Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
File: is3dXDDVgOsP7soqFs9cWoslaP0.mft (raw, json)
Hash identifier: bevttWSoiuRFxSjm1U4Ax66ITHQidnZQn+tvtqXKX28=
Subject key identifier: D9:F2:E1:C8:84:9E:08:40:D3:F0:55:E4:CF:8C:91:76:CF:DB:23:0B
Authority key identifier: 8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
Certificate issuer: /CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Certificate serial: 0194C499F760D7E7DF1F3D085D9E66AAAFD1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
Manifest number: 1431
Signing time: Sun 02 Feb 2025 03:00:12 +0000
Manifest this update: Sun 02 Feb 2025 03:00:12 +0000
Manifest next update: Mon 03 Feb 2025 03:00:12 +0000
Files and hashes: 1: 1-BU0QGGPOY6StLl6EjdaPUoRp0U.roa (hash: YErgeEfB3mK/ybWEoY6pFZ+o+6uteNHWASk7smyhzI8=)
2: is3dXDDVgOsP7soqFs9cWoslaP0.crl (hash: hVhcSR8NBDCVkgmILUEIL++VMcRlT6kWzDK0pKUyBWA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:99:f7:60:d7:e7:df:1f:3d:08:5d:9e:66:aa:af:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Validity
Not Before: Feb 2 03:00:12 2025 GMT
Not After : Feb 3 03:00:12 2025 GMT
Subject: CN=d9f2e1c8849e0840d3f055e4cf8c9176cfdb230b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ef:59:da:a5:3d:7a:d2:7a:f2:fa:b7:ba:eb:
6f:48:fd:ca:30:2e:30:00:99:7e:ba:12:4f:cd:44:
b7:a6:62:74:50:85:26:39:38:d5:43:bf:e5:66:55:
22:04:72:d2:b6:dc:a8:c8:aa:b7:0d:5e:8d:8e:07:
06:1a:9d:99:ef:14:a7:8a:79:a5:ac:47:c9:d2:81:
c3:90:f1:ba:26:b9:c1:b7:49:0e:a2:b4:7d:bc:e1:
95:92:9b:ab:34:0a:51:f6:5a:45:2f:55:2d:ec:56:
94:b6:a0:e7:03:b1:d5:31:7d:62:ec:dc:13:7b:66:
0b:10:73:cd:31:23:8e:05:21:3c:72:23:d2:28:49:
92:cc:bd:e1:8f:40:87:48:b1:e3:ee:55:d4:9c:b6:
93:65:e8:c8:d6:04:df:1e:d6:c1:c8:c6:17:b5:c1:
74:45:22:ae:c7:8d:f0:75:89:61:99:57:6b:6a:13:
7b:fe:53:e9:a7:ca:af:c1:a1:0c:92:a4:ee:0d:5a:
a4:07:c6:67:ef:83:48:03:d4:2a:70:68:80:49:32:
7b:56:ac:10:80:3b:13:6d:a8:b9:9d:12:20:c9:74:
5a:e3:6f:5f:43:ac:ca:d6:75:5c:c8:f0:40:59:46:
af:c4:14:f1:ad:ad:00:4c:ea:24:f4:fc:69:a2:31:
91:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F2:E1:C8:84:9E:08:40:D3:F0:55:E4:CF:8C:91:76:CF:DB:23:0B
X509v3 Authority Key Identifier:
keyid:8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:58:ef:14:e7:12:4c:10:87:25:3a:9b:48:6c:9b:56:51:10:
25:6f:af:82:96:ff:b1:9f:9f:13:53:39:93:03:aa:82:ca:4b:
92:5a:e8:ed:0e:85:1f:69:94:76:3e:47:2c:c8:16:30:92:9f:
2b:16:7f:09:21:2e:33:41:b4:02:ba:87:26:34:51:c7:b0:9d:
da:ab:6b:e3:cc:4c:f1:fa:0b:09:52:65:e1:56:27:78:89:4e:
43:a8:79:3f:37:2f:f9:4c:6b:ec:34:ce:5b:53:ae:89:d8:92:
e6:25:99:ca:73:2c:e2:d3:55:9c:cb:ba:f1:08:92:d8:96:b8:
2a:7a:5e:af:57:4f:90:82:96:2a:99:85:96:c8:5d:64:5b:85:
4a:51:65:18:43:0a:0a:14:d1:c6:19:bc:e2:18:fc:76:fa:55:
e2:7f:2d:68:90:e6:6f:f4:b0:f9:a4:87:52:43:4f:8e:62:0d:
1e:41:4c:46:25:ca:04:90:ac:58:46:56:fb:06:57:52:79:82:
9e:be:67:07:38:92:5a:cb:b1:3a:bd:94:db:48:af:b9:aa:d7:
25:12:ce:d1:ff:d1:d5:b7:95:4f:71:b0:9e:c3:6f:c3:12:a1:
9e:0f:b5:bf:90:3f:87:34:79:a1:07:c4:db:d1:d0:25:be:50:
bf:1c:f8:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEmfdg1+ffHz0IXZ5mqq/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RkZDVjMzBkNTgwZWIwZmVlY2EyYTE2Y2Y1YzVhOGIy
NTY4ZmQwHhcNMjUwMjAyMDMwMDEyWhcNMjUwMjAzMDMwMDEyWjAzMTEwLwYDVQQD
EyhkOWYyZTFjODg0OWUwODQwZDNmMDU1ZTRjZjhjOTE3NmNmZGIyMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe9Z2qU9etJ68vq3uutvSP3KMC4w
AJl+uhJPzUS3pmJ0UIUmOTjVQ7/lZlUiBHLSttyoyKq3DV6NjgcGGp2Z7xSninml
rEfJ0oHDkPG6JrnBt0kOorR9vOGVkpurNApR9lpFL1Ut7FaUtqDnA7HVMX1i7NwT
e2YLEHPNMSOOBSE8ciPSKEmSzL3hj0CHSLHj7lXUnLaTZejI1gTfHtbByMYXtcF0
RSKux43wdYlhmVdrahN7/lPpp8qvwaEMkqTuDVqkB8Zn74NIA9QqcGiASTJ7VqwQ
gDsTbai5nRIgyXRa429fQ6zK1nVcyPBAWUavxBTxra0ATOok9PxpojGRcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNny4ciEnghA0/BV5M+MkXbP2yMLMB8GA1UdIwQY
MBaAFIrN3Vww1YDrD+7KKhbPXFqLJWj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDIt
MTdiMWM3Mzc5MzAwLzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDItMTdiMWM3Mzc5MzAw
LzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN1jvFOcS
TBCHJTqbSGybVlEQJW+vgpb/sZ+fE1M5kwOqgspLklro7Q6FH2mUdj5HLMgWMJKf
KxZ/CSEuM0G0ArqHJjRRx7Cd2qtr48xM8foLCVJl4VYneIlOQ6h5Pzcv+Uxr7DTO
W1OuidiS5iWZynMs4tNVnMu68QiS2Ja4Knper1dPkIKWKpmFlshdZFuFSlFlGEMK
ChTRxhm84hj8dvpV4n8taJDmb/Sw+aSHUkNPjmINHkFMRiXKBJCsWEZW+wZXUnmC
nr5nBziSWsuxOr2U20ivuarXJRLO0f/R1beVT3GwnsNvwxKhng+1v5A/hzR5oQfE
29HQJb5Qvxz42g==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:03:24 2025 by rpki-client