Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
File: 2VSrlORZUZTSw5sdP-aokfHrkrw.mft (raw, json)
Hash identifier: fpx7itQ6m03mi7/dhIfwJojY0WNA8ULzQpMdCx1Fcs4=
Subject key identifier: 55:42:5D:06:85:33:58:43:58:72:69:4D:E2:68:ED:6B:A7:20:12:70
Authority key identifier: D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
Certificate issuer: /CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Certificate serial: 019685EDE347E8CCC75F2424FF4BAA3CB74F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
Manifest number: 0676
Signing time: Wed 30 Apr 2025 09:01:22 +0000
Manifest this update: Wed 30 Apr 2025 09:01:22 +0000
Manifest next update: Thu 01 May 2025 09:01:22 +0000
Files and hashes: 1: 2VSrlORZUZTSw5sdP-aokfHrkrw.crl (hash: X7GFHh8J/Jf6QdgXu+juxcOQfzm+9uIRmjQ011fo0CM=)
2: ExuO0wU2-ClJDZRwWSRuAs7W0gk.roa (hash: 2j3+sZIfGB/S0w3o+OLoSghT+pM132gfjkW2EjpJ9JQ=)
3: aedVSgDzPN8NSNc0AWT5LWxB0ME.roa (hash: dpDe6aIbJvexkIC5o0dZBz+eF8xcPh7l66sRiS3ImZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:ed:e3:47:e8:cc:c7:5f:24:24:ff:4b:aa:3c:b7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Validity
Not Before: Apr 30 09:01:22 2025 GMT
Not After : May 1 09:01:22 2025 GMT
Subject: CN=55425d06853358435872694de268ed6ba7201270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:4e:c1:c3:b9:42:c2:0f:43:0e:f4:5e:ab:
c1:3d:8d:8d:74:2a:30:45:ce:b5:56:dc:56:c3:2b:
83:f8:31:85:53:69:a5:aa:3c:4d:cc:2e:98:80:e4:
4d:5e:0b:69:9f:a9:e4:25:4c:09:39:c8:cb:c1:ff:
d7:c5:7b:a5:ac:bf:40:14:af:65:d9:5a:59:49:83:
65:01:de:50:fc:a8:04:4c:ab:72:a4:af:d3:08:4a:
31:7f:dc:bb:ee:ea:03:fb:23:cf:3f:01:06:a1:5c:
b5:0d:c6:59:57:43:2c:98:78:17:d7:72:bc:49:c5:
20:aa:fb:73:87:d0:c2:3d:79:b3:82:99:e0:b0:83:
1f:5c:aa:23:01:bb:7c:24:95:b6:10:3d:5a:87:ea:
50:a2:bd:d7:fb:5c:47:2d:34:2e:5f:8f:a5:14:e3:
65:e3:82:1c:b9:ca:98:f2:ec:d5:78:52:be:c2:51:
a3:67:fe:40:86:66:c5:ba:26:32:0f:d3:cf:89:0b:
a2:ef:32:93:e1:30:ff:95:ec:f5:42:85:10:c4:9d:
37:4d:e8:6d:08:96:49:06:b3:5e:9e:28:30:ce:e7:
88:15:0d:46:49:b2:09:5a:9c:23:a2:9e:24:ed:03:
f7:92:4e:98:95:55:30:5d:a9:5b:9f:35:b8:f9:e9:
7e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:42:5D:06:85:33:58:43:58:72:69:4D:E2:68:ED:6B:A7:20:12:70
X509v3 Authority Key Identifier:
keyid:D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:7e:1b:15:72:d4:dc:84:65:cf:50:2d:e6:a3:74:4d:ca:48:
ab:12:4d:56:bb:9e:5c:d6:43:00:41:9d:db:b9:9b:28:a0:c8:
37:1f:83:b9:f9:28:32:d8:50:59:2c:ba:ed:9e:f1:c8:c4:18:
be:86:cf:be:d8:ee:de:82:57:f4:73:bb:0c:5b:cc:8a:79:5f:
f9:56:9e:28:5e:4a:87:27:d5:1c:16:94:b6:7d:ac:bd:92:91:
4a:a5:5c:32:3c:12:b1:f6:17:09:61:6d:50:73:a9:35:e0:e3:
fb:2c:55:63:14:ed:c2:87:5f:2d:06:6a:ab:f6:db:2f:3b:d2:
be:2f:09:65:85:3a:b0:05:db:65:28:b8:fa:29:4c:8c:19:89:
34:e1:4b:e7:87:7d:4c:74:cc:1a:9b:44:92:76:80:b7:5d:65:
77:30:e8:fa:33:af:c5:a2:34:7f:cd:4e:66:cf:14:9c:15:ef:
7a:69:5e:14:ce:22:25:e8:30:33:e8:7b:8d:c9:a1:64:09:d2:
46:c9:da:98:f4:dd:05:88:c7:21:a3:68:4f:65:53:5c:50:3d:
c3:42:7a:c8:13:72:6c:32:92:50:a5:5a:ef:d0:b3:37:d5:3d:
72:1c:20:3c:bf:28:5c:d0:c0:70:67:56:af:ce:81:52:92:79:
df:9f:08:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaF7eNH6MzHXyQk/0uqPLdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NTRhYjk0ZTQ1OTUxOTRkMmMzOWIxZDNmZTZhODkxZjFl
YjkyYmMwHhcNMjUwNDMwMDkwMTIyWhcNMjUwNTAxMDkwMTIyWjAzMTEwLwYDVQQD
Eyg1NTQyNWQwNjg1MzM1ODQzNTg3MjY5NGRlMjY4ZWQ2YmE3MjAxMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHxOwcO5QsIPQw70XqvBPY2NdCow
Rc61VtxWwyuD+DGFU2mlqjxNzC6YgORNXgtpn6nkJUwJOcjLwf/XxXulrL9AFK9l
2VpZSYNlAd5Q/KgETKtypK/TCEoxf9y77uoD+yPPPwEGoVy1DcZZV0MsmHgX13K8
ScUgqvtzh9DCPXmzgpngsIMfXKojAbt8JJW2ED1ah+pQor3X+1xHLTQuX4+lFONl
44IcucqY8uzVeFK+wlGjZ/5AhmbFuiYyD9PPiQui7zKT4TD/lez1QoUQxJ03Teht
CJZJBrNenigwzueIFQ1GSbIJWpwjop4k7QP3kk6YlVUwXalbnzW4+el+UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVCXQaFM1hDWHJpTeJo7WunIBJwMB8GA1UdIwQY
MBaAFNlUq5TkWVGU0sObHT/mqJHx65K8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjkt
MzM1MWM1NzdiNDMyLzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjktMzM1MWM1NzdiNDMy
LzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAH4bFXLU
3IRlz1At5qN0TcpIqxJNVrueXNZDAEGd27mbKKDINx+DufkoMthQWSy67Z7xyMQY
vobPvtju3oJX9HO7DFvMinlf+VaeKF5KhyfVHBaUtn2svZKRSqVcMjwSsfYXCWFt
UHOpNeDj+yxVYxTtwodfLQZqq/bbLzvSvi8JZYU6sAXbZSi4+ilMjBmJNOFL54d9
THTMGptEknaAt11ldzDo+jOvxaI0f81OZs8UnBXvemleFM4iJegwM+h7jcmhZAnS
RsnamPTdBYjHIaNoT2VTXFA9w0J6yBNybDKSUKVa79CzN9U9chwgPL8oXNDAcGdW
r86BUpJ5358IAg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:37:15 2025 by rpki-client