Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.mft
File: f3YJUscz9vLuklTtzRTg2qeLOIw.mft (raw, json)
Hash identifier: mYWxgneS+d2nJwHFMK01abUpVB3qzC7r6/mRdii0yj0=
Subject key identifier: 97:F6:CE:32:FE:B7:09:6B:EA:28:DF:47:47:D9:18:D7:45:78:E8:52
Authority key identifier: 7F:76:09:52:C7:33:F6:F2:EE:92:54:ED:CD:14:E0:DA:A7:8B:38:8C
Certificate issuer: /CN=7f760952c733f6f2ee9254edcd14e0daa78b388c
Certificate serial: 019510FDDEF4B24B0E5806F5753A1BE1DC17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3YJUscz9vLuklTtzRTg2qeLOIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.mft
Manifest number: 023A
Signing time: Sun 16 Feb 2025 23:00:27 +0000
Manifest this update: Sun 16 Feb 2025 23:00:27 +0000
Manifest next update: Mon 17 Feb 2025 23:00:27 +0000
Files and hashes: 1: ZCBQTSRDp2Vji2C9hSrbiPFq7OY.roa (hash: PB9NVbc1SKDdgUUB+S0NaDZM0GQCTky3OkA9OktttX0=)
2: f3YJUscz9vLuklTtzRTg2qeLOIw.crl (hash: yhmxtxeUZlDeUqlzgMgU5v4y33xogNE4Im/avtLaZAI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/f3YJUscz9vLuklTtzRTg2qeLOIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:fd:de:f4:b2:4b:0e:58:06:f5:75:3a:1b:e1:dc:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f760952c733f6f2ee9254edcd14e0daa78b388c
Validity
Not Before: Feb 16 23:00:27 2025 GMT
Not After : Feb 17 23:00:27 2025 GMT
Subject: CN=97f6ce32feb7096bea28df4747d918d74578e852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cb:4b:3c:04:5a:d4:49:7e:33:9d:84:4e:53:
c8:01:cc:6c:1a:ce:ca:24:9d:56:f3:cd:f4:71:11:
06:96:ee:bf:bf:2c:2f:60:07:69:89:04:bf:3e:ac:
46:ea:d9:da:cd:6e:37:ab:cb:3d:ad:26:cd:18:1b:
72:05:64:9e:91:0a:91:3f:b1:d7:de:d1:a2:38:52:
36:0f:02:38:f2:fc:6f:ef:12:82:5a:fb:74:0f:ed:
ee:c7:2a:77:4a:f5:c4:36:f3:97:e2:4e:02:c9:6e:
0e:dc:7d:e6:00:57:4b:7b:b4:10:1d:e3:2d:b7:ef:
4b:c1:fc:39:c0:22:b4:bd:89:b2:0f:ae:d7:e3:bc:
08:c9:62:d8:11:da:3c:3d:92:04:88:77:72:b4:d8:
35:28:29:79:d1:ac:88:bf:d4:d9:4c:0b:86:bd:61:
0c:78:09:46:76:ad:7a:ed:fe:34:1a:ea:bc:d4:81:
5f:c6:60:cb:b2:0e:35:35:73:bd:d1:b2:e1:f2:02:
e5:1b:8c:9a:cd:34:1e:17:13:e6:51:0d:fd:5f:a9:
b1:a6:46:b0:35:2d:d1:7d:86:76:fc:e1:3c:65:b0:
2d:bf:7a:95:4b:29:1d:6f:7c:11:eb:37:77:19:f3:
bd:c3:fa:96:cf:12:b9:8d:b5:cd:9a:0a:0d:d8:98:
37:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F6:CE:32:FE:B7:09:6B:EA:28:DF:47:47:D9:18:D7:45:78:E8:52
X509v3 Authority Key Identifier:
keyid:7F:76:09:52:C7:33:F6:F2:EE:92:54:ED:CD:14:E0:DA:A7:8B:38:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3YJUscz9vLuklTtzRTg2qeLOIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d7:22:b9:41:d0:a9:a6:34:e5:15:3f:ab:4e:7c:4b:94:68:54:
9f:ca:97:63:15:9a:f9:f4:f3:b0:7f:03:07:42:66:00:fe:3f:
87:61:db:af:d5:10:d7:de:58:4c:6e:4c:04:fa:04:65:aa:78:
54:9e:6d:cf:8d:71:db:5b:12:81:32:d6:88:07:33:b2:ea:8c:
5d:b9:29:cc:94:d5:d4:1e:0b:4f:45:ac:52:cf:ea:69:bf:d6:
ec:41:a3:d0:cd:11:a7:93:6c:59:89:bb:48:cb:f5:af:c8:39:
50:8f:40:f2:c9:ec:01:22:64:e0:d1:e9:42:49:f4:30:ac:0d:
b0:b2:e0:08:46:05:6e:71:f6:39:69:cd:92:1d:31:f6:24:79:
69:96:79:77:b5:c9:ab:94:d7:35:35:6e:8f:b6:22:41:a2:10:
5b:03:7e:3f:3b:f9:26:c9:ec:8d:75:26:5a:8f:f8:38:eb:35:
6b:76:7c:fc:72:10:5e:17:c6:fe:e9:e7:49:59:97:a7:9e:fb:
a3:51:e9:d2:8f:36:ba:f8:6e:6e:67:d9:99:78:c1:1f:e4:3a:
7a:f1:4c:ac:0b:13:3e:4b:02:55:72:60:66:b2:36:ac:5e:af:
a0:ca:ca:e3:df:e3:8b:a5:6a:fa:5a:20:94:5f:ba:94:29:7c:
4e:9a:8c:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQ/d70sksOWAb1dTob4dwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzYwOTUyYzczM2Y2ZjJlZTkyNTRlZGNkMTRlMGRhYTc4
YjM4OGMwHhcNMjUwMjE2MjMwMDI3WhcNMjUwMjE3MjMwMDI3WjAzMTEwLwYDVQQD
Eyg5N2Y2Y2UzMmZlYjcwOTZiZWEyOGRmNDc0N2Q5MThkNzQ1NzhlODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ctLPARa1El+M52ETlPIAcxsGs7K
JJ1W8830cREGlu6/vywvYAdpiQS/PqxG6tnazW43q8s9rSbNGBtyBWSekQqRP7HX
3tGiOFI2DwI48vxv7xKCWvt0D+3uxyp3SvXENvOX4k4CyW4O3H3mAFdLe7QQHeMt
t+9Lwfw5wCK0vYmyD67X47wIyWLYEdo8PZIEiHdytNg1KCl50ayIv9TZTAuGvWEM
eAlGdq167f40Guq81IFfxmDLsg41NXO90bLh8gLlG4yazTQeFxPmUQ39X6mxpkaw
NS3RfYZ2/OE8ZbAtv3qVSykdb3wR6zd3GfO9w/qWzxK5jbXNmgoN2Jg3IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJf2zjL+twlr6ijfR0fZGNdFeOhSMB8GA1UdIwQY
MBaAFH92CVLHM/by7pJU7c0U4NqniziMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNZSlVzY3o5dkx1a2xUdHpSVGcycWVMT0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9iNjRhNTktOWZlZC00MWRhLWI4MzUt
OWFlODgwOWM4NTE1LzEvZjNZSlVzY3o5dkx1a2xUdHpSVGcycWVMT0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9iNjRhNTktOWZlZC00MWRhLWI4MzUtOWFlODgwOWM4NTE1
LzEvZjNZSlVzY3o5dkx1a2xUdHpSVGcycWVMT0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1yK5QdCp
pjTlFT+rTnxLlGhUn8qXYxWa+fTzsH8DB0JmAP4/h2Hbr9UQ195YTG5MBPoEZap4
VJ5tz41x21sSgTLWiAczsuqMXbkpzJTV1B4LT0WsUs/qab/W7EGj0M0Rp5NsWYm7
SMv1r8g5UI9A8snsASJk4NHpQkn0MKwNsLLgCEYFbnH2OWnNkh0x9iR5aZZ5d7XJ
q5TXNTVuj7YiQaIQWwN+Pzv5JsnsjXUmWo/4OOs1a3Z8/HIQXhfG/unnSVmXp577
o1Hp0o82uvhubmfZmXjBH+Q6evFMrAsTPksCVXJgZrI2rF6voMrK49/ji6Vq+log
lF+6lCl8TpqMhA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:29 2025 by rpki-client