Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
File: XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft (raw, json)
Hash identifier: 2XN1oQSguDIgjonH4/qdnkTEuIYHqmaeBE2/8BYe1qk=
Subject key identifier: 9B:EF:65:5C:4D:0F:66:9D:7F:CE:45:D0:67:80:E1:60:E3:7E:5D:68
Authority key identifier: 5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
Certificate issuer: /CN=5dc67c6be367ab9e941d1427d050449447b8865c
Certificate serial: 019511D936B0260B264C25E6B1535619CA6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
Manifest number: 145D
Signing time: Mon 17 Feb 2025 03:00:02 +0000
Manifest this update: Mon 17 Feb 2025 03:00:02 +0000
Manifest next update: Tue 18 Feb 2025 03:00:02 +0000
Files and hashes: 1: A0W4NLtnqVewyPWtMUlDJQbCQXE.roa (hash: MYxIYetVdJmSAzMctuQMtMzPS4ahJ2EbSnELEfjBMw0=)
2: XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl (hash: dUBe7+Ft6Rwdzyeikoa3IUBQGN7WAU0qsnyy2h0iOok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:d9:36:b0:26:0b:26:4c:25:e6:b1:53:56:19:ca:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc67c6be367ab9e941d1427d050449447b8865c
Validity
Not Before: Feb 17 03:00:02 2025 GMT
Not After : Feb 18 03:00:02 2025 GMT
Subject: CN=9bef655c4d0f669d7fce45d06780e160e37e5d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9f:9e:91:d3:fa:3f:20:e2:ac:6f:83:a0:16:
29:b6:59:9e:b1:77:9b:0b:2e:18:09:ad:a1:ee:5e:
b5:6c:b4:ad:9a:e3:be:49:50:5e:70:26:60:ad:03:
88:18:70:c1:9b:40:6b:aa:2b:2d:02:a6:83:91:c2:
71:af:7b:c0:7d:82:2b:85:bb:f5:60:e3:2a:0c:05:
dc:87:74:44:47:43:69:16:d3:17:fa:90:0b:e8:61:
e2:23:f2:57:7b:79:3a:ca:a0:72:29:48:9c:8d:f5:
59:b2:31:2b:b0:ae:9d:36:ff:45:ab:40:6d:f0:6c:
68:bd:a6:fe:5c:74:b9:e4:2c:86:5c:17:52:cb:21:
d4:80:21:1a:e1:c4:1e:3f:24:82:38:15:88:b7:c7:
f6:39:60:aa:f9:06:a5:a3:bc:49:bf:ac:89:14:37:
d3:91:39:0d:3a:f5:8f:72:c0:c0:69:9e:1b:86:d0:
46:1f:a8:8f:4e:a9:f8:ee:17:df:17:c2:96:b5:c6:
35:fa:0a:90:f7:4c:7e:bf:ff:41:4e:38:59:1b:c7:
05:d6:30:b3:db:5b:f2:82:29:b9:56:c9:22:ad:64:
27:a0:fb:35:3d:08:0d:cc:14:59:cc:84:3a:6d:7b:
58:a4:45:b7:62:09:b4:1e:79:6a:0f:ef:d6:40:24:
15:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EF:65:5C:4D:0F:66:9D:7F:CE:45:D0:67:80:E1:60:E3:7E:5D:68
X509v3 Authority Key Identifier:
keyid:5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:9a:b0:45:d3:82:f3:f1:59:3a:2d:30:9b:e4:b1:1f:8c:02:
41:04:99:14:f0:a9:f6:7d:8e:f7:d0:42:ef:6b:9d:7d:32:a5:
7b:50:7e:f1:62:a5:73:79:ff:ec:28:19:e0:66:17:95:24:c1:
e8:21:22:4d:11:04:5a:7f:1c:1c:20:88:cc:0d:32:bf:85:6e:
d9:6b:ac:17:b4:d8:e0:74:8e:83:00:80:41:98:7f:c3:b8:0d:
60:06:95:45:e7:8a:87:45:09:43:c5:f8:41:32:ba:dd:28:b5:
f8:be:80:b5:ab:57:95:e5:7b:b3:02:5a:9d:05:43:5b:17:ca:
5b:3c:24:e8:99:44:43:5b:18:43:75:1c:50:f7:fe:e5:da:50:
30:4c:c7:37:29:ef:e8:35:9f:4e:20:60:21:ab:d9:32:7a:9d:
0f:c9:82:a5:67:ff:43:7f:f2:52:f2:1f:6b:06:e9:51:8a:ca:
ff:a5:51:94:8a:78:73:2d:01:b6:1b:bc:da:38:9b:4c:f2:23:
33:73:77:81:8d:04:04:61:58:4f:a4:ba:c3:8a:ef:b6:cc:32:
4d:a7:b4:5d:a6:84:ef:64:37:f1:6b:1d:a8:c5:fb:49:88:2b:
b5:e3:2a:ba:fe:3d:d6:1d:ef:0f:3d:eb:39:d8:62:53:6b:41:
8c:49:10:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2TawJgsmTCXmsVNWGcptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzY3YzZiZTM2N2FiOWU5NDFkMTQyN2QwNTA0NDk0NDdi
ODg2NWMwHhcNMjUwMjE3MDMwMDAyWhcNMjUwMjE4MDMwMDAyWjAzMTEwLwYDVQQD
Eyg5YmVmNjU1YzRkMGY2NjlkN2ZjZTQ1ZDA2NzgwZTE2MGUzN2U1ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5+ekdP6PyDirG+DoBYptlmesXeb
Cy4YCa2h7l61bLStmuO+SVBecCZgrQOIGHDBm0BrqistAqaDkcJxr3vAfYIrhbv1
YOMqDAXch3RER0NpFtMX+pAL6GHiI/JXe3k6yqByKUicjfVZsjErsK6dNv9Fq0Bt
8Gxovab+XHS55CyGXBdSyyHUgCEa4cQePySCOBWIt8f2OWCq+Qalo7xJv6yJFDfT
kTkNOvWPcsDAaZ4bhtBGH6iPTqn47hffF8KWtcY1+gqQ90x+v/9BTjhZG8cF1jCz
21vygim5VskirWQnoPs1PQgNzBRZzIQ6bXtYpEW3Ygm0HnlqD+/WQCQVxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJvvZVxND2adf85F0GeA4WDjfl1oMB8GA1UdIwQY
MBaAFF3GfGvjZ6uelB0UJ9BQRJRHuIZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2It
ODk3OTlkZWFkYzQ3LzEvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2ItODk3OTlkZWFkYzQ3
LzEvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJqwRdOC
8/FZOi0wm+SxH4wCQQSZFPCp9n2O99BC72udfTKle1B+8WKlc3n/7CgZ4GYXlSTB
6CEiTREEWn8cHCCIzA0yv4Vu2WusF7TY4HSOgwCAQZh/w7gNYAaVReeKh0UJQ8X4
QTK63Si1+L6AtatXleV7swJanQVDWxfKWzwk6JlEQ1sYQ3UcUPf+5dpQMEzHNynv
6DWfTiBgIavZMnqdD8mCpWf/Q3/yUvIfawbpUYrK/6VRlIp4cy0Bthu82jibTPIj
M3N3gY0EBGFYT6S6w4rvtswyTae0XaaE72Q38WsdqMX7SYgrteMquv491h3vDz3r
OdhiU2tBjEkQOQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:17 2025 by rpki-client