Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json)
Hash identifier: 5UqYyAYByBb9+TAdUHrwPc3z1at268sug3PvXjyxjv8=
Subject key identifier: 1B:E0:DE:11:B8:69:CD:39:11:63:D8:CF:DC:4C:58:22:60:F1:94:7C
Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Certificate serial: 01967868F1B5CDDCFFC5E3E465BB1D2EA560
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
Manifest number: 14A3
Signing time: Sun 27 Apr 2025 18:01:05 +0000
Manifest this update: Sun 27 Apr 2025 18:01:05 +0000
Manifest next update: Mon 28 Apr 2025 18:01:05 +0000
Files and hashes: 1: FXy87TSnS3zZKpD3cubdEzL9JTI.roa (hash: ev8YOzfcP94Okj6loLdeokLYKFfF9CSd4o8ZPprNj7U=)
2: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: g0chtkuL3FS9t4KfD/s5UErX90AotIX/RlstMgjePHc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:78:68:f1:b5:cd:dc:ff:c5:e3:e4:65:bb:1d:2e:a5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Validity
Not Before: Apr 27 18:01:05 2025 GMT
Not After : Apr 28 18:01:05 2025 GMT
Subject: CN=1be0de11b869cd391163d8cfdc4c582260f1947c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bd:08:2d:09:92:9f:c2:54:bd:ee:4f:44:83:
b6:04:db:1d:81:a7:b0:36:95:25:00:a4:a5:a0:1d:
30:a0:a1:ac:91:53:c8:7f:03:c8:bb:f8:46:7b:67:
e8:e0:2d:9b:16:f0:29:62:d9:df:5a:70:e4:9c:2e:
73:3a:2c:b4:2c:5b:34:a3:92:38:c1:44:c3:0c:7c:
69:01:dc:05:d2:6f:b2:b4:d0:50:d2:bc:4d:e1:c5:
b9:2b:17:ed:47:a9:54:ea:52:a3:f2:54:e2:8d:35:
43:3f:70:e2:95:34:0d:66:f5:e2:a4:59:20:ec:d7:
bb:b7:a5:8a:82:dc:f5:71:c6:d5:d5:c6:28:f5:15:
35:80:39:e8:c2:0d:43:d4:b0:76:c8:c6:47:8c:5f:
31:63:2a:09:f5:c3:5f:25:ba:d2:b4:fd:fd:a7:a6:
1e:a4:38:57:04:d3:73:9c:bd:5e:e8:40:f5:f5:77:
51:ff:e2:24:7a:25:74:43:32:a8:28:17:f4:e2:fc:
98:1e:34:22:02:ea:08:4d:d6:26:3b:73:71:55:a5:
59:8a:ff:7c:6f:cd:79:b3:15:cd:c4:ac:12:05:bc:
38:3a:b0:c0:b9:e7:e0:ec:6c:6c:63:32:5d:ff:b8:
5a:6b:0b:d1:32:26:9a:b3:32:db:26:8b:64:f7:79:
34:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E0:DE:11:B8:69:CD:39:11:63:D8:CF:DC:4C:58:22:60:F1:94:7C
X509v3 Authority Key Identifier:
keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:33:82:94:69:2a:ba:ec:f9:da:3a:15:ff:6c:4e:60:52:fe:
aa:de:1e:67:bc:f1:da:43:15:a6:9d:fc:38:d7:5d:85:e2:0f:
69:9d:bf:bb:4e:c2:8f:2e:41:52:7c:d0:45:1f:89:45:1b:ef:
94:f0:3b:74:e1:b1:a2:35:a3:c8:07:b8:50:0d:ad:95:dd:b4:
3a:60:4d:b3:88:93:54:91:d6:cd:0c:a1:d6:09:89:8e:ea:ef:
79:c1:fc:0a:80:a2:8b:75:35:2e:44:dc:82:35:24:13:f0:04:
ba:09:e0:a5:52:2a:62:d5:ff:d7:03:8a:41:a8:29:ce:85:33:
32:f3:f5:d7:a1:ca:96:1c:46:36:46:01:27:f8:20:dc:0b:e1:
14:1e:44:c0:64:01:85:ee:f4:72:45:24:44:b1:bd:94:00:46:
d9:57:a2:af:f5:89:57:eb:f0:02:53:3e:df:51:7e:12:70:93:
24:15:1c:20:70:fa:c5:c7:b6:34:c9:35:31:cf:76:ea:e9:8f:
d5:05:c1:3e:f4:16:e2:bd:b2:00:9a:bb:65:1f:c5:c7:22:60:
cc:ce:d1:72:5b:33:f0:a9:18:80:87:02:7e:a2:b3:7d:c2:f9:
e0:6c:78:ad:c7:d4:6f:9b:f2:3b:5a:cc:b8:6b:86:fe:a3:7e:
2a:b2:07:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4aPG1zdz/xePkZbsdLqVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh
ZTMzZTkwHhcNMjUwNDI3MTgwMTA1WhcNMjUwNDI4MTgwMTA1WjAzMTEwLwYDVQQD
EygxYmUwZGUxMWI4NjljZDM5MTE2M2Q4Y2ZkYzRjNTgyMjYwZjE5NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b0ILQmSn8JUve5PRIO2BNsdgaew
NpUlAKSloB0woKGskVPIfwPIu/hGe2fo4C2bFvApYtnfWnDknC5zOiy0LFs0o5I4
wUTDDHxpAdwF0m+ytNBQ0rxN4cW5KxftR6lU6lKj8lTijTVDP3DilTQNZvXipFkg
7Ne7t6WKgtz1ccbV1cYo9RU1gDnowg1D1LB2yMZHjF8xYyoJ9cNfJbrStP39p6Ye
pDhXBNNznL1e6ED19XdR/+IkeiV0QzKoKBf04vyYHjQiAuoITdYmO3NxVaVZiv98
b815sxXNxKwSBbw4OrDAuefg7GxsYzJd/7haawvRMiaaszLbJotk93k0hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvg3hG4ac05EWPYz9xMWCJg8ZR8MB8GA1UdIwQY
MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt
NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx
LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlDOClGkq
uuz52joV/2xOYFL+qt4eZ7zx2kMVpp38ONddheIPaZ2/u07Cjy5BUnzQRR+JRRvv
lPA7dOGxojWjyAe4UA2tld20OmBNs4iTVJHWzQyh1gmJjurvecH8CoCii3U1LkTc
gjUkE/AEugngpVIqYtX/1wOKQagpzoUzMvP116HKlhxGNkYBJ/gg3AvhFB5EwGQB
he70ckUkRLG9lABG2Veir/WJV+vwAlM+31F+EnCTJBUcIHD6xce2NMk1Mc926umP
1QXBPvQW4r2yAJq7ZR/FxyJgzM7Rclsz8KkYgIcCfqKzfcL54Gx4rcfUb5vyO1rM
uGuG/qN+KrIH5g==
-----END CERTIFICATE-----
Generated at Sun Apr 27 21:14:51 2025 by rpki-client