Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
File: 8u5baEnIyB9adjWVWIprpoIedns.mft (raw, json)
Hash identifier: tzIwal60aE43DAem71ovpuwhQ+tEp5CG0x+781bZ0AY=
Subject key identifier: 53:8C:54:2F:FB:7D:C7:A7:A2:56:19:B5:41:72:87:9D:23:C1:15:1C
Authority key identifier: F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B
Certificate issuer: /CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
Certificate serial: 01967A8DEFC295203A8D7B34709D15F2AD08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
Manifest number: 0516
Signing time: Mon 28 Apr 2025 04:00:44 +0000
Manifest this update: Mon 28 Apr 2025 04:00:44 +0000
Manifest next update: Tue 29 Apr 2025 04:00:44 +0000
Files and hashes: 1: 8u5baEnIyB9adjWVWIprpoIedns.crl (hash: IHRdXwpI2PE096Qv9RPHE+d332/cFTsI6iNNHB1LlMY=)
2: Di0vSgAmdtxn2ZM7Al8L8Zr3oIU.roa (hash: 0Bf0l0DWLnoKx593QVoGlu2x+BD1lYWYH448tSVbn0U=)
3: Tb-8GP8qcCsPrA2Xrleo-iet2HM.roa (hash: yyhoDt89y5+7nL9lVvf4sdS/dAeJY+OT1BrhoMFwMME=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:8d:ef:c2:95:20:3a:8d:7b:34:70:9d:15:f2:ad:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
Validity
Not Before: Apr 28 04:00:44 2025 GMT
Not After : Apr 29 04:00:44 2025 GMT
Subject: CN=538c542ffb7dc7a7a25619b54172879d23c1151c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:40:dd:1b:27:77:02:b4:ed:65:71:38:0e:ff:
21:63:08:a0:bb:92:f2:d9:06:a8:1a:6f:bf:9d:c4:
c8:83:b0:b8:b4:ae:23:ce:96:97:5b:41:f0:36:bb:
72:05:1b:ce:18:e7:ce:16:c1:44:d9:10:d8:3a:3b:
7c:ca:a8:53:9f:cf:f6:b5:5e:ca:db:ed:b3:46:f6:
6d:3f:4c:7a:8e:71:aa:87:92:00:a0:1e:5b:71:39:
9e:26:52:ec:d3:b5:3e:06:04:c9:6d:6b:fc:b9:3a:
ed:7c:f7:49:0f:98:8f:d1:fd:b5:45:ca:d8:cb:1e:
5c:cc:ad:d9:ea:36:e9:c1:a7:97:a2:a5:cf:ef:5e:
9c:48:ed:d6:e9:b2:e2:cf:5a:40:33:eb:e3:e0:9d:
eb:e0:7a:06:2b:7c:ab:0a:58:a6:21:7e:0d:e5:97:
c9:2e:3d:78:31:13:0f:89:80:01:d0:99:53:85:2f:
6a:5b:ed:77:40:f7:6f:e9:49:7f:b4:bf:ce:a4:a0:
b9:eb:5c:54:ae:e3:7b:9a:39:89:2c:de:4f:be:bb:
2b:29:3e:a5:33:61:de:07:ac:58:7b:3d:15:0e:b8:
20:73:33:63:19:18:13:19:ec:9a:00:d7:d0:9b:f4:
ef:f9:6b:c4:50:90:7f:d2:9a:e5:b6:1c:b4:00:b7:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8C:54:2F:FB:7D:C7:A7:A2:56:19:B5:41:72:87:9D:23:C1:15:1C
X509v3 Authority Key Identifier:
keyid:F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:3c:39:3e:be:0a:48:08:42:c3:e7:dc:bb:df:f7:18:7a:7f:
ae:63:19:98:9a:81:42:41:f0:cb:e7:3f:5e:d7:33:04:fa:aa:
23:89:bc:c8:c9:3d:d4:19:cd:44:bc:2c:a7:86:e6:3a:82:db:
7d:a1:67:68:11:f9:09:62:d0:42:b1:5a:c5:84:bb:56:0a:dd:
dc:5e:35:65:12:fa:0f:ed:82:ea:40:f7:54:0a:80:d0:dd:b9:
98:42:48:45:04:8b:f6:b2:ad:93:b8:4a:b4:73:4b:05:bb:36:
1b:dd:88:a0:29:da:a7:5f:d8:4b:26:1a:f8:e3:79:4d:df:50:
76:ce:bd:1e:7f:0a:c0:b7:3d:cc:d6:b6:ee:eb:56:d1:36:37:
03:1f:98:3e:8e:c9:a3:d7:0a:eb:06:5d:3e:0e:16:10:a8:81:
de:44:5c:30:d5:42:53:84:fa:2f:f7:b9:8b:93:34:f3:24:23:
85:58:f8:ac:7c:cf:23:16:c5:0d:9c:f1:90:7c:8a:ec:83:08:
0d:90:96:b5:b5:a8:41:10:c5:ae:8b:3c:3f:10:db:a4:d8:de:
9c:c6:44:e4:f2:b0:14:c7:10:c0:47:da:99:27:d3:fd:69:22:
27:37:a7:f1:ed:a9:56:6f:6f:17:62:9c:0a:6d:49:74:7b:1b:
d3:e2:a4:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6je/ClSA6jXs0cJ0V8q0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZWU1YjY4NDljOGM4MWY1YTc2MzU5NTU4OGE2YmE2ODIx
ZTc2N2IwHhcNMjUwNDI4MDQwMDQ0WhcNMjUwNDI5MDQwMDQ0WjAzMTEwLwYDVQQD
Eyg1MzhjNTQyZmZiN2RjN2E3YTI1NjE5YjU0MTcyODc5ZDIzYzExNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UDdGyd3ArTtZXE4Dv8hYwigu5Ly
2QaoGm+/ncTIg7C4tK4jzpaXW0HwNrtyBRvOGOfOFsFE2RDYOjt8yqhTn8/2tV7K
2+2zRvZtP0x6jnGqh5IAoB5bcTmeJlLs07U+BgTJbWv8uTrtfPdJD5iP0f21RcrY
yx5czK3Z6jbpwaeXoqXP716cSO3W6bLiz1pAM+vj4J3r4HoGK3yrClimIX4N5ZfJ
Lj14MRMPiYAB0JlThS9qW+13QPdv6Ul/tL/OpKC561xUruN7mjmJLN5PvrsrKT6l
M2HeB6xYez0VDrggczNjGRgTGeyaANfQm/Tv+WvEUJB/0prlthy0ALc0XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOMVC/7fcenolYZtUFyh50jwRUcMB8GA1UdIwQY
MBaAFPLuW2hJyMgfWnY1lViKa6aCHnZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTIt
NjBhMDM5ZGQxYmNhLzEvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTItNjBhMDM5ZGQxYmNh
LzEvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVzw5Pr4K
SAhCw+fcu9/3GHp/rmMZmJqBQkHwy+c/XtczBPqqI4m8yMk91BnNRLwsp4bmOoLb
faFnaBH5CWLQQrFaxYS7Vgrd3F41ZRL6D+2C6kD3VAqA0N25mEJIRQSL9rKtk7hK
tHNLBbs2G92IoCnap1/YSyYa+ON5Td9Qds69Hn8KwLc9zNa27utW0TY3Ax+YPo7J
o9cK6wZdPg4WEKiB3kRcMNVCU4T6L/e5i5M08yQjhVj4rHzPIxbFDZzxkHyK7IMI
DZCWtbWoQRDFros8PxDbpNjenMZE5PKwFMcQwEfamSfT/WkiJzen8e2pVm9vF2Kc
Cm1JdHsb0+Kk7A==
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:36:37 2025 by rpki-client