Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json)
Hash identifier: C/5gr1DerFHGHltOstQzRKvNNZJ/qPjart0LCX1YsBM=
Subject key identifier: 63:03:41:38:A6:88:FF:91:7C:59:6E:32:33:BB:1C:C6:37:D4:A9:5C
Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Certificate serial: 019512479A798DCA675AC8E7438A81A0F146
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
Manifest number: 10AA
Signing time: Mon 17 Feb 2025 05:00:37 +0000
Manifest this update: Mon 17 Feb 2025 05:00:37 +0000
Manifest next update: Tue 18 Feb 2025 05:00:37 +0000
Files and hashes: 1: SALrx8y5x39WJ8efwGiimpmg788.roa (hash: CtpmQiaYAVz0sehGOLMPmKtW82021GvqOFqhQ5ojIPI=)
2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: 91Mf/u2E62fCcjn2nomh9W0sm8Lva0OsrpXLwGld0GU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:47:9a:79:8d:ca:67:5a:c8:e7:43:8a:81:a0:f1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f
Validity
Not Before: Feb 17 05:00:37 2025 GMT
Not After : Feb 18 05:00:37 2025 GMT
Subject: CN=63034138a688ff917c596e3233bb1cc637d4a95c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:41:1b:f9:7c:c7:aa:71:43:7d:7b:d3:84:14:
cc:2b:13:74:37:f9:b0:0b:2f:a1:38:a1:b3:6d:d8:
02:cc:9f:e3:7e:78:87:9a:d9:05:6c:a6:1a:56:15:
3c:c5:fc:41:22:5a:40:80:8b:16:20:a3:a2:d4:5e:
d0:d8:b1:c8:34:d4:61:35:be:1f:33:c2:6b:c2:c7:
2c:9b:ff:3c:6a:0e:9b:d4:2a:46:64:a8:f3:d2:41:
01:bf:8f:1f:ef:88:8c:71:76:f8:27:92:a9:87:94:
9c:b3:df:49:e3:45:66:57:7e:3d:71:c4:e7:79:ad:
50:02:04:98:da:e1:c3:6e:96:eb:88:d6:f1:83:d7:
0e:b3:d6:68:4e:e3:98:a7:04:3d:3c:79:59:70:c2:
1a:74:e8:c9:20:d1:60:d6:d0:4c:02:8c:98:0a:30:
77:81:69:1d:85:90:54:fe:c4:f9:ce:5f:94:28:33:
2d:37:fd:23:20:01:11:45:8a:a8:20:ee:ab:df:e7:
1e:90:da:a0:e2:c2:f6:17:4e:0a:b9:53:d4:bf:fb:
d0:aa:86:9e:21:e6:df:da:58:2a:93:d4:c2:46:53:
90:bb:cc:53:b9:3e:d4:28:f1:6f:07:2b:3d:b3:e9:
04:15:f6:90:c0:4a:2d:9e:46:7a:01:81:87:db:5e:
12:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:03:41:38:A6:88:FF:91:7C:59:6E:32:33:BB:1C:C6:37:D4:A9:5C
X509v3 Authority Key Identifier:
keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:1b:36:e1:1d:e1:b7:21:3f:97:48:ea:25:5f:47:c3:16:77:
7a:8c:39:e9:b3:55:fd:53:52:28:3e:cb:fe:11:a7:90:f7:92:
eb:ee:b4:07:57:92:21:04:d9:79:21:ec:0e:b0:56:85:ca:03:
65:8d:25:6b:e2:fb:6c:1d:18:91:79:c5:a6:10:50:af:2f:07:
f4:5b:2a:28:c0:48:f1:9f:04:50:d4:d9:20:b4:2d:db:99:d5:
a9:cc:db:6a:9a:6e:3a:3a:a2:45:e2:83:8e:25:55:66:a6:fc:
47:f0:57:7a:3a:fc:9f:f9:33:b6:fa:12:de:6f:a8:35:b5:3f:
ec:66:f1:76:8e:12:07:81:61:cd:e8:25:4e:a2:03:b2:01:08:
48:19:d3:18:9a:85:af:e4:77:13:85:be:71:9d:e4:47:0b:60:
bb:30:0b:01:6b:77:8a:a0:72:44:17:e3:42:12:21:72:f5:f3:
9a:c2:f7:7b:26:cd:9c:8f:d1:a7:1d:79:ee:11:a4:25:ea:d3:
8e:12:29:a1:32:2e:ef:78:3d:8d:5a:0d:23:de:f1:7e:6e:5b:
23:9e:10:ac:5c:f2:ac:13:ae:30:bd:d5:9f:a6:27:11:ca:bd:
58:fb:79:46:e8:39:af:56:4b:59:5a:82:08:f0:ed:85:97:df:
d8:05:80:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSR5p5jcpnWsjnQ4qBoPFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk
NTM5NmYwHhcNMjUwMjE3MDUwMDM3WhcNMjUwMjE4MDUwMDM3WjAzMTEwLwYDVQQD
Eyg2MzAzNDEzOGE2ODhmZjkxN2M1OTZlMzIzM2JiMWNjNjM3ZDRhOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0Eb+XzHqnFDfXvThBTMKxN0N/mw
Cy+hOKGzbdgCzJ/jfniHmtkFbKYaVhU8xfxBIlpAgIsWIKOi1F7Q2LHINNRhNb4f
M8Jrwscsm/88ag6b1CpGZKjz0kEBv48f74iMcXb4J5Kph5Scs99J40VmV349ccTn
ea1QAgSY2uHDbpbriNbxg9cOs9ZoTuOYpwQ9PHlZcMIadOjJINFg1tBMAoyYCjB3
gWkdhZBU/sT5zl+UKDMtN/0jIAERRYqoIO6r3+cekNqg4sL2F04KuVPUv/vQqoae
Iebf2lgqk9TCRlOQu8xTuT7UKPFvBys9s+kEFfaQwEotnkZ6AYGH214S/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMDQTimiP+RfFluMjO7HMY31KlcMB8GA1UdIwQY
MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt
MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl
LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlhs24R3h
tyE/l0jqJV9HwxZ3eow56bNV/VNSKD7L/hGnkPeS6+60B1eSIQTZeSHsDrBWhcoD
ZY0la+L7bB0YkXnFphBQry8H9FsqKMBI8Z8EUNTZILQt25nVqczbappuOjqiReKD
jiVVZqb8R/BXejr8n/kztvoS3m+oNbU/7Gbxdo4SB4FhzeglTqIDsgEISBnTGJqF
r+R3E4W+cZ3kRwtguzALAWt3iqByRBfjQhIhcvXzmsL3eybNnI/Rpx157hGkJerT
jhIpoTIu73g9jVoNI97xfm5bI54QrFzyrBOuML3Vn6YnEcq9WPt5Rug5r1ZLWVqC
CPDthZff2AWARw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:09 2025 by rpki-client