Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
File: 3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json)
Hash identifier: +wlVLhxJ/m52hFbv/4P5xLRFbLFFOcumbuOpeol3DDs=
Subject key identifier: 7E:AB:C5:64:39:8E:C4:11:D3:FB:97:8A:7A:A8:46:18:AA:C8:52:CB
Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
Certificate issuer: /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Certificate serial: 01968021DCA30DB48020700FBDE41203F788
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
Manifest number: 14A5
Signing time: Tue 29 Apr 2025 06:00:24 +0000
Manifest this update: Tue 29 Apr 2025 06:00:24 +0000
Manifest next update: Wed 30 Apr 2025 06:00:24 +0000
Files and hashes: 1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: JO+0qQOaTV2XFm0J+lSW23nyPgT9FJFDU/35X6p/U6o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 06:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:21:dc:a3:0d:b4:80:20:70:0f:bd:e4:12:03:f7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Validity
Not Before: Apr 29 06:00:24 2025 GMT
Not After : Apr 30 06:00:24 2025 GMT
Subject: CN=7eabc564398ec411d3fb978a7aa84618aac852cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:38:5a:0b:12:d5:fa:a6:e7:cb:e6:21:f7:
de:01:bd:d7:14:d6:8e:7b:1c:21:6f:5c:7f:67:01:
08:3d:e3:5d:f4:07:0c:24:c3:38:22:8b:70:05:5b:
83:eb:87:cd:4a:1d:26:af:a7:e6:c2:4d:6a:a0:c8:
2c:19:86:89:99:cb:c1:17:bc:3d:9d:a3:90:0b:17:
7a:c1:ee:c8:ff:e5:63:26:9d:34:cc:b8:81:16:ce:
89:29:fb:10:09:3c:07:82:66:38:f5:c4:d8:43:9e:
64:2b:01:f2:cb:71:4f:4b:71:e1:a8:6a:0e:ec:7e:
ac:5e:0e:18:75:83:dc:02:84:38:3c:fd:f2:2c:32:
93:08:67:27:7a:d3:2a:ba:07:40:c4:2c:fd:5e:fd:
16:53:02:cc:e2:a7:25:75:03:fd:74:25:15:cd:7a:
e4:51:8a:a8:57:bb:a4:d5:8c:9c:d3:16:eb:20:57:
5a:3b:dd:2a:b8:19:57:1b:7a:9b:38:5b:f5:f9:2e:
22:a1:aa:63:36:b4:c4:77:4b:34:b7:d4:63:1e:54:
65:cf:93:48:b8:ff:52:67:71:5f:e4:26:be:37:7a:
0c:85:7b:36:b5:88:f5:1b:e6:4f:56:3b:ef:4d:d8:
1c:d4:24:04:2a:8b:37:ab:5e:c9:f1:66:28:92:f0:
21:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:AB:C5:64:39:8E:C4:11:D3:FB:97:8A:7A:A8:46:18:AA:C8:52:CB
X509v3 Authority Key Identifier:
keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:f7:82:f7:f9:1d:09:9b:15:c5:a8:4d:31:3a:fe:cf:d1:77:
45:45:d3:db:a4:96:2a:55:31:7c:3e:0d:d2:8e:14:f6:73:da:
4a:25:c8:fd:e0:6b:28:b8:c3:36:e1:cf:be:24:93:d7:42:15:
68:78:d3:d5:11:78:0f:5b:ec:53:23:20:49:33:ee:a5:32:5a:
3c:d5:65:47:27:81:18:60:3d:f4:ef:d8:c7:04:ce:75:ec:47:
ba:0b:74:66:61:c0:46:b7:f9:6c:db:02:d9:f5:8c:0d:f2:dc:
e6:0c:06:ad:74:ea:b4:b7:b3:9f:bc:6d:06:26:ba:ee:8b:6d:
3f:88:f6:6d:39:e8:9d:43:a3:a1:fd:1b:0a:8d:85:19:8f:3c:
20:29:c9:ed:f4:1e:a7:36:34:32:f6:af:41:98:a2:86:5f:bd:
13:fa:b5:5a:fa:bf:8f:50:8b:3c:7a:bb:a6:c2:b5:7d:78:86:
43:30:b8:d7:4e:bc:b7:fb:9a:91:c0:cc:0c:0d:32:eb:75:1b:
c8:df:00:78:7f:ad:a3:29:95:bc:46:e5:ac:94:39:94:90:87:
ce:f4:08:26:80:a9:ed:e0:d4:cc:80:f6:d9:20:48:62:d2:ec:
a6:a9:32:50:1a:4c:45:84:53:c5:15:95:eb:cf:f7:1d:70:53:
d2:13:e7:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAIdyjDbSAIHAPveQSA/eIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4
NTA5ZTEwHhcNMjUwNDI5MDYwMDI0WhcNMjUwNDMwMDYwMDI0WjAzMTEwLwYDVQQD
Eyg3ZWFiYzU2NDM5OGVjNDExZDNmYjk3OGE3YWE4NDYxOGFhYzg1MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3A4WgsS1fqm58vmIffeAb3XFNaO
exwhb1x/ZwEIPeNd9AcMJMM4IotwBVuD64fNSh0mr6fmwk1qoMgsGYaJmcvBF7w9
naOQCxd6we7I/+VjJp00zLiBFs6JKfsQCTwHgmY49cTYQ55kKwHyy3FPS3HhqGoO
7H6sXg4YdYPcAoQ4PP3yLDKTCGcnetMqugdAxCz9Xv0WUwLM4qcldQP9dCUVzXrk
UYqoV7uk1Yyc0xbrIFdaO90quBlXG3qbOFv1+S4ioapjNrTEd0s0t9RjHlRlz5NI
uP9SZ3Ff5Ca+N3oMhXs2tYj1G+ZPVjvvTdgc1CQEKos3q17J8WYokvAh0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6rxWQ5jsQR0/uXinqoRhiqyFLLMB8GA1UdIwQY
MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt
N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh
LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPeC9/kd
CZsVxahNMTr+z9F3RUXT26SWKlUxfD4N0o4U9nPaSiXI/eBrKLjDNuHPviST10IV
aHjT1RF4D1vsUyMgSTPupTJaPNVlRyeBGGA99O/YxwTOdexHugt0ZmHARrf5bNsC
2fWMDfLc5gwGrXTqtLezn7xtBia67ottP4j2bTnonUOjof0bCo2FGY88ICnJ7fQe
pzY0MvavQZiihl+9E/q1Wvq/j1CLPHq7psK1fXiGQzC41068t/uakcDMDA0y63Ub
yN8AeH+toymVvEblrJQ5lJCHzvQIJoCp7eDUzID22SBIYtLspqkyUBpMRYRTxRWV
68/3HXBT0hPn5A==
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:44:20 2025 by rpki-client