Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
File: NQzOG50G3M6IVmWVNkmcFgM5E3A.mft (raw, json)
Hash identifier: boDDbSm98nqIeSQHZNELIhGrC+PR5blSfW0FvahDWS4=
Subject key identifier: 96:0D:0C:98:97:FA:C3:4B:87:9B:09:21:B3:32:B1:68:46:02:84:3E
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 018F874A3DBBEB37D17E65563D4B5C4D07B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
Manifest number: 1179
Signing time: Fri 17 May 2024 16:02:20 +0000
Manifest this update: Fri 17 May 2024 16:02:20 +0000
Manifest next update: Sat 18 May 2024 16:02:20 +0000
Files and hashes: 1: 0cKvWkFWGbY9Zq40I-EtAWNzL4M.roa (hash: a9BO9AKB6DhNAxk79BJC6zIhzBsbenju5rkGbPuevW8=)
2: NQzOG50G3M6IVmWVNkmcFgM5E3A.crl (hash: BVr8upqQbHwIEILFPFweOeI/b+xY8fJJ3gB3H2joTp4=)
3: f55MqkCCRAhXZYFZ4twUk79A1oM.roa (hash: q97a6HRFSo8oWun0n8W6Bghcf95F5eIDIda3HeuP9Jw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:87:4a:3d:bb:eb:37:d1:7e:65:56:3d:4b:5c:4d:07:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: May 17 16:02:20 2024 GMT
Not After : May 18 16:02:20 2024 GMT
Subject: CN=960d0c9897fac34b879b0921b332b1684602843e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:16:e8:5c:0f:c9:ea:87:0c:ff:19:7a:31:a2:
95:76:f4:c8:f6:bc:ea:db:97:a9:7f:c0:06:ea:4d:
0c:c9:46:7b:95:d5:2d:22:e8:5e:90:28:6c:b9:ac:
3f:4a:e7:66:7f:b9:00:ac:3f:5f:d5:ef:f3:ee:07:
f4:72:1e:55:f0:f4:26:49:c6:83:66:f0:d0:6b:57:
96:fa:fa:a8:34:fd:87:c6:f7:53:9d:49:9a:5a:a8:
12:3b:58:7f:b6:21:84:bb:e9:25:b6:78:7a:2b:a2:
d8:ed:15:40:fd:f3:d8:c0:54:cd:9d:15:af:3b:93:
8c:1b:24:40:06:78:40:9b:05:37:a8:a6:02:ae:d7:
10:b1:6a:99:1b:f2:0f:ce:b0:42:20:91:70:6c:ff:
3b:67:bf:bf:c1:7d:ae:be:df:8a:f5:c2:bd:c8:4e:
4d:91:7d:77:88:1e:98:e7:23:97:4b:63:01:94:3d:
73:a0:0d:de:65:82:6e:94:e8:2e:5a:13:47:0c:dc:
27:13:3e:e6:7a:bb:c9:44:31:ad:ca:1e:73:b6:ad:
16:dd:8e:15:ed:23:46:a2:b5:24:7e:36:96:9b:92:
eb:37:a4:f2:25:04:9e:2b:02:ad:24:f0:56:d7:42:
ee:4b:68:a2:bf:7b:2b:32:84:90:a7:dc:b2:19:5e:
65:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0D:0C:98:97:FA:C3:4B:87:9B:09:21:B3:32:B1:68:46:02:84:3E
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:4e:d4:4e:cc:e5:7f:a0:80:45:29:99:7f:01:5d:24:20:35:
f6:8a:bb:17:ff:2a:3c:cd:96:d6:1c:f5:1a:d6:a1:24:f2:5d:
32:29:4e:98:35:d5:f1:83:34:58:37:ea:44:a9:a0:da:5f:28:
02:20:fb:ab:68:3d:d5:4d:54:30:9c:e5:06:a6:52:97:79:95:
6a:21:ec:41:4b:0b:68:10:00:7e:fe:1c:d4:eb:a2:17:61:ae:
ac:16:86:95:d3:4c:e1:c9:df:c6:a1:13:40:a3:a5:f5:bd:50:
9c:9d:4e:ea:0e:b5:02:60:71:f2:f5:4c:fc:58:33:81:3a:7f:
c1:df:e4:06:c5:d6:6f:a6:5a:0f:ed:48:68:ea:46:5e:ec:6f:
8d:65:eb:b8:a5:58:44:c2:8e:7c:f4:11:0e:f8:61:1a:9c:54:
b2:51:cf:24:c0:c5:86:c0:10:48:a2:ab:44:9b:f1:6f:ab:97:
a9:13:e3:41:91:e1:48:ae:f2:45:8d:52:e9:c2:ef:c5:1b:be:
36:3f:e5:27:21:7c:3e:1a:93:bf:1f:b7:f7:0b:70:2b:0b:bc:
56:60:75:ca:b0:5b:4c:2c:4e:67:bd:cd:0b:25:f8:13:39:1e:
09:b7:c8:02:cd:a2:e5:6e:e4:11:00:23:72:aa:1e:c8:6a:a6:
71:c3:ee:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSj276zfRfmVWPUtcTQe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjQwNTE3MTYwMjIwWhcNMjQwNTE4MTYwMjIwWjAzMTEwLwYDVQQD
Eyg5NjBkMGM5ODk3ZmFjMzRiODc5YjA5MjFiMzMyYjE2ODQ2MDI4NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBboXA/J6ocM/xl6MaKVdvTI9rzq
25epf8AG6k0MyUZ7ldUtIuhekChsuaw/Sudmf7kArD9f1e/z7gf0ch5V8PQmScaD
ZvDQa1eW+vqoNP2HxvdTnUmaWqgSO1h/tiGEu+kltnh6K6LY7RVA/fPYwFTNnRWv
O5OMGyRABnhAmwU3qKYCrtcQsWqZG/IPzrBCIJFwbP87Z7+/wX2uvt+K9cK9yE5N
kX13iB6Y5yOXS2MBlD1zoA3eZYJulOguWhNHDNwnEz7mervJRDGtyh5ztq0W3Y4V
7SNGorUkfjaWm5LrN6TyJQSeKwKtJPBW10LuS2iiv3srMoSQp9yyGV5lRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYNDJiX+sNLh5sJIbMysWhGAoQ+MB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl07UTszl
f6CARSmZfwFdJCA19oq7F/8qPM2W1hz1GtahJPJdMilOmDXV8YM0WDfqRKmg2l8o
AiD7q2g91U1UMJzlBqZSl3mVaiHsQUsLaBAAfv4c1OuiF2GurBaGldNM4cnfxqET
QKOl9b1QnJ1O6g61AmBx8vVM/FgzgTp/wd/kBsXWb6ZaD+1IaOpGXuxvjWXruKVY
RMKOfPQRDvhhGpxUslHPJMDFhsAQSKKrRJvxb6uXqRPjQZHhSK7yRY1S6cLvxRu+
Nj/lJyF8PhqTvx+39wtwKwu8VmB1yrBbTCxOZ73NCyX4EzkeCbfIAs2i5W7kEQAj
cqoeyGqmccPung==
-----END CERTIFICATE-----
Generated at Fri May 17 23:43:21 2024 by rpki-client on console-ams.rpki-client.org