Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json)
Hash identifier: m6ohlM5V4uv4wSQK5jAhMVeytUSyWrn5s8QPcI06dEk=
Subject key identifier: C1:BD:2D:8C:03:38:01:97:BF:19:E8:19:B9:6E:B8:1B:BD:63:8C:4B
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 019511347C3E112866C4E77D7013829B2A41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
Manifest number: 1458
Signing time: Mon 17 Feb 2025 00:00:06 +0000
Manifest this update: Mon 17 Feb 2025 00:00:06 +0000
Manifest next update: Tue 18 Feb 2025 00:00:06 +0000
Files and hashes: 1: DFk17XzVK0-2LT-y57eUHLqsGoE.roa (hash: dXqY+iE+GyZrGAN3VZSoDHBgCd8KrkAD+zhIs/sw6B0=)
2: InA1Og6sR4YUgU6o-aAa42NlxCE.roa (hash: +mBUSakr5JllZ5ayoZAKPyK7MyouaEc8pwLjmxou6hg=)
3: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: 7P7q3Evuvbw5VqI4FBrpjf3FGxm4Gejw53q39Du4bR8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:34:7c:3e:11:28:66:c4:e7:7d:70:13:82:9b:2a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: Feb 17 00:00:06 2025 GMT
Not After : Feb 18 00:00:06 2025 GMT
Subject: CN=c1bd2d8c03380197bf19e819b96eb81bbd638c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2b:d6:3e:1c:9c:ed:00:dd:e9:69:ef:18:cf:
d6:47:cc:28:41:50:90:da:ca:30:28:39:e2:60:86:
33:c6:33:ba:e5:fa:40:3f:ad:e6:da:f7:8b:b0:be:
6c:8b:42:0c:6e:7f:13:7a:95:31:49:f0:b2:a2:73:
24:0f:d9:4e:d7:14:f0:a2:fa:a8:83:3b:db:4d:15:
f7:a2:43:b7:30:8e:c3:d4:1f:51:32:dc:19:b6:4f:
21:fb:75:02:3e:ed:81:f2:d8:b9:a6:cd:fc:4d:79:
bd:39:6d:f6:8a:ac:ce:a5:97:07:e2:d9:95:d1:ed:
3e:f7:d0:ec:4c:e3:1a:e7:81:20:29:de:2b:11:78:
08:83:74:cd:9b:50:f5:67:a6:6d:9e:20:b5:d6:23:
63:67:4f:47:41:de:de:e0:c0:85:6e:01:41:e2:0a:
1f:20:16:e7:c6:dd:18:eb:6a:b9:c5:93:4a:85:96:
ee:17:5c:d0:da:5e:4b:21:8a:2c:db:6d:53:ed:99:
6d:54:d9:de:a3:49:18:1f:66:b1:7d:57:20:21:de:
cd:e6:67:29:c4:ef:58:76:c7:5e:39:98:eb:f4:3e:
9d:27:5a:e8:02:3b:a6:11:d8:53:f1:39:81:c8:9e:
86:a4:c2:e5:58:58:4d:6f:f0:6c:de:79:d0:30:95:
f2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:BD:2D:8C:03:38:01:97:BF:19:E8:19:B9:6E:B8:1B:BD:63:8C:4B
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:ad:35:17:2b:8f:e3:e9:18:b1:c4:f5:55:37:16:f9:6b:64:
f6:97:03:bc:d5:27:8a:6d:9a:ff:70:78:2b:5e:d5:84:bf:4a:
8b:79:17:ce:71:61:5c:ec:bd:12:1f:b7:52:fb:eb:8f:8b:af:
c0:27:46:90:ac:67:a1:58:17:96:bb:97:7e:b6:8c:1c:58:03:
e8:e7:71:37:c9:6f:35:52:92:51:9b:d1:2e:87:45:6f:8c:fc:
7b:82:d7:d8:87:76:c4:c9:f9:b7:23:88:8e:27:75:eb:cb:7e:
00:71:a4:9d:34:a2:85:d3:c8:0e:eb:2f:b3:df:56:ea:58:93:
c3:eb:8b:f5:04:5d:61:9e:2a:c0:33:94:81:78:70:1e:c4:a5:
4a:18:cb:46:7b:40:4a:02:f0:2f:ad:a4:5f:b2:cf:79:e2:cf:
f8:28:06:69:bd:d3:80:21:41:50:54:9d:86:e8:d1:2a:8f:f5:
8d:13:86:c0:31:a4:fa:c0:34:7b:cd:86:d4:e5:49:f1:08:9a:
06:6e:99:f6:cd:c6:ec:46:cc:f4:82:12:81:e5:13:84:34:3f:
28:28:32:be:1f:78:78:d4:1f:b5:73:7e:5e:55:51:ea:18:04:
20:b2:ee:65:14:fb:00:c6:f9:46:a9:7b:a0:0d:1b:da:9c:90:
76:7d:a2:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNHw+EShmxOd9cBOCmypBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjUwMjE3MDAwMDA2WhcNMjUwMjE4MDAwMDA2WjAzMTEwLwYDVQQD
EyhjMWJkMmQ4YzAzMzgwMTk3YmYxOWU4MTliOTZlYjgxYmJkNjM4YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyvWPhyc7QDd6WnvGM/WR8woQVCQ
2sowKDniYIYzxjO65fpAP63m2veLsL5si0IMbn8TepUxSfCyonMkD9lO1xTwovqo
gzvbTRX3okO3MI7D1B9RMtwZtk8h+3UCPu2B8ti5ps38TXm9OW32iqzOpZcH4tmV
0e0+99DsTOMa54EgKd4rEXgIg3TNm1D1Z6ZtniC11iNjZ09HQd7e4MCFbgFB4gof
IBbnxt0Y62q5xZNKhZbuF1zQ2l5LIYos221T7ZltVNneo0kYH2axfVcgId7N5mcp
xO9YdsdeOZjr9D6dJ1roAjumEdhT8TmByJ6GpMLlWFhNb/Bs3nnQMJXyIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMG9LYwDOAGXvxnoGbluuBu9Y4xLMB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK601FyuP
4+kYscT1VTcW+Wtk9pcDvNUnim2a/3B4K17VhL9Ki3kXznFhXOy9Eh+3Uvvrj4uv
wCdGkKxnoVgXlruXfraMHFgD6OdxN8lvNVKSUZvRLodFb4z8e4LX2Id2xMn5tyOI
jid168t+AHGknTSihdPIDusvs99W6liTw+uL9QRdYZ4qwDOUgXhwHsSlShjLRntA
SgLwL62kX7LPeeLP+CgGab3TgCFBUFSdhujRKo/1jROGwDGk+sA0e82G1OVJ8Qia
Bm6Z9s3G7EbM9IISgeUThDQ/KCgyvh94eNQftXN+XlVR6hgEILLuZRT7AMb5Rql7
oA0b2pyQdn2iKw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:46 2025 by rpki-client