Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
File: HxKTy74vaSVA08xaboI2YElMQGM.mft (raw, json)
Hash identifier: a4CPG5Rvecoc5k5sr/VfU9l6VHvL2P38IGN0GPBYASs=
Subject key identifier: AA:77:01:01:C1:7B:32:A3:9D:CB:3E:26:EC:18:3B:E8:E5:1D:77:94
Authority key identifier: 1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
Certificate issuer: /CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Certificate serial: 0195116BFDC87C9014BDB6DDB93B3C9CB6F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
Manifest number: 0BD9
Signing time: Mon 17 Feb 2025 01:00:44 +0000
Manifest this update: Mon 17 Feb 2025 01:00:44 +0000
Manifest next update: Tue 18 Feb 2025 01:00:44 +0000
Files and hashes: 1: HxKTy74vaSVA08xaboI2YElMQGM.crl (hash: P1Wvi7GbjdFLOdbL29h8Ryizs5KRJN1TOh2YVmU71lI=)
2: qBbXPlomssD9zrP_xFljqdR0LbI.roa (hash: Gow+NF8w68xqHQfvdIHVUtAvsOi+ZzLSZN8/SeU/9ok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:6b:fd:c8:7c:90:14:bd:b6:dd:b9:3b:3c:9c:b6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Validity
Not Before: Feb 17 01:00:44 2025 GMT
Not After : Feb 18 01:00:44 2025 GMT
Subject: CN=aa770101c17b32a39dcb3e26ec183be8e51d7794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:12:58:aa:19:52:e1:32:ec:e7:ee:60:67:50:
ee:ab:65:a5:6f:17:b0:7c:3d:6c:ba:79:42:61:e2:
a9:33:08:9b:0a:3c:0f:38:d8:30:37:bd:d6:6b:ad:
20:d0:b2:f8:4c:4e:82:a2:92:13:fe:75:ca:a1:6c:
a8:a4:94:03:10:42:ba:3a:e1:4b:46:5f:5c:03:6c:
cb:bf:d4:5e:30:8a:aa:52:7f:7f:df:99:57:a1:fd:
9c:c8:44:d7:33:dd:11:80:ca:27:c7:e5:27:bf:89:
b5:97:d6:58:92:cc:7f:40:e5:f7:5f:64:1b:95:c3:
82:f8:91:ee:2a:24:0d:b2:48:b6:4d:b5:f0:50:65:
87:d1:07:6e:df:61:12:13:0e:56:bd:70:e6:ba:32:
17:3b:a8:8b:73:65:f2:10:e7:b4:40:de:28:87:06:
44:62:53:d8:db:a5:c8:de:38:dc:98:be:b7:e0:e5:
a6:f5:0c:6d:20:d9:75:fb:15:3b:34:1f:fd:cc:9a:
da:fc:fc:52:03:2b:4b:1e:de:ef:35:ca:ea:35:f2:
74:02:9a:e0:61:ba:81:e7:11:c7:bf:a3:16:16:b1:
2f:b8:2c:fa:2d:c5:a1:16:9f:6f:9f:77:e3:00:2b:
89:23:33:72:d9:6f:bb:2e:f0:15:63:c2:9f:81:4a:
9a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:77:01:01:C1:7B:32:A3:9D:CB:3E:26:EC:18:3B:E8:E5:1D:77:94
X509v3 Authority Key Identifier:
keyid:1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:e9:68:9c:99:3e:4a:c4:84:27:5c:31:2c:b5:12:92:f3:17:
0c:e1:7f:b6:0b:79:cf:8a:c9:c1:5a:18:70:c4:78:59:31:a5:
a7:32:15:5e:63:2f:86:e0:35:36:44:c4:6d:7f:c6:6f:08:22:
b6:a1:e8:86:8b:28:69:9e:df:c8:ae:92:64:54:8c:a9:f1:7d:
b1:19:f1:65:19:c6:3e:ce:a9:19:fc:7e:49:01:74:7b:24:64:
78:f7:fd:bb:80:50:ef:84:54:e0:41:90:43:4b:d1:13:e7:51:
09:bf:6b:85:7b:aa:f6:0a:f8:27:87:1e:c6:1a:c2:fe:f3:3c:
b5:42:82:2f:ea:a6:34:0a:0a:7b:47:98:0a:67:ab:a3:42:c5:
a1:72:4e:d6:7b:c5:1a:30:4a:be:5f:1b:70:9a:03:c4:29:ba:
ad:2b:3a:b6:f3:53:0e:1e:61:bd:31:3b:cd:16:c6:9b:8b:6a:
14:34:de:4c:66:17:60:7f:25:54:1e:67:2c:75:47:97:ce:3a:
34:aa:87:7f:28:c5:c4:2f:b2:b8:9e:41:ab:63:55:a7:e7:ce:
40:44:4c:b0:0a:36:b7:f1:ec:8b:1b:ff:37:a7:23:fa:bf:73:
b7:c1:ff:d9:4a:87:c6:e7:6f:ba:4f:39:6d:d3:66:c8:6f:65:
60:09:15:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa/3IfJAUvbbduTs8nLbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMTI5M2NiYmUyZjY5MjU0MGQzY2M1YTZlODIzNjYwNDk0
YzQwNjMwHhcNMjUwMjE3MDEwMDQ0WhcNMjUwMjE4MDEwMDQ0WjAzMTEwLwYDVQQD
EyhhYTc3MDEwMWMxN2IzMmEzOWRjYjNlMjZlYzE4M2JlOGU1MWQ3Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xJYqhlS4TLs5+5gZ1Duq2Wlbxew
fD1sunlCYeKpMwibCjwPONgwN73Wa60g0LL4TE6CopIT/nXKoWyopJQDEEK6OuFL
Rl9cA2zLv9ReMIqqUn9/35lXof2cyETXM90RgMonx+Unv4m1l9ZYksx/QOX3X2Qb
lcOC+JHuKiQNski2TbXwUGWH0Qdu32ESEw5WvXDmujIXO6iLc2XyEOe0QN4ohwZE
YlPY26XI3jjcmL634OWm9QxtINl1+xU7NB/9zJra/PxSAytLHt7vNcrqNfJ0Aprg
YbqB5xHHv6MWFrEvuCz6LcWhFp9vn3fjACuJIzNy2W+7LvAVY8KfgUqaawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKp3AQHBezKjncs+JuwYO+jlHXeUMB8GA1UdIwQY
MBaAFB8Sk8u+L2klQNPMWm6CNmBJTEBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQt
MjY5NzE1OTlhNTU0LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQtMjY5NzE1OTlhNTU0
LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+lonJk+
SsSEJ1wxLLUSkvMXDOF/tgt5z4rJwVoYcMR4WTGlpzIVXmMvhuA1NkTEbX/Gbwgi
tqHohosoaZ7fyK6SZFSMqfF9sRnxZRnGPs6pGfx+SQF0eyRkePf9u4BQ74RU4EGQ
Q0vRE+dRCb9rhXuq9gr4J4cexhrC/vM8tUKCL+qmNAoKe0eYCmero0LFoXJO1nvF
GjBKvl8bcJoDxCm6rSs6tvNTDh5hvTE7zRbGm4tqFDTeTGYXYH8lVB5nLHVHl846
NKqHfyjFxC+yuJ5Bq2NVp+fOQERMsAo2t/Hsixv/N6cj+r9zt8H/2UqHxudvuk85
bdNmyG9lYAkV5A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:01 2025 by rpki-client