Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
File: zCdbIX3x3piMohkqg64R3fQjpE8.mft (raw, json)
Hash identifier: F56GO2rGvFc3oIttPVvzqRNWmagarLuFt9d442frlL0=
Subject key identifier: 3F:A1:D4:74:0E:54:DD:E1:6F:11:44:C1:E9:69:17:16:9D:2C:35:D5
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 0196759EA5DE89A60EC68D85E4898E90126A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
Manifest number: 09C6
Signing time: Sun 27 Apr 2025 05:00:53 +0000
Manifest this update: Sun 27 Apr 2025 05:00:53 +0000
Manifest next update: Mon 28 Apr 2025 05:00:53 +0000
Files and hashes: 1: Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa (hash: Ka3gajN2kG5bn7od03MC2i4kFc5aTTook8osIu09I1U=)
2: zCdbIX3x3piMohkqg64R3fQjpE8.crl (hash: gO8MYeLbGUYvhdfNkF3nWfFI0OfhrD85Y4fGGl4lbEw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:9e:a5:de:89:a6:0e:c6:8d:85:e4:89:8e:90:12:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Apr 27 05:00:53 2025 GMT
Not After : Apr 28 05:00:53 2025 GMT
Subject: CN=3fa1d4740e54dde16f1144c1e96917169d2c35d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6b:60:94:6e:79:7a:5c:67:0b:79:48:8c:19:
20:eb:e0:54:60:5c:60:68:31:8d:1a:3d:37:4c:b0:
7c:d2:ab:80:1a:f2:f0:d5:74:d0:cf:ed:98:44:35:
e6:fb:11:f9:06:7c:bc:f2:db:f3:aa:8d:9b:66:43:
8c:c0:dd:31:0b:1a:c0:92:78:e2:b9:77:78:d5:84:
02:5f:22:17:32:41:3c:6e:c9:55:45:15:6f:91:b8:
42:73:27:c3:54:cb:7a:ad:7d:a2:13:b2:bf:61:8d:
87:74:61:93:90:34:b9:94:9c:8b:bf:73:34:b5:61:
da:0e:4e:76:ec:38:80:b6:2a:2f:64:12:a2:cb:ad:
d9:4e:3a:ec:3d:05:f0:63:e7:fb:c5:8a:8b:6e:24:
47:a3:12:14:bc:8f:13:c1:d3:18:8e:90:2f:e5:35:
71:2a:2e:fb:f9:b8:31:58:cd:8a:5c:a9:43:6f:2f:
13:ba:7f:5f:fa:68:02:5a:08:b1:13:ef:ca:e9:b1:
17:6e:05:02:fe:0b:19:45:a3:7c:ec:e1:20:e6:a5:
c0:92:6e:2d:9a:72:02:72:35:b0:f6:30:57:82:55:
f6:ea:2e:1b:d3:3f:87:a7:8f:14:33:42:2f:b3:a7:
b3:56:06:5a:4f:db:68:30:80:3e:6c:b3:af:2f:cf:
4d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A1:D4:74:0E:54:DD:E1:6F:11:44:C1:E9:69:17:16:9D:2C:35:D5
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:f6:95:a2:72:12:25:f1:fb:b5:37:12:54:e1:7e:39:81:8d:
63:46:fe:75:d7:0f:a8:a8:ac:c2:a4:d6:7b:6c:09:8b:cb:7a:
04:82:da:91:da:1d:c6:57:b0:73:bb:ad:0c:63:67:72:c4:11:
19:47:09:a9:c7:b6:c3:a9:b6:c2:21:78:75:fc:12:45:5f:78:
9f:10:3a:39:c9:6c:f3:c9:52:98:c8:43:a9:58:25:c2:e0:53:
85:2a:da:ec:31:59:4d:79:d2:51:9b:d7:83:f5:b1:bf:4f:93:
c9:f4:31:15:5c:ac:4f:95:bd:10:6f:08:ea:66:6d:9a:f4:cb:
32:32:53:a3:32:f6:25:1b:fd:d4:a7:3d:cf:c7:02:5c:a2:47:
bd:73:9e:46:51:7c:91:2f:96:cb:64:97:1f:1f:87:fd:84:93:
ac:bd:b0:3d:45:59:fa:04:c9:11:54:ed:29:fe:cf:c1:25:63:
5a:f2:d2:03:b2:30:7e:33:e8:7e:27:14:62:75:bc:8d:25:0b:
0d:ef:04:4f:68:5c:55:74:12:a9:1d:db:b7:14:43:aa:fa:f2:
26:c1:f7:62:cd:7a:cd:b6:1f:2f:25:cb:83:37:3f:3c:da:a5:
7c:35:cb:d2:cf:0d:be:79:84:1f:42:48:5d:32:60:66:41:d9:
eb:33:21:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1nqXeiaYOxo2F5ImOkBJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjUwNDI3MDUwMDUzWhcNMjUwNDI4MDUwMDUzWjAzMTEwLwYDVQQD
EygzZmExZDQ3NDBlNTRkZGUxNmYxMTQ0YzFlOTY5MTcxNjlkMmMzNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mtglG55elxnC3lIjBkg6+BUYFxg
aDGNGj03TLB80quAGvLw1XTQz+2YRDXm+xH5Bny88tvzqo2bZkOMwN0xCxrAknji
uXd41YQCXyIXMkE8bslVRRVvkbhCcyfDVMt6rX2iE7K/YY2HdGGTkDS5lJyLv3M0
tWHaDk527DiAtiovZBKiy63ZTjrsPQXwY+f7xYqLbiRHoxIUvI8TwdMYjpAv5TVx
Ki77+bgxWM2KXKlDby8Tun9f+mgCWgixE+/K6bEXbgUC/gsZRaN87OEg5qXAkm4t
mnICcjWw9jBXglX26i4b0z+Hp48UM0Ivs6ezVgZaT9toMIA+bLOvL89NZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+h1HQOVN3hbxFEwelpFxadLDXVMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACfaVonIS
JfH7tTcSVOF+OYGNY0b+ddcPqKiswqTWe2wJi8t6BILakdodxlewc7utDGNncsQR
GUcJqce2w6m2wiF4dfwSRV94nxA6Ocls88lSmMhDqVglwuBThSra7DFZTXnSUZvX
g/Wxv0+TyfQxFVysT5W9EG8I6mZtmvTLMjJTozL2JRv91Kc9z8cCXKJHvXOeRlF8
kS+Wy2SXHx+H/YSTrL2wPUVZ+gTJEVTtKf7PwSVjWvLSA7IwfjPoficUYnW8jSUL
De8ET2hcVXQSqR3btxRDqvryJsH3Ys16zbYfLyXLgzc/PNqlfDXL0s8NvnmEH0JI
XTJgZkHZ6zMhjQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:33:08 2025 by rpki-client