Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
File: JfgKOI5PDiZBTOq-q036hBkdgUA.mft (raw, json)
Hash identifier: rkCHzf1ka1VFAWI6BKHbcij1Q5zIydS2KksQVKR93ns=
Subject key identifier: BA:A6:86:86:03:FE:6C:75:A6:DC:A8:E3:53:E4:30:88:F0:2E:B4:37
Authority key identifier: 25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
Certificate issuer: /CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Certificate serial: 0196821015CAA23C3D450BE3BBC94CF3F5EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
Manifest number: 141D
Signing time: Tue 29 Apr 2025 15:00:14 +0000
Manifest this update: Tue 29 Apr 2025 15:00:14 +0000
Manifest next update: Wed 30 Apr 2025 15:00:14 +0000
Files and hashes: 1: JfgKOI5PDiZBTOq-q036hBkdgUA.crl (hash: pi3HoAgFEk4pjbO7ogDnrTn4Rm2WYCdi5x2FCg5telM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:10:15:ca:a2:3c:3d:45:0b:e3:bb:c9:4c:f3:f5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Validity
Not Before: Apr 29 15:00:14 2025 GMT
Not After : Apr 30 15:00:14 2025 GMT
Subject: CN=baa6868603fe6c75a6dca8e353e43088f02eb437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:05:2b:02:ef:04:b0:bd:88:8c:cd:7b:af:c6:
5c:e3:b3:2b:ab:00:11:74:fd:56:b0:ba:b4:2c:e5:
97:27:8a:12:10:16:84:bf:ae:fb:1c:72:95:6d:1e:
9a:9a:c5:8d:fc:d1:79:72:76:bc:18:b0:6f:2b:35:
1e:6b:1e:08:b5:4f:04:7e:66:06:a1:17:aa:61:c8:
ec:28:02:90:6f:3c:13:76:e7:ad:60:0b:d2:58:78:
03:d4:18:97:f0:e7:71:7c:4b:0d:b6:b3:c7:f9:fd:
82:6d:9d:2c:77:d2:05:74:ef:eb:5e:61:3d:51:9f:
67:6d:8f:d8:59:ea:92:86:6c:80:5c:e9:cb:d1:c6:
54:45:e2:38:b4:19:1b:80:e7:6c:48:31:b5:22:94:
53:ab:b0:86:e9:1b:ce:8e:3a:fd:5d:de:ba:d0:e4:
88:e2:64:dd:30:81:03:e9:69:7a:a5:e7:c1:8f:24:
08:73:ae:28:a6:45:92:02:1f:4b:10:6b:02:28:13:
7d:e5:03:06:42:24:59:a9:7c:b1:64:17:9e:49:9d:
bb:0a:bd:5f:41:55:43:80:23:2d:7f:7e:f4:99:3d:
02:aa:db:76:ed:18:7c:2c:6a:0b:6a:9f:60:b7:36:
de:c7:b1:64:b2:83:83:51:f5:63:3f:9a:a3:23:8e:
c8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A6:86:86:03:FE:6C:75:A6:DC:A8:E3:53:E4:30:88:F0:2E:B4:37
X509v3 Authority Key Identifier:
keyid:25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:1f:61:12:9c:03:17:1f:d4:09:32:e2:2f:74:77:bd:c5:d3:
15:79:f6:61:ff:75:c7:59:63:e1:9b:cb:32:a8:18:ef:18:44:
1f:68:4d:cc:6c:9c:6f:45:78:5b:c6:59:fd:6d:71:37:cf:aa:
03:36:29:0e:a4:8b:d4:07:0c:fc:18:0f:f5:84:02:8d:7b:fd:
f0:fb:0e:e0:29:a8:5f:fc:21:b9:a8:63:b0:90:be:05:9e:92:
10:71:16:3e:04:ab:6b:eb:ac:cb:0c:58:b8:3d:63:5d:e5:79:
df:64:06:fd:0a:2b:db:9f:ef:6a:c9:02:76:d5:c3:e6:ba:51:
58:89:54:66:15:e7:d8:cb:89:51:c2:ed:ed:aa:97:cf:5b:38:
f4:89:45:67:38:82:cf:47:45:2b:88:a5:64:03:0a:ce:26:bd:
7b:d2:b4:09:52:61:fc:ec:05:43:09:2d:d2:28:7c:90:a0:37:
55:f0:94:5f:16:e5:ce:5f:28:ab:61:fd:ef:f0:df:45:df:05:
c4:ac:33:cf:b4:d7:1f:26:7b:e2:f6:ed:1d:36:b6:bf:9a:a7:
1f:1f:cc:19:ba:fd:3c:40:e2:b7:78:0b:b1:ed:ca:75:47:37:
06:ea:a3:96:92:0d:9e:43:81:b4:9e:79:55:9a:ce:e8:36:18:
64:24:1a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCEBXKojw9RQvju8lM8/XrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZjgwYTM4OGU0ZjBlMjY0MTRjZWFiZWFiNGRmYTg0MTkx
ZDgxNDAwHhcNMjUwNDI5MTUwMDE0WhcNMjUwNDMwMTUwMDE0WjAzMTEwLwYDVQQD
EyhiYWE2ODY4NjAzZmU2Yzc1YTZkY2E4ZTM1M2U0MzA4OGYwMmViNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogUrAu8EsL2IjM17r8Zc47MrqwAR
dP1WsLq0LOWXJ4oSEBaEv677HHKVbR6amsWN/NF5cna8GLBvKzUeax4ItU8EfmYG
oReqYcjsKAKQbzwTduetYAvSWHgD1BiX8OdxfEsNtrPH+f2CbZ0sd9IFdO/rXmE9
UZ9nbY/YWeqShmyAXOnL0cZUReI4tBkbgOdsSDG1IpRTq7CG6RvOjjr9Xd660OSI
4mTdMIED6Wl6pefBjyQIc64opkWSAh9LEGsCKBN95QMGQiRZqXyxZBeeSZ27Cr1f
QVVDgCMtf370mT0Cqtt27Rh8LGoLap9gtzbex7FksoODUfVjP5qjI47IEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqmhoYD/mx1ptyo41PkMIjwLrQ3MB8GA1UdIwQY
MBaAFCX4CjiOTw4mQUzqvqtN+oQZHYFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjIt
OTdkYzdiNTM1YjFkLzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjItOTdkYzdiNTM1YjFk
LzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATB9hEpwD
Fx/UCTLiL3R3vcXTFXn2Yf91x1lj4ZvLMqgY7xhEH2hNzGycb0V4W8ZZ/W1xN8+q
AzYpDqSL1AcM/BgP9YQCjXv98PsO4CmoX/whuahjsJC+BZ6SEHEWPgSra+usywxY
uD1jXeV532QG/Qor25/vaskCdtXD5rpRWIlUZhXn2MuJUcLt7aqXz1s49IlFZziC
z0dFK4ilZAMKzia9e9K0CVJh/OwFQwkt0ih8kKA3VfCUXxblzl8oq2H97/DfRd8F
xKwzz7TXHyZ74vbtHTa2v5qnHx/MGbr9PEDit3gLse3KdUc3BuqjlpINnkOBtJ55
VZrO6DYYZCQa5g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 17:39:32 2025 by rpki-client