Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: ReHv0uwCzBMky3MW6CYyNR1AfrCySxwPBm+MDfULJNM=
Subject key identifier: 5B:E8:33:8E:45:07:7E:61:01:FF:A7:C6:E3:77:D1:8D:6E:B7:5F:FD
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 0194C499EAB64B7025EBD563228F31CA75D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 75
Signing time: Sun 02 Feb 2025 03:00:08 +0000
Manifest this update: Sun 02 Feb 2025 03:00:08 +0000
Manifest next update: Mon 03 Feb 2025 03:00:08 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: P2XRy0PjZNX0mOFpQZeSPD6D9WijV6TNtqS5c0fIry4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:99:ea:b6:4b:70:25:eb:d5:63:22:8f:31:ca:75:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Feb 2 03:00:08 2025 GMT
Not After : Feb 3 03:00:08 2025 GMT
Subject: CN=5be8338e45077e6101ffa7c6e377d18d6eb75ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:76:29:4b:35:1e:00:91:3f:27:a5:74:a8:40:
04:82:bf:5c:a2:d2:6a:3f:29:87:2c:41:55:8b:08:
07:84:a6:2c:a2:7e:cf:0b:e5:9a:51:e8:e1:93:c2:
ad:3c:58:aa:77:2b:85:31:3b:9c:ea:1a:05:ca:19:
5f:5d:03:8f:65:5c:65:ff:f0:f7:65:ec:8f:f5:76:
d1:2c:29:de:53:1a:fc:bc:79:f5:32:8e:54:54:ef:
d3:31:94:be:d1:77:08:41:21:5f:80:f1:3b:01:fb:
d5:72:5a:ca:31:9d:3c:6b:b7:ff:46:25:29:0c:e0:
16:b2:2a:f1:df:ff:1f:16:99:6f:f5:c8:71:81:a9:
4a:b0:1a:9e:eb:f8:fd:68:dc:90:a3:8b:09:ad:aa:
63:ba:1d:0e:f7:62:82:1c:e5:2a:a6:52:b3:52:c7:
14:ca:c8:26:c4:47:f1:3b:43:04:3e:c9:0c:bf:74:
7b:1b:f3:08:30:9c:01:0c:1e:bf:3a:4e:92:d0:db:
6d:5b:e4:4a:13:c8:c6:37:90:31:0b:36:46:67:a2:
dd:aa:22:fa:89:25:bf:12:c0:cc:37:0c:57:23:7b:
98:2a:f9:f2:79:b4:1f:75:ee:6e:a6:e6:93:07:0f:
c0:5a:18:28:13:62:84:35:a9:9c:66:87:cb:e2:aa:
16:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E8:33:8E:45:07:7E:61:01:FF:A7:C6:E3:77:D1:8D:6E:B7:5F:FD
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:73:76:b9:e7:bb:39:ce:78:e1:97:5c:27:c9:a0:49:60:6f:
56:3f:06:e8:80:a1:93:48:5b:41:30:11:ce:59:53:e1:35:eb:
df:d5:84:b8:f9:45:56:53:e7:8e:dd:c7:5f:cd:fa:cd:4b:37:
25:69:9f:3f:21:cf:c9:cd:d4:d6:96:85:cd:ba:54:f3:af:1f:
4b:dd:a2:0f:a0:a2:5a:10:d7:80:91:0e:03:8c:fe:95:bb:e4:
69:2e:e3:61:35:6b:94:1b:d4:65:73:35:dd:96:55:be:fc:e2:
68:4c:dc:a2:87:fd:54:89:e5:71:bb:e4:8a:e5:d4:f1:32:6e:
3c:e1:40:6a:2e:07:6e:9a:37:d3:1e:ef:1b:dc:7b:88:8f:28:
1e:ea:6b:74:f4:1b:0c:98:d9:37:70:04:62:64:c5:19:e1:fb:
cb:a3:86:07:1d:ab:d4:4b:06:cd:ea:cb:92:ec:c5:a6:88:8c:
26:01:a3:f0:bc:4c:8e:79:e6:b8:d8:8c:8e:50:0d:63:3b:1f:
89:c0:26:84:5d:cb:00:b1:e0:b1:4e:14:26:60:36:43:6a:a3:
9e:af:28:08:6b:ff:33:18:54:f4:66:07:07:b7:f0:2c:bf:3d:
ed:f0:70:fb:39:7b:49:2f:53:65:88:4e:0f:7a:1b:83:21:1f:
54:89:14:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEmeq2S3Al69VjIo8xynXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUwMjAyMDMwMDA4WhcNMjUwMjAzMDMwMDA4WjAzMTEwLwYDVQQD
Eyg1YmU4MzM4ZTQ1MDc3ZTYxMDFmZmE3YzZlMzc3ZDE4ZDZlYjc1ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnYpSzUeAJE/J6V0qEAEgr9cotJq
PymHLEFViwgHhKYson7PC+WaUejhk8KtPFiqdyuFMTuc6hoFyhlfXQOPZVxl//D3
ZeyP9XbRLCneUxr8vHn1Mo5UVO/TMZS+0XcIQSFfgPE7AfvVclrKMZ08a7f/RiUp
DOAWsirx3/8fFplv9chxgalKsBqe6/j9aNyQo4sJrapjuh0O92KCHOUqplKzUscU
ysgmxEfxO0MEPskMv3R7G/MIMJwBDB6/Ok6S0NttW+RKE8jGN5AxCzZGZ6LdqiL6
iSW/EsDMNwxXI3uYKvnyebQfde5upuaTBw/AWhgoE2KENamcZofL4qoWnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvoM45FB35hAf+nxuN30Y1ut1/9MB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGnN2uee7
Oc544ZdcJ8mgSWBvVj8G6IChk0hbQTARzllT4TXr39WEuPlFVlPnjt3HX836zUs3
JWmfPyHPyc3U1paFzbpU868fS92iD6CiWhDXgJEOA4z+lbvkaS7jYTVrlBvUZXM1
3ZZVvvziaEzcoof9VInlcbvkiuXU8TJuPOFAai4Hbpo30x7vG9x7iI8oHuprdPQb
DJjZN3AEYmTFGeH7y6OGBx2r1EsGzerLkuzFpoiMJgGj8LxMjnnmuNiMjlANYzsf
icAmhF3LALHgsU4UJmA2Q2qjnq8oCGv/MxhU9GYHB7fwLL897fBw+zl7SS9TZYhO
D3obgyEfVIkUBA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 05:50:39 2025 by rpki-client