Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
File: aNQlzHsbeICodfdr7agP4xCTGe0.mft (raw, json)
Hash identifier: 4mU+yYFx7CqwYwSHAVwJPcLvEemhvgQy8dsvrgYACHs=
Subject key identifier: BA:26:09:0F:14:91:AA:8E:7D:DE:EA:EC:50:A5:27:B8:2F:10:21:50
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 01967868C6C2490485EA0A47BD18B7C490DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
Manifest number: 1511
Signing time: Sun 27 Apr 2025 18:00:54 +0000
Manifest this update: Sun 27 Apr 2025 18:00:54 +0000
Manifest next update: Mon 28 Apr 2025 18:00:54 +0000
Files and hashes: 1: 1ikX92cBkm7W7rHfhLCtgqKM0d8.roa (hash: oY5BxXRyJZhAnRLwWm3V4CClsVP5JaJOwIydkhqNE80=)
2: 2KU1lG8tmW62eqBwxBBDds81m5A.roa (hash: DXWqInrCKLzcQadKZzuaDGdIbNbzO5YygQPkSyOtdqY=)
3: aNQlzHsbeICodfdr7agP4xCTGe0.crl (hash: CBDS6DDv6OWS6gyQXFSS2KzY1W1WIIcZyjc7DpnRe68=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:78:68:c6:c2:49:04:85:ea:0a:47:bd:18:b7:c4:90:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Apr 27 18:00:54 2025 GMT
Not After : Apr 28 18:00:54 2025 GMT
Subject: CN=ba26090f1491aa8e7ddeeaec50a527b82f102150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b8:6e:d4:29:1b:03:ff:24:52:3e:a0:bf:07:
e4:e9:cf:da:ec:4b:dc:4c:92:5c:32:4e:91:9e:89:
9b:7b:53:af:db:a1:33:57:2d:2a:5b:85:cc:7a:b3:
27:bc:5d:98:7a:ba:6f:34:5c:f2:42:98:e7:f4:22:
1f:66:4b:b3:a8:d8:f4:81:b5:d0:50:8a:d8:4a:4a:
15:e0:37:63:60:25:9e:9d:80:03:b7:57:13:7e:97:
dd:ed:e9:a4:5f:8c:4f:77:24:1c:0d:1f:b0:b4:fa:
f5:c7:05:b6:e0:c6:b8:94:9b:4f:e7:f3:a3:79:28:
95:b0:0d:2a:ab:9b:ab:c5:f2:d6:a4:8e:c1:c4:ff:
06:2b:fd:43:b2:97:b6:03:c4:f9:c2:c2:d3:b7:02:
04:d7:54:f1:dc:9b:f3:52:a8:0c:ea:68:73:5e:77:
cc:16:a6:04:a5:be:ca:35:51:fe:a3:72:94:22:a8:
d1:a7:c2:be:5a:3f:bd:08:32:a3:b0:54:93:64:d1:
34:82:08:e5:28:09:54:68:8d:6e:25:aa:95:55:3b:
0a:4a:45:ae:d1:f0:10:9c:62:02:d3:88:c4:c6:71:
42:1d:27:05:eb:6d:68:22:8e:93:c6:12:36:2b:c9:
d1:42:ed:5f:55:1d:f4:99:d1:05:8a:49:ce:0c:e3:
73:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:26:09:0F:14:91:AA:8E:7D:DE:EA:EC:50:A5:27:B8:2F:10:21:50
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:9b:44:77:40:e9:e0:06:79:e5:15:d4:de:b8:de:d7:d2:fe:
7c:17:d0:d3:54:99:ef:7a:a3:4c:e2:22:9c:a2:f6:57:34:85:
c6:c4:67:9b:76:0f:0c:1c:b6:d7:66:29:14:4d:09:d7:13:6f:
12:ec:f5:57:b4:3a:85:c7:93:00:29:a2:da:12:e4:20:f3:b8:
db:0f:d5:79:cd:96:25:10:d3:2b:43:d6:c2:41:85:32:19:f4:
78:69:39:e7:65:fe:36:10:13:9a:12:e8:19:1f:a5:bb:db:52:
d5:5a:fe:02:a8:59:86:7a:8a:d4:72:f9:cf:86:64:23:49:4b:
78:ae:a8:07:06:be:d5:1d:66:a6:1d:6a:15:82:8b:eb:8a:40:
a4:85:b4:f1:d7:4a:c1:c3:ee:8f:a3:ca:1f:15:33:72:e7:41:
55:1b:9e:95:90:40:6d:a3:bf:7d:aa:ca:1f:94:6e:f8:ef:a6:
82:89:69:d8:68:41:a4:09:d0:b1:60:bf:72:51:0b:40:2f:6b:
38:a3:1c:fc:99:31:60:3c:f0:11:60:96:a2:66:ad:74:3f:55:
16:6f:c3:05:63:cc:48:c9:f9:9f:d2:6a:9c:d6:31:b8:0e:e2:
05:a8:60:78:ff:a9:15:36:6b:f9:9c:3c:2f:19:1c:93:e3:f7:
1a:24:f6:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4aMbCSQSF6gpHvRi3xJDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjUwNDI3MTgwMDU0WhcNMjUwNDI4MTgwMDU0WjAzMTEwLwYDVQQD
EyhiYTI2MDkwZjE0OTFhYThlN2RkZWVhZWM1MGE1MjdiODJmMTAyMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLhu1CkbA/8kUj6gvwfk6c/a7Evc
TJJcMk6Rnombe1Ov26EzVy0qW4XMerMnvF2YerpvNFzyQpjn9CIfZkuzqNj0gbXQ
UIrYSkoV4DdjYCWenYADt1cTfpfd7emkX4xPdyQcDR+wtPr1xwW24Ma4lJtP5/Oj
eSiVsA0qq5urxfLWpI7BxP8GK/1Dspe2A8T5wsLTtwIE11Tx3JvzUqgM6mhzXnfM
FqYEpb7KNVH+o3KUIqjRp8K+Wj+9CDKjsFSTZNE0ggjlKAlUaI1uJaqVVTsKSkWu
0fAQnGIC04jExnFCHScF621oIo6TxhI2K8nRQu1fVR30mdEFiknODONzzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLomCQ8UkaqOfd7q7FClJ7gvECFQMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZtEd0Dp
4AZ55RXU3rje19L+fBfQ01SZ73qjTOIinKL2VzSFxsRnm3YPDBy212YpFE0J1xNv
Euz1V7Q6hceTACmi2hLkIPO42w/Vec2WJRDTK0PWwkGFMhn0eGk552X+NhATmhLo
GR+lu9tS1Vr+AqhZhnqK1HL5z4ZkI0lLeK6oBwa+1R1mph1qFYKL64pApIW08ddK
wcPuj6PKHxUzcudBVRuelZBAbaO/farKH5Ru+O+mgolp2GhBpAnQsWC/clELQC9r
OKMc/JkxYDzwEWCWomatdD9VFm/DBWPMSMn5n9JqnNYxuA7iBahgeP+pFTZr+Zw8
Lxkck+P3GiT2RQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:41:52 2025 by rpki-client