Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
File: sz3NILWulcFy0y7XKevzBhl7I-c.mft (raw, json)
Hash identifier: fewvT0e04pLMxmZE10ZiCbskaKCpoLxg+3oulBOYMV8=
Subject key identifier: BE:A2:9E:75:0B:55:AE:7C:E1:D2:5D:0D:A7:30:49:28:2C:50:1F:69
Authority key identifier: B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
Certificate issuer: /CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Certificate serial: 01968435C22BCA59A90211FACD2B34C85DA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
Manifest number: 1517
Signing time: Wed 30 Apr 2025 01:00:37 +0000
Manifest this update: Wed 30 Apr 2025 01:00:37 +0000
Manifest next update: Thu 01 May 2025 01:00:37 +0000
Files and hashes: 1: CIm7PdRT4tGc0ohUd0vMkXyk2Z4.roa (hash: bKi9ERQ3HDvQWS3A9n+SnlJFymCAx7E6eQcIAFgcP7o=)
2: sz3NILWulcFy0y7XKevzBhl7I-c.crl (hash: tU8DfLS3ltWsj+uaJbkRDFzlIM5MLqFjmC9OKNin8dE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:84:35:c2:2b:ca:59:a9:02:11:fa:cd:2b:34:c8:5d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Validity
Not Before: Apr 30 01:00:37 2025 GMT
Not After : May 1 01:00:37 2025 GMT
Subject: CN=bea29e750b55ae7ce1d25d0da73049282c501f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:dd:24:64:b6:ef:55:18:a1:96:4f:4d:93:b9:
51:6a:c4:a4:18:4b:e9:42:37:c6:59:63:31:26:27:
1a:64:87:8a:d6:00:f6:0c:eb:85:ca:4d:ec:63:ee:
63:3c:5b:3c:9a:17:8d:52:fa:61:d8:50:e2:60:90:
d3:27:dc:cd:f5:16:13:f1:d4:f9:7b:97:84:7a:4b:
ab:50:66:44:e0:8f:0f:8a:be:18:53:f7:52:22:87:
c4:fe:5a:d4:7c:c0:2e:b6:a7:36:cc:0e:f4:5b:74:
d4:eb:fd:81:82:33:cc:6a:ef:1b:33:e2:fb:b2:86:
e2:6e:1f:9a:29:f9:00:9c:74:fd:b5:c1:f6:7a:88:
db:90:38:96:59:03:d9:cb:68:27:34:b2:64:61:38:
25:04:54:6d:27:fd:70:35:98:e1:3a:b1:c2:14:77:
a9:79:0b:b0:20:a0:b2:1c:04:0c:b5:b3:b4:e2:39:
76:ec:19:a0:09:0a:2b:a0:d7:dd:39:56:57:c7:31:
c6:67:a6:9d:b4:85:2a:46:2a:55:3c:da:b0:17:23:
4c:f5:dc:7b:24:d3:e1:8b:e4:ea:98:ba:e1:92:67:
1b:c3:40:d5:ce:7d:a6:73:a6:35:bb:76:18:b1:23:
5c:ba:b9:ab:de:fb:b0:8e:87:70:8a:00:12:76:a1:
cf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A2:9E:75:0B:55:AE:7C:E1:D2:5D:0D:A7:30:49:28:2C:50:1F:69
X509v3 Authority Key Identifier:
keyid:B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:d8:9b:a6:25:de:91:76:b1:84:ac:91:9b:c2:de:32:f9:1c:
f3:64:68:8b:56:67:4c:b0:8b:42:f3:39:23:25:5e:4f:0f:65:
48:23:42:6a:20:b3:cc:2d:2d:5b:6f:d9:0e:7d:b8:05:33:8c:
df:5c:f7:38:c7:c9:94:51:4d:63:74:17:2b:fd:bc:03:e5:d2:
b8:65:17:68:56:e2:de:b7:4e:69:d2:70:64:b0:1e:56:7a:b1:
76:fb:11:93:6f:89:4c:a4:f8:4e:a4:c7:6d:a8:36:3e:1e:17:
a5:c0:7e:3b:7b:1a:76:4d:76:1e:88:d9:a9:25:cc:f7:82:9e:
88:f8:62:69:d7:95:0f:90:a5:18:0b:ff:a2:67:d3:43:ee:9d:
62:2e:6f:6d:b2:bb:9b:96:03:85:21:33:46:a8:68:af:db:95:
74:71:cf:16:0d:fb:20:cc:bc:ec:6e:37:13:99:f7:16:2b:1f:
1e:75:a0:54:63:a5:bd:61:b3:1c:f0:75:05:73:75:8c:3f:77:
24:a0:b3:e1:55:61:50:fb:c1:80:26:a8:8f:a9:fe:4a:ef:6f:
a3:3d:c5:08:ff:eb:be:29:35:65:97:68:30:bf:c4:7c:82:bf:
b9:22:b8:dc:49:9d:7f:03:54:df:3f:63:e7:99:fa:34:66:4c:
fd:f4:8f:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaENcIrylmpAhH6zSs0yF2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzM2RjZDIwYjVhZTk1YzE3MmQzMmVkNzI5ZWJmMzA2MTk3
YjIzZTcwHhcNMjUwNDMwMDEwMDM3WhcNMjUwNTAxMDEwMDM3WjAzMTEwLwYDVQQD
EyhiZWEyOWU3NTBiNTVhZTdjZTFkMjVkMGRhNzMwNDkyODJjNTAxZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN0kZLbvVRihlk9Nk7lRasSkGEvp
QjfGWWMxJicaZIeK1gD2DOuFyk3sY+5jPFs8mheNUvph2FDiYJDTJ9zN9RYT8dT5
e5eEekurUGZE4I8Pir4YU/dSIofE/lrUfMAutqc2zA70W3TU6/2BgjPMau8bM+L7
sobibh+aKfkAnHT9tcH2eojbkDiWWQPZy2gnNLJkYTglBFRtJ/1wNZjhOrHCFHep
eQuwIKCyHAQMtbO04jl27BmgCQoroNfdOVZXxzHGZ6adtIUqRipVPNqwFyNM9dx7
JNPhi+TqmLrhkmcbw0DVzn2mc6Y1u3YYsSNcurmr3vuwjodwigASdqHPNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6innULVa584dJdDacwSSgsUB9pMB8GA1UdIwQY
MBaAFLM9zSC1rpXBctMu1ynr8wYZeyPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgt
NTU1YTE5ODMzZDhlLzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgtNTU1YTE5ODMzZDhl
LzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANtibpiXe
kXaxhKyRm8LeMvkc82Roi1ZnTLCLQvM5IyVeTw9lSCNCaiCzzC0tW2/ZDn24BTOM
31z3OMfJlFFNY3QXK/28A+XSuGUXaFbi3rdOadJwZLAeVnqxdvsRk2+JTKT4TqTH
bag2Ph4XpcB+O3sadk12HojZqSXM94KeiPhiadeVD5ClGAv/omfTQ+6dYi5vbbK7
m5YDhSEzRqhor9uVdHHPFg37IMy87G43E5n3FisfHnWgVGOlvWGzHPB1BXN1jD93
JKCz4VVhUPvBgCaoj6n+Su9voz3FCP/rvik1ZZdoML/EfIK/uSK43EmdfwNU3z9j
55n6NGZM/fSPJA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:31:44 2025 by rpki-client