Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/376d45-c00a-4ee9-986b-06dc38b57535/1/NkYhMZiJnt-otCrdRzraIYdI4QQ.mft
File: NkYhMZiJnt-otCrdRzraIYdI4QQ.mft (raw, json)
Hash identifier: O5TSie1qb8ush+EngmKkTXSZWYCVztjrGR+8cBa0P0o=
Subject key identifier: 64:D5:33:ED:22:5C:86:D9:73:6B:74:61:FE:99:C4:A8:B8:D9:DB:53
Authority key identifier: 36:46:21:31:98:89:9E:DF:A8:B4:2A:DD:47:3A:DA:21:87:48:E1:04
Certificate issuer: /CN=3646213198899edfa8b42add473ada218748e104
Certificate serial: 0196771EC8D6DDE0D901C1DF627E4EE9CB57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkYhMZiJnt-otCrdRzraIYdI4QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/376d45-c00a-4ee9-986b-06dc38b57535/1/NkYhMZiJnt-otCrdRzraIYdI4QQ.mft
Manifest number: 0A84
Signing time: Sun 27 Apr 2025 12:00:28 +0000
Manifest this update: Sun 27 Apr 2025 12:00:28 +0000
Manifest next update: Mon 28 Apr 2025 12:00:28 +0000
Files and hashes: 1: G2aa7vj-d_CA2HuKW-IASCzWaSQ.roa (hash: pv32os3ZPwMAxeQUj3RBQ+FwWykK77hFOgeqqDGQkeE=)
2: NkYhMZiJnt-otCrdRzraIYdI4QQ.crl (hash: KPrlBrJdVzq3A1Jl9qRoGT8QqBo1YgEYZUfoI+9xBSM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/376d45-c00a-4ee9-986b-06dc38b57535/1/NkYhMZiJnt-otCrdRzraIYdI4QQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/376d45-c00a-4ee9-986b-06dc38b57535/1/NkYhMZiJnt-otCrdRzraIYdI4QQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkYhMZiJnt-otCrdRzraIYdI4QQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:77:1e:c8:d6:dd:e0:d9:01:c1:df:62:7e:4e:e9:cb:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3646213198899edfa8b42add473ada218748e104
Validity
Not Before: Apr 27 12:00:28 2025 GMT
Not After : Apr 28 12:00:28 2025 GMT
Subject: CN=64d533ed225c86d9736b7461fe99c4a8b8d9db53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:db:73:25:74:e5:26:ea:8a:fc:2c:7c:e4:14:
51:7f:1f:64:9e:5d:d1:9a:9c:52:0b:f1:7e:af:e9:
4b:bf:37:fa:69:46:eb:d1:81:14:bd:59:e0:75:2f:
30:dc:05:d9:bc:8a:66:c9:76:06:81:18:aa:d0:0d:
5c:e4:dc:2b:03:c1:f2:3f:3f:7c:a7:0b:7a:4b:91:
6c:bf:94:5d:95:f5:f6:42:76:89:4b:17:3f:27:f4:
25:56:ce:ce:0b:c4:ae:59:16:44:67:93:45:23:99:
5e:58:ba:79:50:37:de:1f:6d:24:a3:ba:ea:d2:67:
0a:b2:ac:78:e3:9d:1b:fb:e4:d7:e1:2f:8a:77:18:
7c:3c:22:40:eb:48:74:04:67:77:f3:a2:2b:ea:3d:
95:b6:c6:3d:e7:40:5f:8d:5b:e8:d9:6b:7b:b7:8c:
d1:f4:f7:c6:07:c0:2d:c5:83:26:31:a8:06:50:35:
92:ba:59:d2:6c:d6:4f:20:84:dd:7c:10:b0:2c:e8:
9e:b0:64:a1:d7:c8:3a:40:32:c6:ab:e7:5c:e0:ce:
d1:76:8c:b5:af:72:e4:a1:d1:65:d9:2e:43:36:c4:
8f:b3:a1:46:9d:2c:dc:40:4f:44:0e:82:60:ce:a2:
98:75:3e:3e:6a:24:79:3d:de:01:ea:ca:2a:98:fa:
ca:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D5:33:ED:22:5C:86:D9:73:6B:74:61:FE:99:C4:A8:B8:D9:DB:53
X509v3 Authority Key Identifier:
keyid:36:46:21:31:98:89:9E:DF:A8:B4:2A:DD:47:3A:DA:21:87:48:E1:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkYhMZiJnt-otCrdRzraIYdI4QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/376d45-c00a-4ee9-986b-06dc38b57535/1/NkYhMZiJnt-otCrdRzraIYdI4QQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/376d45-c00a-4ee9-986b-06dc38b57535/1/NkYhMZiJnt-otCrdRzraIYdI4QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:2f:42:d0:1f:fd:63:1b:d7:7c:74:4c:5c:d8:e4:57:77:fd:
9c:7c:9a:88:20:ed:cb:8a:ed:4f:4e:f7:71:71:47:dc:5e:77:
1c:70:dc:4c:af:be:20:82:25:2a:cf:d2:b0:47:af:1d:08:d3:
44:ee:b4:f5:a4:94:63:75:54:59:40:a0:24:91:9c:b1:f2:57:
59:fc:d9:c2:b6:00:47:22:6e:e0:6b:bb:04:43:8a:0c:e3:7e:
0d:5d:d0:74:72:c2:06:50:39:b6:5e:8f:89:20:5d:2b:95:4c:
c2:5d:75:07:06:5b:bd:21:15:82:db:15:3d:f1:30:4e:c3:3f:
3c:9d:0d:0c:a7:21:88:54:46:56:1c:8f:64:27:f9:ea:45:47:
c0:6a:43:b3:33:07:ca:df:cc:df:60:07:1b:8b:f3:5c:b8:fc:
25:56:58:9d:dc:cd:ab:6e:b4:23:b7:b1:57:36:20:1d:3a:3f:
0b:ff:e0:9e:22:17:05:ea:cb:fd:d5:62:32:ee:18:21:86:97:
c6:f3:f3:03:79:69:5b:56:a6:21:dc:a8:bf:1a:04:9b:5f:f1:
8f:ad:cf:c9:4e:e7:40:b5:fc:07:e1:d6:6a:b7:96:b1:57:4b:
e5:bb:60:95:af:21:09:b8:17:3e:f3:b3:dd:97:9f:ac:34:30:
c5:50:0b:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3HsjW3eDZAcHfYn5O6ctXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDYyMTMxOTg4OTllZGZhOGI0MmFkZDQ3M2FkYTIxODc0
OGUxMDQwHhcNMjUwNDI3MTIwMDI4WhcNMjUwNDI4MTIwMDI4WjAzMTEwLwYDVQQD
Eyg2NGQ1MzNlZDIyNWM4NmQ5NzM2Yjc0NjFmZTk5YzRhOGI4ZDlkYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidtzJXTlJuqK/Cx85BRRfx9knl3R
mpxSC/F+r+lLvzf6aUbr0YEUvVngdS8w3AXZvIpmyXYGgRiq0A1c5NwrA8HyPz98
pwt6S5Fsv5RdlfX2QnaJSxc/J/QlVs7OC8SuWRZEZ5NFI5leWLp5UDfeH20ko7rq
0mcKsqx4450b++TX4S+Kdxh8PCJA60h0BGd386Ir6j2VtsY950BfjVvo2Wt7t4zR
9PfGB8AtxYMmMagGUDWSulnSbNZPIITdfBCwLOiesGSh18g6QDLGq+dc4M7Rdoy1
r3LkodFl2S5DNsSPs6FGnSzcQE9EDoJgzqKYdT4+aiR5Pd4B6soqmPrKEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTVM+0iXIbZc2t0Yf6ZxKi42dtTMB8GA1UdIwQY
MBaAFDZGITGYiZ7fqLQq3Uc62iGHSOEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtZaE1aaUpudC1vdENyZFJ6cmFJWWRJNFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zNzZkNDUtYzAwYS00ZWU5LTk4NmIt
MDZkYzM4YjU3NTM1LzEvTmtZaE1aaUpudC1vdENyZFJ6cmFJWWRJNFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zNzZkNDUtYzAwYS00ZWU5LTk4NmItMDZkYzM4YjU3NTM1
LzEvTmtZaE1aaUpudC1vdENyZFJ6cmFJWWRJNFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiy9C0B/9
YxvXfHRMXNjkV3f9nHyaiCDty4rtT073cXFH3F53HHDcTK++IIIlKs/SsEevHQjT
RO609aSUY3VUWUCgJJGcsfJXWfzZwrYARyJu4Gu7BEOKDON+DV3QdHLCBlA5tl6P
iSBdK5VMwl11BwZbvSEVgtsVPfEwTsM/PJ0NDKchiFRGVhyPZCf56kVHwGpDszMH
yt/M32AHG4vzXLj8JVZYndzNq260I7exVzYgHTo/C//gniIXBerL/dViMu4YIYaX
xvPzA3lpW1amIdyovxoEm1/xj63PyU7nQLX8B+HWareWsVdL5btgla8hCbgXPvOz
3ZefrDQwxVALKg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:15:01 2025 by rpki-client