Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: 6Liz4uoqhaRkDsp84DAp6oIFq4WQnob3lDrGZYwccHc=
Subject key identifier: AF:44:F2:83:52:83:DF:C9:C0:9D:3B:4A:7F:36:04:DD:18:FE:C9:19
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 0196790D32DA14334638146BC37330934D6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1511
Signing time: Sun 27 Apr 2025 21:00:30 +0000
Manifest this update: Sun 27 Apr 2025 21:00:30 +0000
Manifest next update: Mon 28 Apr 2025 21:00:30 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: XyqNJnj5ovj0o7aFuow0OUx9ErzU8OZ3Zvkf7titQ4U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:0d:32:da:14:33:46:38:14:6b:c3:73:30:93:4d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Apr 27 21:00:30 2025 GMT
Not After : Apr 28 21:00:30 2025 GMT
Subject: CN=af44f2835283dfc9c09d3b4a7f3604dd18fec919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:a1:5d:3a:bb:6a:bd:a2:bb:72:2e:e9:8d:
dc:1a:c9:72:79:74:c7:9b:62:50:a3:fc:e8:58:ae:
fd:b5:f3:4c:ab:7c:74:d9:59:c8:f0:2e:2d:95:2a:
00:60:ff:b3:c7:19:74:f8:a9:14:9f:b5:3e:e6:47:
5d:5b:92:72:88:b8:f5:70:20:57:76:67:d2:37:7d:
db:16:25:f0:62:af:be:65:cd:85:4d:dc:72:be:14:
c7:85:51:ed:d8:46:7f:ee:30:65:8c:19:2a:d5:77:
2f:f0:42:00:ae:d5:ec:19:48:00:96:8e:13:ae:68:
b0:65:ed:75:90:ca:8d:c5:9d:be:6c:aa:47:5b:ab:
c0:44:b8:5f:cb:2b:ce:14:5d:96:67:31:2b:cf:1b:
e8:ca:30:56:5a:65:d2:35:8d:2f:f7:91:84:e4:fd:
8f:25:cd:f2:8c:f5:66:57:a8:e2:ff:1d:15:ad:a2:
fc:18:63:ac:e0:b2:d5:c1:19:f1:17:92:00:03:15:
0a:93:eb:4c:29:f5:4a:3d:03:ae:3e:10:d0:82:5b:
31:4e:a0:cc:59:23:69:5c:cd:1e:63:be:82:ac:44:
00:45:ca:cc:9d:6e:fd:8d:c6:4d:32:47:0a:68:3d:
3c:33:42:00:86:78:8f:07:22:24:fa:8b:39:36:b6:
60:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:44:F2:83:52:83:DF:C9:C0:9D:3B:4A:7F:36:04:DD:18:FE:C9:19
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:25:0b:ee:95:42:37:c1:7a:e6:0e:17:16:63:ca:c7:0d:a4:
2d:aa:e5:a5:09:21:d3:f4:bb:34:bd:27:b6:72:47:a8:64:97:
41:c1:5a:7e:9d:fe:19:15:55:2b:f3:9f:86:4b:f0:22:f4:f0:
76:d4:3c:d2:a2:7d:df:63:7d:65:62:a0:98:de:cd:bf:83:15:
e7:a8:a9:39:81:73:da:b7:5c:58:77:67:b7:91:9a:b0:09:ac:
cf:cc:f0:5c:21:30:b2:a8:ed:e3:ef:96:14:90:cd:99:52:6a:
23:c6:ab:a0:49:44:63:95:b4:83:b2:8c:0e:22:af:ca:1b:ea:
75:8a:8a:50:a6:8f:a1:5b:5b:37:18:05:ac:94:18:e9:4c:c9:
89:7d:60:c7:73:07:03:07:3d:fa:90:0d:ca:e8:3d:b9:b5:4b:
f9:0c:bb:d8:8a:85:9a:c7:15:e6:2a:81:e1:2f:84:8e:87:dc:
16:60:c7:95:3e:ff:cb:58:2e:8c:a5:09:a5:2e:4e:9b:fd:ea:
b8:72:d3:cb:03:8e:c1:d6:1a:d3:71:ad:94:53:8b:7c:f4:ac:
18:29:90:c3:e8:32:2a:89:ad:04:dd:1d:01:67:f2:4e:7d:80:
b7:fc:91:af:66:71:1d:3a:4a:e1:0b:69:fe:86:c5:f5:11:3e:
7c:dd:36:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5DTLaFDNGOBRrw3Mwk01sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwNDI3MjEwMDMwWhcNMjUwNDI4MjEwMDMwWjAzMTEwLwYDVQQD
EyhhZjQ0ZjI4MzUyODNkZmM5YzA5ZDNiNGE3ZjM2MDRkZDE4ZmVjOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBihXTq7ar2iu3Iu6Y3cGslyeXTH
m2JQo/zoWK79tfNMq3x02VnI8C4tlSoAYP+zxxl0+KkUn7U+5kddW5JyiLj1cCBX
dmfSN33bFiXwYq++Zc2FTdxyvhTHhVHt2EZ/7jBljBkq1Xcv8EIArtXsGUgAlo4T
rmiwZe11kMqNxZ2+bKpHW6vARLhfyyvOFF2WZzErzxvoyjBWWmXSNY0v95GE5P2P
Jc3yjPVmV6ji/x0VraL8GGOs4LLVwRnxF5IAAxUKk+tMKfVKPQOuPhDQglsxTqDM
WSNpXM0eY76CrEQARcrMnW79jcZNMkcKaD08M0IAhniPByIk+os5NrZgDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9E8oNSg9/JwJ07Sn82BN0Y/skZMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALyUL7pVC
N8F65g4XFmPKxw2kLarlpQkh0/S7NL0ntnJHqGSXQcFafp3+GRVVK/OfhkvwIvTw
dtQ80qJ932N9ZWKgmN7Nv4MV56ipOYFz2rdcWHdnt5GasAmsz8zwXCEwsqjt4++W
FJDNmVJqI8aroElEY5W0g7KMDiKvyhvqdYqKUKaPoVtbNxgFrJQY6UzJiX1gx3MH
Awc9+pANyug9ubVL+Qy72IqFmscV5iqB4S+EjofcFmDHlT7/y1gujKUJpS5Om/3q
uHLTywOOwdYa03GtlFOLfPSsGCmQw+gyKomtBN0dAWfyTn2At/yRr2ZxHTpK4Qtp
/obF9RE+fN02YA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:21:49 2025 by rpki-client