Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.mft
File: vK-LpZ96PF0A_grUVk2AUk33-pA.mft (raw, json)
Hash identifier: tANIgRSpEPZo25bIRYwMzmEXPCREL40PzkG31uYZsaE=
Subject key identifier: 3E:4B:D5:C1:1A:C2:88:7A:8A:FF:F3:A7:41:C3:48:EC:55:48:35:5F
Authority key identifier: BC:AF:8B:A5:9F:7A:3C:5D:00:FE:0A:D4:56:4D:80:52:4D:F7:FA:90
Certificate issuer: /CN=bcaf8ba59f7a3c5d00fe0ad4564d80524df7fa90
Certificate serial: 01968992DB962EE1F495F720AC4C70B25410
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vK-LpZ96PF0A_grUVk2AUk33-pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.mft
Manifest number: 1516
Signing time: Thu 01 May 2025 02:00:25 +0000
Manifest this update: Thu 01 May 2025 02:00:25 +0000
Manifest next update: Fri 02 May 2025 02:00:25 +0000
Files and hashes: 1: A27u4uaTW6Wfn1YJN7sriqWyvlY.roa (hash: eRUT0mnKKp1D1eZhZRZxpjyCM3yHa+jgOt2PMVH/I+o=)
2: vK-LpZ96PF0A_grUVk2AUk33-pA.crl (hash: ntnGpKN8eF+N37j9Pjs96ycStg3frpXSschd4RkzeNk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vK-LpZ96PF0A_grUVk2AUk33-pA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 02:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:89:92:db:96:2e:e1:f4:95:f7:20:ac:4c:70:b2:54:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcaf8ba59f7a3c5d00fe0ad4564d80524df7fa90
Validity
Not Before: May 1 02:00:25 2025 GMT
Not After : May 2 02:00:25 2025 GMT
Subject: CN=3e4bd5c11ac2887a8afff3a741c348ec5548355f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:73:69:66:5f:0d:c0:7b:35:38:15:ac:57:6a:
a2:ca:4d:4f:7e:dd:cb:c9:2c:db:8b:07:ff:db:02:
a0:fc:04:74:0b:94:97:1c:5c:af:17:7b:bd:d8:16:
4a:49:70:63:9c:4c:51:4a:de:94:20:97:cd:b6:c4:
5f:05:a5:e6:75:20:da:38:c4:b3:9f:9b:52:1f:49:
dc:88:9a:b4:f3:d6:c4:7b:1b:3f:24:ef:54:a6:91:
81:a4:8c:e9:4d:b0:35:ec:6f:84:ac:2c:9d:ad:b5:
27:92:be:80:81:c2:8a:fc:46:a9:44:ca:42:9d:3c:
f4:7c:3c:6a:8b:44:ce:95:2c:7b:70:cb:df:10:3e:
fa:f6:dc:ba:45:78:62:8b:cd:97:53:a5:8d:61:76:
c1:00:48:6e:07:0a:cc:5d:0f:f2:bf:77:0e:bf:35:
0f:79:30:04:52:d8:25:3f:42:bc:64:8a:c3:18:26:
1b:79:89:f2:90:3d:dc:88:8d:67:21:1c:56:df:fa:
32:5b:bc:0c:a4:7f:ac:38:4a:d3:54:21:31:3f:85:
81:a1:a4:2a:8e:4d:d2:99:b3:65:e3:00:e4:47:c0:
5f:ba:8a:70:13:60:3a:bf:1f:af:db:70:cd:26:e7:
07:f3:09:c8:7f:0f:c7:3e:85:bf:8c:75:c3:2d:5b:
63:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4B:D5:C1:1A:C2:88:7A:8A:FF:F3:A7:41:C3:48:EC:55:48:35:5F
X509v3 Authority Key Identifier:
keyid:BC:AF:8B:A5:9F:7A:3C:5D:00:FE:0A:D4:56:4D:80:52:4D:F7:FA:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vK-LpZ96PF0A_grUVk2AUk33-pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d07e9e-132a-48e2-9538-902aec440464/1/vK-LpZ96PF0A_grUVk2AUk33-pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:09:33:cf:b9:ff:1d:e2:d7:b9:6d:a8:77:d8:c8:2c:09:e3:
e0:0a:3f:c3:d9:f6:fc:91:45:df:44:0a:23:cc:3c:ed:93:b6:
69:8f:28:8b:80:46:c0:a9:f6:b9:5b:ef:f1:f9:08:d0:70:22:
92:71:3d:e8:92:39:e3:37:1f:91:b2:cb:cb:4e:e3:09:15:c4:
ad:e6:47:89:fe:a7:5f:9d:c5:22:eb:40:d9:f7:53:07:09:56:
ac:f4:43:8b:f6:72:e0:58:38:f1:bc:53:3d:90:00:d3:64:fa:
c7:0c:32:bd:59:54:4e:32:56:88:fe:57:ec:7c:13:f6:1b:5d:
10:fa:71:51:4c:bc:25:86:7b:f3:7a:f9:bf:8f:d2:93:ff:f9:
ee:b7:9e:4a:41:54:73:43:24:15:69:9e:38:cb:86:1c:8e:25:
f8:b2:be:8b:e8:b3:1a:5b:77:40:96:e3:d0:80:94:5b:95:d4:
33:50:08:43:b4:c4:b4:76:b5:e0:2c:43:54:c7:ec:da:91:60:
eb:cb:91:e8:ea:3c:b5:cd:fc:b9:b3:83:67:ce:34:fa:5e:3d:
2a:92:c7:9b:02:77:cb:4c:c2:40:dc:cb:25:f6:55:3b:4e:71:
fe:99:01:07:00:e3:d3:55:cb:e2:a5:32:a0:07:5d:e6:f3:53:
44:3c:f6:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJktuWLuH0lfcgrExwslQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYWY4YmE1OWY3YTNjNWQwMGZlMGFkNDU2NGQ4MDUyNGRm
N2ZhOTAwHhcNMjUwNTAxMDIwMDI1WhcNMjUwNTAyMDIwMDI1WjAzMTEwLwYDVQQD
EygzZTRiZDVjMTFhYzI4ODdhOGFmZmYzYTc0MWMzNDhlYzU1NDgzNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXNpZl8NwHs1OBWsV2qiyk1Pft3L
ySzbiwf/2wKg/AR0C5SXHFyvF3u92BZKSXBjnExRSt6UIJfNtsRfBaXmdSDaOMSz
n5tSH0nciJq089bEexs/JO9UppGBpIzpTbA17G+ErCydrbUnkr6AgcKK/EapRMpC
nTz0fDxqi0TOlSx7cMvfED769ty6RXhii82XU6WNYXbBAEhuBwrMXQ/yv3cOvzUP
eTAEUtglP0K8ZIrDGCYbeYnykD3ciI1nIRxW3/oyW7wMpH+sOErTVCExP4WBoaQq
jk3SmbNl4wDkR8BfuopwE2A6vx+v23DNJucH8wnIfw/HPoW/jHXDLVtjmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5L1cEawoh6iv/zp0HDSOxVSDVfMB8GA1UdIwQY
MBaAFLyvi6WfejxdAP4K1FZNgFJN9/qQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkstTHBaOTZQRjBBX2dyVVZrMkFVazMzLXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMDdlOWUtMTMyYS00OGUyLTk1Mzgt
OTAyYWVjNDQwNDY0LzEvdkstTHBaOTZQRjBBX2dyVVZrMkFVazMzLXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kMDdlOWUtMTMyYS00OGUyLTk1MzgtOTAyYWVjNDQwNDY0
LzEvdkstTHBaOTZQRjBBX2dyVVZrMkFVazMzLXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApAkzz7n/
HeLXuW2od9jILAnj4Ao/w9n2/JFF30QKI8w87ZO2aY8oi4BGwKn2uVvv8fkI0HAi
knE96JI54zcfkbLLy07jCRXEreZHif6nX53FIutA2fdTBwlWrPRDi/Zy4Fg48bxT
PZAA02T6xwwyvVlUTjJWiP5X7HwT9htdEPpxUUy8JYZ783r5v4/Sk//57reeSkFU
c0MkFWmeOMuGHI4l+LK+i+izGlt3QJbj0ICUW5XUM1AIQ7TEtHa14CxDVMfs2pFg
68uR6Oo8tc38ubODZ840+l49KpLHmwJ3y0zCQNzLJfZVO05x/pkBBwDj01XL4qUy
oAdd5vNTRDz2YQ==
-----END CERTIFICATE-----
Generated at Thu May 1 10:20:17 2025 by rpki-client