2C:6A:1A:61:A1:7B:AB:7C:03:20:80:AA:3B:F2:44:78:B6:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:07:c7:c0:00:43:b5:04:64:6b:d5:81:83:0f:4b:58:a1:e0:
6f:9a:6e:17:64:89:ad:1b:7a:25:e4:c1:d9:73:db:48:6a:06:
57:d3:fa:4c:de:85:3d:78:10:7d:bc:86:20:e3:60:34:a1:98:
33:df:41:4e:98:df:b4:67:17:9a:29:f4:68:ac:fe:d4:34:c5:
a3:b5:dd:a0:01:66:0b:db:35:52:88:5d:69:ab:68:5e:bc:a2:
41:42:08:8a:3d:25:ae:65:f2:2e:2e:2c:13:93:6b:4f:78:a0:
1d:46:99:ef:95:bb:24:cf:2c:c7:e1:21:e8:1b:14:1f:32:83:
20:0b:dd:b6:d7:46:23:e9:2f:38:0c:9a:43:f0:50:28:53:07:
b5:7a:4a:0e:3e:b1:a8:84:bd:7b:fe:4b:ad:60:00:76:4f:28:
c0:3a:ab:ca:b6:48:5c:d9:8e:f1:28:8c:ef:8f:e3:86:0a:e5:
57:7f:45:da:cd:1b:50:c9:a8:1b:ef:ab:d7:be:97:ff:13:a8:
0b:4d:3e:fa:85:e1:98:74:2c:df:43:80:76:c4:f3:8e:56:d7:
39:b6:8d:bb:86:69:77:07:64:7b:ab:4f:45:6b:c3:06:75:3d:
79:8a:aa:aa:57:b5:71:55:43:a6:d4:5c:4b:13:db:93:39:bb:
54:c8:f3:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBa69BqfMjmkTBV68HcXY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOGIyYzZhMWE2MWExN2JhYjdjMDMyMDgwYWEzYmYyNDQ3
OGI2ZGQwHhcNMjUwNDI5MTIwMDQwWhcNMjUwNDMwMTIwMDQwWjAzMTEwLwYDVQQD
EyhmOGYzMDI3MTY3NTM3MTA0YmNkODkxYzVjY2JiMTliZjQ5ZjUyNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjokNGp+wDd3VEJUOsfrLqgMWWV7
Hv4nVBucJNDAktAStvJTjcrfIbaHfe92tSyRjwgqBQWv44UHfuqCdGlaSHN2Cvd/
dpAdiBf2on9snCplwKWAsUTkb+qnCJAlLdijuDOSjDPTrFDIl4n2f+BSV/9IHL4V
kmn4ACLRuxb0gFVEFtuiDlQh8l8c3D38pxWsWMJUz1HJ2fd9FybAefgAISWDzcbV
FjP7EN9e+g4raW1UHGQo7DK5Y6+O8QkigMQvrLCUdsp4qdSEtlef+M0qLGVk4WUb
bFd0yAs0BBtaZe65yowARlcI8Ab4ggJptJtp67axaOxCPlBs/VM35riZGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjzAnFnU3EEvNiRxcy7Gb9J9SXxMB8GA1UdIwQY
MBaAFCGLLGoaYaF7q3wDIICqO/JEeLbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlzc2FocGhvWHVyZkFNZ2dLbzc4a1I0dHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84NDkxNDAtYzg1My00OGNkLTlhODQt
Yjk5MzE2OGJjNTkzLzEvSVlzc2FocGhvWHVyZkFNZ2dLbzc4a1I0dHQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS84NDkxNDAtYzg1My00OGNkLTlhODQtYjk5MzE2OGJjNTkz
LzEvSVlzc2FocGhvWHVyZkFNZ2dLbzc4a1I0dHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdgfHwABD
tQRka9WBgw9LWKHgb5puF2SJrRt6JeTB2XPbSGoGV9P6TN6FPXgQfbyGIONgNKGY
M99BTpjftGcXmin0aKz+1DTFo7XdoAFmC9s1UohdaatoXryiQUIIij0lrmXyLi4s
E5NrT3igHUaZ75W7JM8sx+Eh6BsUHzKDIAvdttdGI+kvOAyaQ/BQKFMHtXpKDj6x
qIS9e/5LrWAAdk8owDqryrZIXNmO8SiM74/jhgrlV39F2s0bUMmoG++r176X/xOo
C00++oXhmHQs30OAdsTzjlbXObaNu4Zpdwdke6tPRWvDBnU9eYqqqle1cVVDptRc
SxPbkzm7VMjzig==
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:57:54 2025 by rpki-client