Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/4e650b54-abc4-4418-aeb6-088a50d1d5f1/1/D7B42D8A567C7905A57C26B0BBACEA84833B5998.mft
File: D7B42D8A567C7905A57C26B0BBACEA84833B5998.mft (raw, json)
Hash identifier: YNCz5pWRI1BRstpEzo1wdrXrgXOljYPID2S8+I4eyk0=
Subject key identifier: 1D:7C:81:04:A1:8C:24:D1:0E:DF:D9:6D:6E:FF:72:C6:D1:0A:3B:AA
Authority key identifier: D7:B4:2D:8A:56:7C:79:05:A5:7C:26:B0:BB:AC:EA:84:83:3B:59:98
Certificate issuer: /CN=d7b42d8a567c7905a57c26b0bbacea84833b5998
Certificate serial: 40AC5A3979E92009DEA554E5C8E08FF96EC9690F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/17QtilZ8eQWlfCawu6zqhIM7WZg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/4e650b54-abc4-4418-aeb6-088a50d1d5f1/1/D7B42D8A567C7905A57C26B0BBACEA84833B5998.mft
Manifest number: 2A
Signing time: Thu 01 May 2025 23:23:56 +0000
Manifest this update: Thu 01 May 2025 23:18:56 +0000
Manifest next update: Sat 03 May 2025 02:19:56 +0000
Files and hashes: 1: D7B42D8A567C7905A57C26B0BBACEA84833B5998.crl (hash: nE+x2yTq61C3ivwErW2NpXI47M78Q/eS0iGq8kwAzwI=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/4e650b54-abc4-4418-aeb6-088a50d1d5f1/1/D7B42D8A567C7905A57C26B0BBACEA84833B5998.crl
rsync://rsync.paas.rpki.ripe.net/repository/4e650b54-abc4-4418-aeb6-088a50d1d5f1/1/D7B42D8A567C7905A57C26B0BBACEA84833B5998.mft
rsync://rpki.ripe.net/repository/DEFAULT/17QtilZ8eQWlfCawu6zqhIM7WZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ac:5a:39:79:e9:20:09:de:a5:54:e5:c8:e0:8f:f9:6e:c9:69:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7b42d8a567c7905a57c26b0bbacea84833b5998
Validity
Not Before: May 1 23:18:56 2025 GMT
Not After : May 3 02:19:56 2025 GMT
Subject: CN=1D7C8104A18C24D10EDFD96D6EFF72C6D10A3BAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1c:77:c9:a7:05:4f:6e:37:e7:79:bd:81:ec:
83:a1:c2:97:82:cd:2e:bb:48:d3:ae:4d:61:9f:0a:
51:a7:09:85:4f:90:71:3a:30:74:1f:c8:b1:8c:df:
30:11:36:93:ab:d5:b3:66:f8:a6:6b:4a:48:34:a1:
2b:6f:ba:43:20:72:e7:2a:6d:eb:6f:31:cf:cd:33:
65:46:7b:b3:d5:8f:b6:8f:f7:ec:b1:05:de:b5:42:
09:06:8b:de:4a:5b:4a:61:31:1a:f7:07:bc:b3:a1:
42:c4:60:3b:ea:cc:b7:a6:ec:f0:27:bc:b9:4c:a5:
4a:5d:15:f8:08:19:4d:42:8c:80:dd:e4:98:2c:3d:
3a:a8:b8:1f:5a:c7:42:b4:89:5e:27:16:2c:2c:47:
92:22:d1:68:73:01:c5:59:3a:67:58:9b:48:70:89:
0f:34:4a:c9:6c:53:26:76:4b:9b:85:68:15:87:9a:
56:e1:6c:ab:0f:21:01:62:77:94:62:62:2a:3b:6a:
a5:0f:67:24:9d:55:59:36:b4:8c:20:5a:b2:20:bb:
36:6f:26:ba:40:ce:f5:d2:0c:73:75:28:8c:30:85:
dc:f0:ea:73:98:0c:9c:b5:e5:bf:af:26:c4:95:84:
cd:65:2d:72:ec:4d:e7:07:e7:53:da:fb:db:4f:7f:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7C:81:04:A1:8C:24:D1:0E:DF:D9:6D:6E:FF:72:C6:D1:0A:3B:AA
X509v3 Authority Key Identifier:
keyid:D7:B4:2D:8A:56:7C:79:05:A5:7C:26:B0:BB:AC:EA:84:83:3B:59:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/4e650b54-abc4-4418-aeb6-088a50d1d5f1/1/D7B42D8A567C7905A57C26B0BBACEA84833B5998.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/17QtilZ8eQWlfCawu6zqhIM7WZg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/4e650b54-abc4-4418-aeb6-088a50d1d5f1/1/D7B42D8A567C7905A57C26B0BBACEA84833B5998.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:b2:41:f5:8f:3d:f2:7e:06:ab:76:0d:4d:78:c6:45:cb:02:
6f:cd:c9:56:03:ce:3d:4d:98:94:5c:b4:93:46:79:a0:b9:b0:
ef:9d:59:5a:9b:98:62:dd:4b:90:bb:44:8c:b1:8d:79:be:71:
f0:02:0e:1d:62:e4:84:02:b7:ac:5e:cf:8a:58:87:2d:46:74:
98:bc:ed:5c:dc:01:0b:c9:42:30:ee:ea:78:ea:7d:54:97:5e:
5c:20:5c:ff:3b:54:f7:02:84:cd:50:5e:9e:88:9d:c8:a8:c3:
33:83:5b:59:8f:d7:31:7c:6c:57:0a:5c:09:c8:15:3a:92:ee:
f1:df:60:4a:61:c2:49:23:a3:c0:ff:a7:16:64:20:01:a3:fb:
b3:30:e5:2b:62:2c:a3:9e:78:cb:c7:93:65:04:d1:8b:0b:0f:
5b:9e:b5:dd:b2:05:e3:57:65:94:ae:ce:b5:10:61:43:44:e1:
e0:fb:db:0c:f6:06:2c:db:d4:4d:cd:fe:b2:37:b1:6b:c2:32:
36:c3:07:83:c4:e8:c7:99:e2:48:48:f3:73:fe:95:d0:26:cc:
44:cf:e9:ee:ca:c9:64:68:25:d9:be:ee:64:67:51:09:7c:7d:
59:7e:b9:a4:2b:dc:2b:e9:4f:fb:b6:70:a0:43:d6:d6:4f:1b:
88:04:44:41
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUQKxaOXnpIAnepVTlyOCP+W7JaQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDdiNDJkOGE1NjdjNzkwNWE1N2MyNmIwYmJhY2VhODQ4
MzNiNTk5ODAeFw0yNTA1MDEyMzE4NTZaFw0yNTA1MDMwMjE5NTZaMDMxMTAvBgNV
BAMTKDFEN0M4MTA0QTE4QzI0RDEwRURGRDk2RDZFRkY3MkM2RDEwQTNCQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPHHfJpwVPbjfneb2B7IOhwpeC
zS67SNOuTWGfClGnCYVPkHE6MHQfyLGM3zARNpOr1bNm+KZrSkg0oStvukMgcucq
betvMc/NM2VGe7PVj7aP9+yxBd61QgkGi95KW0phMRr3B7yzoULEYDvqzLem7PAn
vLlMpUpdFfgIGU1CjIDd5JgsPTqouB9ax0K0iV4nFiwsR5Ii0WhzAcVZOmdYm0hw
iQ80SslsUyZ2S5uFaBWHmlbhbKsPIQFid5RiYio7aqUPZySdVVk2tIwgWrIguzZv
JrpAzvXSDHN1KIwwhdzw6nOYDJy15b+vJsSVhM1lLXLsTecH51Pa+9tPf2ERAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUHXyBBKGMJNEO39ltbv9yxtEKO6owHwYDVR0j
BBgwFoAU17QtilZ8eQWlfCawu6zqhIM7WZgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNGU2NTBiNTQtYWJjNC00NDE4LWFlYjYtMDg4YTUwZDFk
NWYxLzEvRDdCNDJEOEE1NjdDNzkwNUE1N0MyNkIwQkJBQ0VBODQ4MzNCNTk5OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3UXRpbFo4ZVFXbGZDYXd1NnpxaElN
N1daZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS80ZTY1MGI1NC1h
YmM0LTQ0MTgtYWViNi0wODhhNTBkMWQ1ZjEvMS9EN0I0MkQ4QTU2N0M3OTA1QTU3
QzI2QjBCQkFDRUE4NDgzM0I1OTk4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACrJB9Y898n4Gq3YNTXjG
RcsCb83JVgPOPU2YlFy0k0Z5oLmw751ZWpuYYt1LkLtEjLGNeb5x8AIOHWLkhAK3
rF7PiliHLUZ0mLztXNwBC8lCMO7qeOp9VJdeXCBc/ztU9wKEzVBenoidyKjDM4Nb
WY/XMXxsVwpcCcgVOpLu8d9gSmHCSSOjwP+nFmQgAaP7szDlK2Iso554y8eTZQTR
iwsPW5613bIF41dllK7OtRBhQ0Th4PvbDPYGLNvUTc3+sjexa8IyNsMHg8Tox5ni
SEjzc/6V0CbMRM/p7srJZGgl2b7uZGdRCXx9WX65pCvcK+lP+7ZwoEPW1k8biARE
QQ==
-----END CERTIFICATE-----
Generated at Fri May 2 06:14:40 2025 by rpki-client