Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: uon2oXHjAbAZUDQ3GKqxthHVgS/I+XEzRG6U05HxEjw=
Subject key identifier: 1C:58:56:3F:3C:DC:74:4D:D0:E2:48:BA:08:D1:3F:50:02:B4:B3:87
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 019676B0C7868EF204AB3C338BF949D749ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 0CF0
Signing time: Sun 27 Apr 2025 10:00:18 +0000
Manifest this update: Sun 27 Apr 2025 10:00:18 +0000
Manifest next update: Mon 28 Apr 2025 10:00:18 +0000
Files and hashes: 1: hi3FrnF-3jLI3lIxcnrMYtC-4ow.roa (hash: Hon+3addqQMzwZi2hE3IgLssZw3bA0MMDqOLsP3ZK0E=)
2: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: sN4HB89d0QKH5mW5Vwc4O5VVox9tEz7Jz/iJsbbNldk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:b0:c7:86:8e:f2:04:ab:3c:33:8b:f9:49:d7:49:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Apr 27 10:00:18 2025 GMT
Not After : Apr 28 10:00:18 2025 GMT
Subject: CN=1c58563f3cdc744dd0e248ba08d13f5002b4b387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:20:fe:be:6b:3e:68:e1:0b:1d:03:4a:de:06:
7f:77:95:6d:ad:50:8c:66:ee:19:a8:d2:f6:f8:4b:
a4:66:60:db:e6:19:4e:ca:6f:15:b4:f9:e4:99:87:
f7:8e:d6:9c:f9:2b:31:7d:79:6e:07:b7:95:7d:f6:
80:b2:dc:2e:6c:e6:2a:b1:7f:b5:49:b4:c8:91:16:
6f:3a:a4:4d:5a:b0:5b:25:02:db:4b:7f:fe:47:69:
34:98:37:2e:c4:f8:ec:e6:7b:a0:75:74:be:01:2a:
e7:21:23:d0:e7:5a:f9:cd:2f:ec:13:22:32:26:61:
3f:4b:65:77:c1:e2:82:4c:ac:6d:63:c6:9b:4e:e7:
d9:e9:04:c9:fa:0c:1d:8d:de:45:42:8c:90:06:99:
67:96:47:0e:37:6f:b5:68:6b:a2:28:f4:d9:41:3b:
8a:af:8d:bc:07:63:3b:c4:5c:84:51:cc:fc:8d:a8:
0e:b4:1b:e0:d2:6f:3b:a4:84:cd:bf:3c:73:88:83:
a1:e5:e1:3b:a1:6a:73:3a:c6:d9:36:d8:f8:b8:b8:
db:a1:80:be:77:d3:9d:5f:fa:b9:2f:d0:f9:b8:12:
b2:5b:1e:48:70:8d:54:91:35:58:83:3b:b5:4a:7a:
43:4b:ab:86:31:b0:f0:e1:89:53:18:ab:da:28:03:
95:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:58:56:3F:3C:DC:74:4D:D0:E2:48:BA:08:D1:3F:50:02:B4:B3:87
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:38:17:d3:62:07:63:62:50:c0:1b:3f:14:20:1f:32:0b:df:
f3:aa:9a:25:e8:eb:5b:3e:ef:3b:f0:90:55:d6:ba:45:16:5e:
1d:d5:13:e3:22:eb:91:09:a0:d6:06:c3:42:c2:eb:d9:c5:0e:
20:b9:b5:eb:35:88:bd:52:a8:c2:5d:8c:39:68:36:8b:a9:46:
40:de:3c:b7:83:bb:43:3a:6f:56:39:68:5c:3a:a5:3a:7c:d2:
a4:6a:42:04:30:91:29:be:61:14:db:17:cd:b4:0a:da:47:7a:
a0:6a:43:d3:dd:3c:a8:a8:ab:92:fd:a2:15:76:67:0c:b2:de:
69:66:55:48:22:cd:c1:5b:f3:37:dc:67:ff:85:87:d8:5c:32:
2a:d8:47:c8:ea:0c:2c:9a:32:fa:b5:f6:5e:6a:4c:31:49:24:
59:f7:d6:7d:c2:99:53:7d:81:19:f5:9f:36:58:b7:fa:65:74:
ca:95:91:88:63:65:9e:e3:dc:e5:94:c5:50:5b:46:f8:d7:85:
e0:0e:a9:75:d7:7e:0d:49:55:05:39:fb:1b:28:12:70:45:b5:
06:44:5d:55:73:15:fd:6b:e8:a8:18:fb:58:e5:cf:d3:69:8c:
2c:25:09:cd:3b:2d:11:db:74:f7:ec:34:53:67:85:0b:2f:c5:
6a:f7:da:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sMeGjvIEqzwzi/lJ10ntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjUwNDI3MTAwMDE4WhcNMjUwNDI4MTAwMDE4WjAzMTEwLwYDVQQD
EygxYzU4NTYzZjNjZGM3NDRkZDBlMjQ4YmEwOGQxM2Y1MDAyYjRiMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCD+vms+aOELHQNK3gZ/d5VtrVCM
Zu4ZqNL2+EukZmDb5hlOym8VtPnkmYf3jtac+SsxfXluB7eVffaAstwubOYqsX+1
SbTIkRZvOqRNWrBbJQLbS3/+R2k0mDcuxPjs5nugdXS+ASrnISPQ51r5zS/sEyIy
JmE/S2V3weKCTKxtY8abTufZ6QTJ+gwdjd5FQoyQBplnlkcON2+1aGuiKPTZQTuK
r428B2M7xFyEUcz8jagOtBvg0m87pITNvzxziIOh5eE7oWpzOsbZNtj4uLjboYC+
d9OdX/q5L9D5uBKyWx5IcI1UkTVYgzu1SnpDS6uGMbDw4YlTGKvaKAOV4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxYVj883HRN0OJIugjRP1ACtLOHMB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUDgX02IH
Y2JQwBs/FCAfMgvf86qaJejrWz7vO/CQVda6RRZeHdUT4yLrkQmg1gbDQsLr2cUO
ILm16zWIvVKowl2MOWg2i6lGQN48t4O7QzpvVjloXDqlOnzSpGpCBDCRKb5hFNsX
zbQK2kd6oGpD0908qKirkv2iFXZnDLLeaWZVSCLNwVvzN9xn/4WH2FwyKthHyOoM
LJoy+rX2XmpMMUkkWffWfcKZU32BGfWfNli3+mV0ypWRiGNlnuPc5ZTFUFtG+NeF
4A6pddd+DUlVBTn7GygScEW1BkRdVXMV/WvoqBj7WOXP02mMLCUJzTstEdt09+w0
U2eFCy/Favfa4g==
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:20:50 2025 by rpki-client