Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: ZVwzHkRBd50/ZR4TPvAH7t+2pwDopjLCxD13fivdXLI=
Subject key identifier: 97:00:FC:4B:6C:54:2E:5E:3D:5F:70:68:97:A1:02:F9:12:B1:0E:8E
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 0196748B97B1704BBB2C566A54BE78E201C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 150F
Signing time: Sun 27 Apr 2025 00:00:27 +0000
Manifest this update: Sun 27 Apr 2025 00:00:27 +0000
Manifest next update: Mon 28 Apr 2025 00:00:27 +0000
Files and hashes: 1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: ld/hS+x9o+SktxR8h67WtKsm6xidsjpWwR8bfCAcREA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 00:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:74:8b:97:b1:70:4b:bb:2c:56:6a:54:be:78:e2:01:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Apr 27 00:00:27 2025 GMT
Not After : Apr 28 00:00:27 2025 GMT
Subject: CN=9700fc4b6c542e5e3d5f706897a102f912b10e8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fa:a3:fa:0a:30:55:73:3f:cd:1c:49:26:0e:
9a:47:a0:5e:7e:5f:fe:db:c1:05:08:52:0d:d5:9b:
24:da:bb:3d:89:1e:bf:3f:0f:49:ba:b4:8b:4e:df:
cb:f3:a0:cd:f0:d4:1c:79:61:ad:a8:27:94:b9:ec:
b5:15:87:ff:d9:6d:19:da:67:a1:95:1d:c6:1b:ae:
1d:56:1f:1b:a0:cb:f9:77:26:93:8f:2b:b9:ae:39:
36:11:60:f4:89:f7:05:24:5e:b6:b9:00:24:38:f8:
fb:1a:3f:d2:da:d0:b4:88:57:e1:f4:1d:27:38:8c:
9f:e0:df:e1:2b:9d:20:d9:e4:09:c5:7f:bd:42:0e:
98:93:97:67:f7:c9:0e:bd:bb:1a:28:61:ac:53:10:
b7:b4:f2:0b:47:3b:0a:a7:5b:dd:7f:d4:94:6e:cc:
0a:99:ba:0a:40:9d:ba:60:23:d6:72:83:8a:e5:68:
a8:57:36:53:21:a2:92:27:63:1e:2f:8f:f5:93:b6:
d9:fc:50:2b:ab:74:57:43:14:52:b3:01:43:61:71:
bc:17:ed:e0:6c:ff:78:9a:d3:8d:9d:b2:0a:46:7f:
8c:ce:dd:d6:1c:71:66:7d:09:5f:d6:01:8c:7d:88:
fb:62:f9:b1:fd:96:82:65:6f:a0:4f:94:57:4d:5e:
20:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:00:FC:4B:6C:54:2E:5E:3D:5F:70:68:97:A1:02:F9:12:B1:0E:8E
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:15:17:1c:fe:ca:20:be:13:2c:04:5a:12:ed:b0:23:df:45:
eb:18:58:2c:ac:86:20:f0:14:fd:6f:f5:f4:1d:7c:5f:f2:82:
5d:da:6e:f7:24:15:ee:e1:c6:b7:06:c8:08:de:e6:d2:58:f1:
39:de:12:c6:25:1c:93:48:e2:d2:e8:96:d3:30:45:7c:2a:ce:
85:4f:76:d6:21:0c:5f:20:d9:4b:7e:e8:7c:bf:5b:b5:fd:7b:
b5:e4:bb:68:62:32:9a:91:08:05:8f:2f:cd:27:fe:fd:d4:d7:
65:b9:d5:85:48:0b:fc:08:ce:f6:3f:88:e3:41:52:05:c0:25:
92:b9:62:f7:72:46:e6:c6:c4:81:44:02:72:42:3a:41:86:2b:
2e:fb:fa:31:0f:fa:b0:7c:26:cd:11:1a:72:37:7a:19:a1:8e:
45:28:9f:34:a4:08:82:96:40:ee:3f:8c:6b:12:c5:36:bb:05:
d7:1e:07:07:61:01:68:d0:f7:bb:38:da:c4:6b:dc:5a:44:ca:
85:ea:7e:b4:5a:68:74:8a:06:9a:49:7c:20:e3:1f:51:64:45:
62:e6:35:7c:54:c9:1a:f4:41:51:da:df:86:10:bf:ab:e4:a7:
80:c8:af:b9:29:1b:4b:71:74:a3:d9:6e:f5:51:04:3a:5b:e4:
ff:9e:d6:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0i5excEu7LFZqVL544gHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjUwNDI3MDAwMDI3WhcNMjUwNDI4MDAwMDI3WjAzMTEwLwYDVQQD
Eyg5NzAwZmM0YjZjNTQyZTVlM2Q1ZjcwNjg5N2ExMDJmOTEyYjEwZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvqj+gowVXM/zRxJJg6aR6Befl/+
28EFCFIN1Zsk2rs9iR6/Pw9JurSLTt/L86DN8NQceWGtqCeUuey1FYf/2W0Z2meh
lR3GG64dVh8boMv5dyaTjyu5rjk2EWD0ifcFJF62uQAkOPj7Gj/S2tC0iFfh9B0n
OIyf4N/hK50g2eQJxX+9Qg6Yk5dn98kOvbsaKGGsUxC3tPILRzsKp1vdf9SUbswK
mboKQJ26YCPWcoOK5WioVzZTIaKSJ2MeL4/1k7bZ/FArq3RXQxRSswFDYXG8F+3g
bP94mtONnbIKRn+Mzt3WHHFmfQlf1gGMfYj7Yvmx/ZaCZW+gT5RXTV4gPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcA/EtsVC5ePV9waJehAvkSsQ6OMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFhUXHP7K
IL4TLARaEu2wI99F6xhYLKyGIPAU/W/19B18X/KCXdpu9yQV7uHGtwbICN7m0ljx
Od4SxiUck0ji0uiW0zBFfCrOhU921iEMXyDZS37ofL9btf17teS7aGIympEIBY8v
zSf+/dTXZbnVhUgL/AjO9j+I40FSBcAlkrli93JG5sbEgUQCckI6QYYrLvv6MQ/6
sHwmzREacjd6GaGORSifNKQIgpZA7j+MaxLFNrsF1x4HB2EBaND3uzjaxGvcWkTK
hep+tFpodIoGmkl8IOMfUWRFYuY1fFTJGvRBUdrfhhC/q+SngMivuSkbS3F0o9lu
9VEEOlvk/57WbQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:26:45 2025 by rpki-client