Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
File: 3erZGbhaEwUdAgi34o3cyzmLFNY.mft (raw, json)
Hash identifier: Kj54Oiv9w5XVuwLKIx9x2zLKJDEnYp3ABNntn9SbV7M=
Subject key identifier: 8F:70:AF:FC:EA:32:87:96:FD:96:F3:51:B9:3D:D5:99:43:28:1C:0A
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 019675308B4A5FB2C944C8C6D0F2BE34413C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
Manifest number: 1513
Signing time: Sun 27 Apr 2025 03:00:37 +0000
Manifest this update: Sun 27 Apr 2025 03:00:37 +0000
Manifest next update: Mon 28 Apr 2025 03:00:37 +0000
Files and hashes: 1: 3erZGbhaEwUdAgi34o3cyzmLFNY.crl (hash: 9cfMVWBncIxkcOwDPkL/eQOMvCNUBnazk9rXuXMx4Nw=)
2: gyBGqWNKS8K0vTNBAA3GKNL77Vo.roa (hash: BXXbMCiaPDwWpKluJbMJNiQFpxOCWm/ZXx0AVN6V8Ew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:30:8b:4a:5f:b2:c9:44:c8:c6:d0:f2:be:34:41:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Apr 27 03:00:37 2025 GMT
Not After : Apr 28 03:00:37 2025 GMT
Subject: CN=8f70affcea328796fd96f351b93dd59943281c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:62:07:8a:89:57:8b:8b:8a:7a:8b:5e:62:da:
c7:1b:69:88:94:6f:1c:44:0b:86:40:94:c9:6e:13:
d5:6b:d6:2e:a7:98:a5:98:92:33:e2:14:bb:d4:70:
62:26:cb:3f:6a:35:f9:f9:73:b7:be:df:fa:7c:b0:
16:22:ee:15:d5:71:31:4d:65:12:9c:62:7e:22:3b:
74:d9:04:cc:5b:69:08:7f:26:5f:e0:12:6c:a3:18:
a2:56:de:a3:be:af:56:d1:8d:f7:e4:07:94:c3:33:
b3:f0:4d:2b:aa:e8:77:f5:57:b8:8c:52:9d:bd:7e:
d5:31:a4:3d:c7:62:96:43:99:dd:af:66:f6:22:e5:
e0:f2:23:df:c3:9f:7d:6e:7a:6b:f3:f3:4b:2c:37:
9a:b4:0c:2a:86:f9:58:65:f9:c3:29:dd:5f:39:9d:
f0:65:1f:55:c3:24:1f:a3:f3:13:73:c8:59:1f:63:
88:5b:c8:21:18:66:9a:64:5c:d8:ca:64:40:ca:1d:
1d:f7:9a:e3:b8:12:31:cb:7b:7d:79:a3:55:06:f8:
c9:c0:f1:7a:9b:8e:a1:3a:ed:17:47:7b:f1:79:ee:
46:fe:81:89:1a:58:78:6a:2e:a3:51:cc:50:54:e6:
4b:5c:b2:b1:9d:ec:bb:c2:51:7a:65:fd:e9:27:77:
c6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:70:AF:FC:EA:32:87:96:FD:96:F3:51:B9:3D:D5:99:43:28:1C:0A
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:a1:af:13:da:63:44:71:c6:c6:89:cc:e7:18:e6:36:ef:e8:
46:4b:e4:d4:b8:4a:1c:07:38:d3:fc:25:9c:19:6d:ac:7b:c8:
03:f8:e9:69:65:d4:a3:59:cb:52:2b:59:a4:27:b0:c2:d7:40:
5d:a5:83:53:bb:3c:67:75:95:e5:07:48:6b:04:76:f9:e8:5f:
74:32:4b:bb:f3:97:d3:23:a5:f6:b7:7b:6e:ea:47:31:91:2a:
8c:cb:bf:85:d5:af:e1:59:4a:d0:6d:8f:04:9c:cb:7b:40:fa:
02:79:e0:81:ed:dc:84:fc:bf:99:0f:18:24:ef:ae:f5:56:7d:
11:3c:b4:17:a6:76:c8:3c:3b:ce:a6:df:7e:e8:cd:ce:dd:7a:
92:56:ea:fa:5e:23:61:be:96:5b:b4:bd:c5:af:ba:c9:c0:a0:
23:6c:3a:91:eb:0a:d2:55:f7:62:f7:e4:5c:e9:af:55:2b:8b:
83:30:6f:e0:f2:5b:ce:9e:eb:d7:38:72:ee:fe:fb:47:ad:45:
dc:db:a3:ee:6e:01:39:bb:64:58:4d:bb:47:7f:a0:dc:cb:37:
f0:04:4d:24:fb:bf:0e:55:1f:d1:c9:4d:bb:8e:0b:64:a3:c1:
d8:d2:1e:73:f3:0a:07:af:2e:37:6c:66:40:02:e7:a5:ea:fa:
36:25:f7:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1MItKX7LJRMjG0PK+NEE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjUwNDI3MDMwMDM3WhcNMjUwNDI4MDMwMDM3WjAzMTEwLwYDVQQD
Eyg4ZjcwYWZmY2VhMzI4Nzk2ZmQ5NmYzNTFiOTNkZDU5OTQzMjgxYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2IHiolXi4uKeoteYtrHG2mIlG8c
RAuGQJTJbhPVa9Yup5ilmJIz4hS71HBiJss/ajX5+XO3vt/6fLAWIu4V1XExTWUS
nGJ+Ijt02QTMW2kIfyZf4BJsoxiiVt6jvq9W0Y335AeUwzOz8E0rquh39Ve4jFKd
vX7VMaQ9x2KWQ5ndr2b2IuXg8iPfw599bnpr8/NLLDeatAwqhvlYZfnDKd1fOZ3w
ZR9VwyQfo/MTc8hZH2OIW8ghGGaaZFzYymRAyh0d95rjuBIxy3t9eaNVBvjJwPF6
m46hOu0XR3vxee5G/oGJGlh4ai6jUcxQVOZLXLKxney7wlF6Zf3pJ3fGvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9wr/zqMoeW/ZbzUbk91ZlDKBwKMB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACqGvE9pj
RHHGxonM5xjmNu/oRkvk1LhKHAc40/wlnBltrHvIA/jpaWXUo1nLUitZpCewwtdA
XaWDU7s8Z3WV5QdIawR2+ehfdDJLu/OX0yOl9rd7bupHMZEqjMu/hdWv4VlK0G2P
BJzLe0D6Anngge3chPy/mQ8YJO+u9VZ9ETy0F6Z2yDw7zqbffujNzt16klbq+l4j
Yb6WW7S9xa+6ycCgI2w6kesK0lX3YvfkXOmvVSuLgzBv4PJbzp7r1zhy7v77R61F
3Nuj7m4BObtkWE27R3+g3Ms38ARNJPu/DlUf0clNu44LZKPB2NIec/MKB68uN2xm
QALnper6NiX3Gw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:55:14 2025 by rpki-client