Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
File: aErIoCEnBoJ2XSPvAzjzXHht2zU.mft (raw, json)
Hash identifier: 22flCtLHppjw97Xm1/jBydNlrWofiHW4/DtZheK8+Ew=
Subject key identifier: D8:5D:C8:7B:5F:2B:70:41:39:EC:9E:25:6D:F5:C3:E3:65:1D:05:8F
Authority key identifier: 68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35
Certificate issuer: /CN=684ac8a021270682765d23ef0338f35c786ddb35
Certificate serial: 01967D581325081822087343D38CF73BC5EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
Manifest number: 11C1
Signing time: Mon 28 Apr 2025 17:00:46 +0000
Manifest this update: Mon 28 Apr 2025 17:00:46 +0000
Manifest next update: Tue 29 Apr 2025 17:00:46 +0000
Files and hashes: 1: aErIoCEnBoJ2XSPvAzjzXHht2zU.crl (hash: ccf9Sl670uF8s25U72VsNGZoktXlDQKIA/AUtg052hM=)
2: eEP1VypyuqVxmlLrgaA9LlVwYK4.roa (hash: 5dvQLaqP0vbYafUJXNT7sKTWbRstUgrMUzxGvHU5Rgc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:58:13:25:08:18:22:08:73:43:d3:8c:f7:3b:c5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=684ac8a021270682765d23ef0338f35c786ddb35
Validity
Not Before: Apr 28 17:00:46 2025 GMT
Not After : Apr 29 17:00:46 2025 GMT
Subject: CN=d85dc87b5f2b704139ec9e256df5c3e3651d058f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:07:db:08:a3:16:12:f8:e5:62:7c:53:5a:a4:
cc:d8:5a:ad:57:e8:55:e7:c2:8f:a1:6e:aa:ee:4c:
3b:2f:11:43:74:a2:38:74:7a:25:67:4c:d7:4f:f5:
e9:96:1d:76:3c:a7:58:a3:9b:33:a1:44:ec:97:5f:
15:12:df:19:dd:55:e6:9d:19:e4:41:27:00:73:5c:
c3:6e:22:96:b8:43:a5:0b:75:ad:87:77:cd:9e:52:
3b:2c:2d:ce:27:57:f6:9d:f1:ea:b0:98:64:32:24:
e5:99:18:7e:0c:69:79:cf:62:ed:30:04:50:a3:06:
e7:e8:04:92:3d:00:2f:1c:50:66:f0:48:8a:33:e1:
82:95:75:da:56:cb:0b:f3:49:44:70:c4:31:7e:bf:
da:0e:82:d3:75:d3:de:83:5c:13:07:a9:62:3f:00:
b0:db:d3:9b:6b:8c:10:82:89:36:d1:d0:ff:14:47:
60:4d:a4:d9:0b:32:ee:83:08:d5:8e:46:ae:c9:da:
bf:1b:42:a8:aa:4e:e1:ad:5f:92:00:13:08:b8:1c:
bf:9b:c7:37:06:06:50:e0:bc:5b:bd:1b:ef:19:50:
05:e7:03:d5:00:ed:26:53:4f:1f:e2:ce:f9:69:1b:
35:d6:b2:a9:65:7f:b9:9b:20:45:52:ec:19:7f:fd:
44:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5D:C8:7B:5F:2B:70:41:39:EC:9E:25:6D:F5:C3:E3:65:1D:05:8F
X509v3 Authority Key Identifier:
keyid:68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:12:3b:68:dc:f4:ad:51:2f:d7:ca:74:18:97:c8:e0:0a:32:
77:36:b2:f1:28:38:d8:54:4b:9b:8f:a2:e7:da:58:f8:a2:96:
2d:86:03:93:3c:2e:6c:38:95:e5:5d:4d:08:7e:b2:ec:bf:4a:
82:dc:64:4b:6b:e8:5e:ad:a1:85:7e:e2:c6:15:1b:28:f1:1d:
d1:9d:12:98:9e:ef:13:2e:f3:b5:9b:e5:c5:c2:5b:7c:85:b7:
c2:0f:a1:b4:ca:17:22:81:fe:50:a6:76:e9:1f:32:7f:be:24:
97:1d:69:4f:70:9e:b1:40:2f:3a:f8:1d:c4:1a:ba:ec:4c:11:
11:5c:1a:c4:3a:60:35:49:4a:b8:a1:f0:a5:36:2a:f4:2b:e3:
e7:93:ab:97:d9:c6:f2:85:24:b4:d7:bf:44:1c:9e:2e:b8:84:
b6:c0:71:a7:f4:ea:67:75:29:93:d8:6f:b3:d7:ae:19:03:74:
fa:e5:29:fb:4e:10:0b:36:7e:df:3b:96:2c:fa:67:e1:c1:10:
76:fa:66:0a:08:db:89:ee:21:2b:c5:b9:97:ae:b2:dc:4d:e9:
bc:c8:75:d8:91:c1:4a:20:a1:c9:ca:49:ae:52:05:d4:5c:e5:
b2:b8:86:ff:57:05:d8:c6:e6:43:0d:96:6b:63:41:04:6a:4f:
e1:4f:ee:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9WBMlCBgiCHND04z3O8XvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NGFjOGEwMjEyNzA2ODI3NjVkMjNlZjAzMzhmMzVjNzg2
ZGRiMzUwHhcNMjUwNDI4MTcwMDQ2WhcNMjUwNDI5MTcwMDQ2WjAzMTEwLwYDVQQD
EyhkODVkYzg3YjVmMmI3MDQxMzllYzllMjU2ZGY1YzNlMzY1MWQwNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgfbCKMWEvjlYnxTWqTM2FqtV+hV
58KPoW6q7kw7LxFDdKI4dHolZ0zXT/Xplh12PKdYo5szoUTsl18VEt8Z3VXmnRnk
QScAc1zDbiKWuEOlC3Wth3fNnlI7LC3OJ1f2nfHqsJhkMiTlmRh+DGl5z2LtMARQ
owbn6ASSPQAvHFBm8EiKM+GClXXaVssL80lEcMQxfr/aDoLTddPeg1wTB6liPwCw
29Oba4wQgok20dD/FEdgTaTZCzLugwjVjkauydq/G0Koqk7hrV+SABMIuBy/m8c3
BgZQ4LxbvRvvGVAF5wPVAO0mU08f4s75aRs11rKpZX+5myBFUuwZf/1EBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhdyHtfK3BBOeyeJW31w+NlHQWPMB8GA1UdIwQY
MBaAFGhKyKAhJwaCdl0j7wM481x4bds1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTct
MGMwMTFjOWM5MjdkLzEvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTctMGMwMTFjOWM5Mjdk
LzEvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhxI7aNz0
rVEv18p0GJfI4Aoydzay8Sg42FRLm4+i59pY+KKWLYYDkzwubDiV5V1NCH6y7L9K
gtxkS2voXq2hhX7ixhUbKPEd0Z0SmJ7vEy7ztZvlxcJbfIW3wg+htMoXIoH+UKZ2
6R8yf74klx1pT3CesUAvOvgdxBq67EwREVwaxDpgNUlKuKHwpTYq9Cvj55Orl9nG
8oUktNe/RByeLriEtsBxp/TqZ3Upk9hvs9euGQN0+uUp+04QCzZ+3zuWLPpn4cEQ
dvpmCgjbie4hK8W5l66y3E3pvMh12JHBSiChycpJrlIF1FzlsriG/1cF2MbmQw2W
a2NBBGpP4U/uSw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:15:26 2025 by rpki-client