Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
File: kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json)
Hash identifier: Zriw+/uk+bmCmsKS/vIsXReUwPTqFOFhrpOgjYXxqI0=
Subject key identifier: C6:72:87:C0:81:4A:2B:9D:72:BF:CD:00:4B:CB:8E:FD:10:8F:70:4B
Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
Certificate issuer: /CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Certificate serial: 019679B1FB15C8FFC54DA6BF3F6EC569D491
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
Manifest number: 040C
Signing time: Mon 28 Apr 2025 00:00:29 +0000
Manifest this update: Mon 28 Apr 2025 00:00:29 +0000
Manifest next update: Tue 29 Apr 2025 00:00:29 +0000
Files and hashes: 1: U5Y7YWVXNPPm9KoqmwsivloXzrs.roa (hash: ca5vcs2GJ+zXpmrDaBzBSEBE+1Vnejqdln+cTCo9uxU=)
2: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: GeCuKcR4/0MZANTOLTCEGAE1hHxjCwaRTj0iCv2pFiQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:b1:fb:15:c8:ff:c5:4d:a6:bf:3f:6e:c5:69:d4:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Validity
Not Before: Apr 28 00:00:29 2025 GMT
Not After : Apr 29 00:00:29 2025 GMT
Subject: CN=c67287c0814a2b9d72bfcd004bcb8efd108f704b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3a:52:1a:97:e4:ee:82:20:18:e2:60:db:e5:
d9:91:48:8e:da:52:05:f1:49:b8:ac:b5:ae:2d:b9:
60:61:09:f7:2d:84:c7:cc:7f:11:78:76:ad:4f:23:
84:bb:a9:a2:ed:a0:84:ee:9c:42:60:b4:88:32:14:
43:d8:05:b0:c2:2a:02:71:fc:0c:fa:df:6e:44:2b:
e8:f4:60:fb:a9:76:52:9a:7b:a0:bb:cb:26:04:33:
49:21:b6:1d:c9:d3:4b:3e:0a:d8:4e:8d:4c:06:5b:
e2:2e:06:8a:71:b8:9f:c6:46:3f:1d:f4:b5:0d:90:
20:42:33:c1:c5:71:82:15:b6:06:cd:bb:70:78:46:
fb:78:75:48:96:b8:86:ff:5f:47:9e:41:62:be:20:
a9:6e:2c:1e:dd:8d:e5:ce:1a:e1:36:5b:26:ff:df:
d7:38:4f:c7:95:4d:84:8c:29:56:0b:06:a6:b7:f6:
8d:77:e6:a6:7b:56:ac:b9:14:ae:a9:2a:ed:7f:d0:
ed:a7:89:4c:26:ce:d4:79:09:3b:33:ae:5c:06:b6:
08:84:98:df:fd:85:36:d9:72:18:fd:53:93:9b:cb:
f8:97:ca:3e:4d:39:64:5f:ea:b7:84:ad:1b:b2:ff:
0b:d7:e9:72:7f:b8:14:7a:4a:0d:2d:59:dd:26:20:
7c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:72:87:C0:81:4A:2B:9D:72:BF:CD:00:4B:CB:8E:FD:10:8F:70:4B
X509v3 Authority Key Identifier:
keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:fa:27:11:24:b2:8b:35:50:ba:7d:f8:84:ef:86:d1:ef:96:
d2:8b:61:87:3f:db:16:a8:ea:9f:76:91:d7:09:36:72:ea:8d:
f4:c0:07:b9:d0:11:1e:06:9d:52:ff:e2:ad:6e:ee:5c:7c:c5:
ec:dc:a9:a1:80:ce:fe:0f:c6:88:e0:33:92:46:a1:40:bc:1c:
1b:0e:e0:f7:b6:db:ef:3c:6b:2e:94:3f:b9:5b:4b:09:86:ac:
bc:aa:9d:63:89:87:4a:00:35:e9:91:34:e0:85:ad:1c:b2:dd:
8a:3b:e7:74:a6:91:5d:0e:e1:f8:27:8e:17:8f:ec:41:19:b0:
ae:26:1b:8e:e2:49:12:7f:70:31:69:d8:b9:24:18:ef:fd:e8:
7f:72:58:da:91:ad:19:ad:07:03:26:1f:62:06:44:d8:1e:db:
76:a9:50:bd:50:f6:41:86:24:fc:1f:5c:91:c5:35:9f:b3:11:
f6:4f:59:4a:93:7f:ae:69:5f:06:c8:eb:4b:15:17:58:fb:bd:
ed:e2:ac:d7:40:78:e4:11:4f:20:5a:a0:7f:af:1a:1b:b7:32:
12:0b:07:e3:4e:d0:2e:d1:8b:d9:3a:1e:39:8f:ec:3f:5b:83:
8f:5d:ef:fa:b9:d5:c8:69:bf:79:74:e1:f8:6f:82:c9:84:4b:
ca:6e:56:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5sfsVyP/FTaa/P27FadSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm
NjI1MzEwHhcNMjUwNDI4MDAwMDI5WhcNMjUwNDI5MDAwMDI5WjAzMTEwLwYDVQQD
EyhjNjcyODdjMDgxNGEyYjlkNzJiZmNkMDA0YmNiOGVmZDEwOGY3MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDpSGpfk7oIgGOJg2+XZkUiO2lIF
8Um4rLWuLblgYQn3LYTHzH8ReHatTyOEu6mi7aCE7pxCYLSIMhRD2AWwwioCcfwM
+t9uRCvo9GD7qXZSmnugu8smBDNJIbYdydNLPgrYTo1MBlviLgaKcbifxkY/HfS1
DZAgQjPBxXGCFbYGzbtweEb7eHVIlriG/19HnkFiviCpbiwe3Y3lzhrhNlsm/9/X
OE/HlU2EjClWCwamt/aNd+ame1asuRSuqSrtf9Dtp4lMJs7UeQk7M65cBrYIhJjf
/YU22XIY/VOTm8v4l8o+TTlkX+q3hK0bsv8L1+lyf7gUekoNLVndJiB8NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZyh8CBSiudcr/NAEvLjv0Qj3BLMB8GA1UdIwQY
MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt
OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1
LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfonESSy
izVQun34hO+G0e+W0othhz/bFqjqn3aR1wk2cuqN9MAHudARHgadUv/irW7uXHzF
7NypoYDO/g/GiOAzkkahQLwcGw7g97bb7zxrLpQ/uVtLCYasvKqdY4mHSgA16ZE0
4IWtHLLdijvndKaRXQ7h+CeOF4/sQRmwriYbjuJJEn9wMWnYuSQY7/3of3JY2pGt
Ga0HAyYfYgZE2B7bdqlQvVD2QYYk/B9ckcU1n7MR9k9ZSpN/rmlfBsjrSxUXWPu9
7eKs10B45BFPIFqgf68aG7cyEgsH407QLtGL2ToeOY/sP1uDj13v+rnVyGm/eXTh
+G+CyYRLym5W6g==
-----END CERTIFICATE-----
Generated at Mon Apr 28 07:39:42 2025 by rpki-client