Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
File: l2aFR6QzND3em7NllbyQO08UlgQ.mft (raw, json)
Hash identifier: l4CUxLtRXom+Q/miSMvlkXz/WO5xMxy0rjj2GrPejrg=
Subject key identifier: 21:CE:22:E3:37:EE:BF:03:DF:8B:71:40:FB:EE:D0:25:06:DC:81:C1
Authority key identifier: 97:66:85:47:A4:33:34:3D:DE:9B:B3:65:95:BC:90:3B:4F:14:96:04
Certificate issuer: /CN=97668547a433343dde9bb36595bc903b4f149604
Certificate serial: 0194C4637E110D81EBDA9D2B1599D9A50DEC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
Manifest number: 1433
Signing time: Sun 02 Feb 2025 02:00:42 +0000
Manifest this update: Sun 02 Feb 2025 02:00:42 +0000
Manifest next update: Mon 03 Feb 2025 02:00:42 +0000
Files and hashes: 1: 4iS4euTiQtItVR9HBATrZ2d1jzs.roa (hash: Nz/wJMhE4IZvQI592qdr0LdN9YN/43igAFLk6lhCh5w=)
2: l2aFR6QzND3em7NllbyQO08UlgQ.crl (hash: mqqgxvWa348D6NQszIdxXMXyVGKy8U8VfSOiA/18d3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:63:7e:11:0d:81:eb:da:9d:2b:15:99:d9:a5:0d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97668547a433343dde9bb36595bc903b4f149604
Validity
Not Before: Feb 2 02:00:42 2025 GMT
Not After : Feb 3 02:00:42 2025 GMT
Subject: CN=21ce22e337eebf03df8b7140fbeed02506dc81c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ca:2d:b9:37:c0:82:6d:71:34:89:f3:f4:06:
c3:37:35:41:db:b6:9e:28:1d:3d:72:02:3f:00:be:
15:aa:f6:d3:1f:f7:f2:33:12:55:0b:d5:63:c3:88:
3e:ae:3f:55:b5:53:74:01:87:3f:39:d3:d7:ae:fb:
2d:4d:dc:2d:09:50:04:c4:cc:f0:7c:18:1c:1e:ec:
12:84:d5:57:88:9a:77:d6:79:5a:cb:20:84:8e:90:
e0:8a:67:f6:01:a3:87:0d:df:09:c9:14:87:74:6b:
bd:c8:d9:8a:66:67:e9:f6:63:42:d3:a2:14:6c:73:
bb:70:a5:70:bd:ef:93:7a:bc:6a:a6:63:52:26:65:
e5:ae:1d:5e:ae:27:8e:32:27:d9:be:6f:c4:89:ba:
78:df:5a:d1:81:e3:55:5b:eb:67:e0:f8:b2:1b:13:
ee:db:5e:10:aa:53:d6:e4:27:4c:0b:86:bc:a4:6e:
4f:9a:8e:aa:4f:a9:75:9d:56:09:36:aa:65:6b:26:
e0:24:f7:a8:b2:eb:3f:6f:b4:d8:d3:44:24:75:9c:
ee:b2:1b:d4:92:67:8e:93:eb:56:5c:90:92:91:27:
e1:5c:18:28:7f:3c:cb:86:c2:b2:2a:37:b3:87:e8:
d9:b9:38:26:1a:4e:ee:82:70:48:f1:e3:b0:6b:b3:
bd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CE:22:E3:37:EE:BF:03:DF:8B:71:40:FB:EE:D0:25:06:DC:81:C1
X509v3 Authority Key Identifier:
keyid:97:66:85:47:A4:33:34:3D:DE:9B:B3:65:95:BC:90:3B:4F:14:96:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l2aFR6QzND3em7NllbyQO08UlgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/978c2e-1b76-48b0-a603-64c1c279ccc0/1/l2aFR6QzND3em7NllbyQO08UlgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:6f:b7:77:3f:6c:f0:4c:92:8b:6a:0c:c5:ff:f1:10:78:57:
84:d1:f2:45:2b:c6:dc:00:26:c5:76:7c:d9:7b:9f:f1:25:b8:
07:3b:69:4a:58:56:f1:59:7a:ce:09:70:e5:14:8b:bc:aa:63:
2a:58:33:76:a3:de:85:67:27:d4:56:31:22:3b:eb:4f:d3:c1:
6a:b1:26:fd:a8:5f:c6:cb:f6:28:76:42:aa:76:5f:7b:fd:32:
98:0f:59:06:db:a9:c1:f5:d2:d3:65:4f:14:05:d6:ac:36:4e:
44:f7:62:8e:34:3b:04:a1:98:b8:10:05:4e:4f:ab:39:07:2e:
22:1c:16:41:42:16:02:44:e0:9a:12:44:45:95:0d:dc:44:75:
ff:e0:13:44:6a:9d:bd:cb:be:cb:5c:47:7a:7a:ee:30:e0:56:
97:74:23:b9:05:e8:3a:2a:b2:14:d5:ce:d7:ca:c2:3f:5a:da:
ca:b8:4a:f5:ad:b1:bc:e9:f1:da:fa:e0:43:51:62:b6:7b:a8:
d5:8e:ca:3f:a4:0a:c8:25:fb:60:2b:1f:17:ab:16:0c:52:3d:
85:e7:68:a8:23:e5:b5:10:ac:d3:7e:40:1f:37:d4:88:05:4c:
a8:8d:06:93:f6:53:d4:39:18:95:fa:0a:ee:02:1b:4d:cc:ae:
cf:d5:d0:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEY34RDYHr2p0rFZnZpQ3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NjY4NTQ3YTQzMzM0M2RkZTliYjM2NTk1YmM5MDNiNGYx
NDk2MDQwHhcNMjUwMjAyMDIwMDQyWhcNMjUwMjAzMDIwMDQyWjAzMTEwLwYDVQQD
EygyMWNlMjJlMzM3ZWViZjAzZGY4YjcxNDBmYmVlZDAyNTA2ZGM4MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcotuTfAgm1xNInz9AbDNzVB27ae
KB09cgI/AL4VqvbTH/fyMxJVC9Vjw4g+rj9VtVN0AYc/OdPXrvstTdwtCVAExMzw
fBgcHuwShNVXiJp31nlayyCEjpDgimf2AaOHDd8JyRSHdGu9yNmKZmfp9mNC06IU
bHO7cKVwve+TerxqpmNSJmXlrh1erieOMifZvm/Eibp431rRgeNVW+tn4PiyGxPu
214QqlPW5CdMC4a8pG5Pmo6qT6l1nVYJNqplaybgJPeosus/b7TY00QkdZzushvU
kmeOk+tWXJCSkSfhXBgofzzLhsKyKjezh+jZuTgmGk7ugnBI8eOwa7O9oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHOIuM37r8D34txQPvu0CUG3IHBMB8GA1UdIwQY
MBaAFJdmhUekMzQ93puzZZW8kDtPFJYEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS85NzhjMmUtMWI3Ni00OGIwLWE2MDMt
NjRjMWMyNzljY2MwLzEvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS85NzhjMmUtMWI3Ni00OGIwLWE2MDMtNjRjMWMyNzljY2Mw
LzEvbDJhRlI2UXpORDNlbTdObGxieVFPMDhVbGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFm+3dz9s
8EySi2oMxf/xEHhXhNHyRSvG3AAmxXZ82Xuf8SW4BztpSlhW8Vl6zglw5RSLvKpj
KlgzdqPehWcn1FYxIjvrT9PBarEm/ahfxsv2KHZCqnZfe/0ymA9ZBtupwfXS02VP
FAXWrDZORPdijjQ7BKGYuBAFTk+rOQcuIhwWQUIWAkTgmhJERZUN3ER1/+ATRGqd
vcu+y1xHenruMOBWl3QjuQXoOiqyFNXO18rCP1rayrhK9a2xvOnx2vrgQ1Fitnuo
1Y7KP6QKyCX7YCsfF6sWDFI9hedoqCPltRCs035AHzfUiAVMqI0Gk/ZT1DkYlfoK
7gIbTcyuz9XQNA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:56:46 2025 by rpki-client