Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: o3VvVvaEPIJQsAxcjbXWAN443kDt8HrAT3yGZSqQiE4=
Subject key identifier: 41:CA:8A:B0:D1:9F:74:5F:E4:99:79:75:94:A2:49:29:E1:13:46:D2
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 01951134E627BB2DE7DC52B143255D3843C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 05D1
Signing time: Mon 17 Feb 2025 00:00:34 +0000
Manifest this update: Mon 17 Feb 2025 00:00:34 +0000
Manifest next update: Tue 18 Feb 2025 00:00:34 +0000
Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=)
2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: 5W6vLS0O87feq1slAh/rQqAtssjY5rc0Ef7ruxXpRGs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:34:e6:27:bb:2d:e7:dc:52:b1:43:25:5d:38:43:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Feb 17 00:00:34 2025 GMT
Not After : Feb 18 00:00:34 2025 GMT
Subject: CN=41ca8ab0d19f745fe499797594a24929e11346d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:df:1c:60:f4:4f:9c:b7:fc:80:37:e7:02:41:
94:b4:64:a7:9e:a4:5a:c3:72:7e:f7:74:b5:1c:d7:
c4:71:ee:2c:0c:21:d2:d9:09:19:d6:bd:3b:4a:f6:
67:5b:8c:5d:e0:2e:50:a1:b9:c8:53:f6:ad:3e:1e:
a1:28:35:d9:b2:28:41:9b:3e:36:c4:43:d2:b6:81:
6f:79:cd:5b:7a:79:05:2f:18:3f:6d:17:be:ab:49:
31:cd:d9:a3:80:77:6e:40:e0:0b:3c:ad:2c:cc:89:
1d:20:fb:64:92:5e:0d:bd:61:7f:85:9e:73:6f:64:
d0:f6:53:45:ea:67:d9:fd:3d:1c:30:02:10:ed:2f:
df:b9:3e:55:c7:08:3f:96:29:c1:1d:db:ff:87:99:
d9:a1:34:4b:9b:86:36:d8:cd:ba:41:f4:fa:51:52:
9e:2d:9c:44:e6:f4:92:a4:95:52:83:b5:a1:e8:99:
b0:d8:42:9e:df:21:7b:5a:ce:16:a2:ac:c1:e8:b9:
47:66:01:d2:45:3b:5a:f9:a8:df:1c:d7:5b:8b:2f:
33:0f:29:0f:ba:45:bf:9e:9e:59:49:d0:4e:76:fa:
d5:26:70:95:00:1c:0e:a3:2e:ce:fa:36:dc:c6:84:
7e:85:6b:ef:7e:02:6a:6e:a8:61:af:cb:c8:8a:55:
51:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CA:8A:B0:D1:9F:74:5F:E4:99:79:75:94:A2:49:29:E1:13:46:D2
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:07:a3:3c:f3:55:20:2d:98:21:36:3e:2d:de:73:ce:fe:b8:
ed:b2:23:ee:86:71:85:3b:e8:6d:e8:9e:7b:48:75:a2:e1:35:
9c:51:73:8a:6b:1f:54:a1:46:ce:9b:52:c4:b5:d9:28:7c:f8:
9c:63:05:f1:64:68:b2:17:5c:d8:62:1d:fb:01:94:ab:ca:11:
13:27:2d:e1:da:e8:21:75:ac:94:12:49:f2:da:1f:e7:33:c5:
fd:53:9c:d9:f5:43:3e:a7:ba:c9:26:73:f7:b3:76:54:52:57:
a7:c2:1e:c0:80:cc:5b:20:87:11:be:a2:67:bc:39:21:80:14:
5c:12:cf:62:92:f5:72:79:79:2d:f2:47:d2:7b:c1:cb:01:de:
41:ed:f5:d7:a0:8b:55:cd:48:83:cc:f4:39:b9:d5:a7:53:97:
e7:ac:4b:2c:cc:df:a6:9c:17:4f:5b:f0:27:fe:5d:f4:19:cd:
4d:3e:7b:55:a8:c1:fe:85:5e:6d:ba:1b:a6:d6:44:19:6a:2c:
ab:85:13:b4:58:2e:49:dd:4e:37:a7:9c:b8:00:95:bb:13:c1:
9b:7e:11:1f:ca:09:67:85:85:ae:14:33:57:28:dc:33:18:f3:
3e:ba:c7:8f:e5:a2:e1:7f:6a:02:ae:29:85:f5:75:e7:fa:9f:
cc:75:21:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNOYnuy3n3FKxQyVdOEPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjUwMjE3MDAwMDM0WhcNMjUwMjE4MDAwMDM0WjAzMTEwLwYDVQQD
Eyg0MWNhOGFiMGQxOWY3NDVmZTQ5OTc5NzU5NGEyNDkyOWUxMTM0NmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz98cYPRPnLf8gDfnAkGUtGSnnqRa
w3J+93S1HNfEce4sDCHS2QkZ1r07SvZnW4xd4C5QobnIU/atPh6hKDXZsihBmz42
xEPStoFvec1benkFLxg/bRe+q0kxzdmjgHduQOALPK0szIkdIPtkkl4NvWF/hZ5z
b2TQ9lNF6mfZ/T0cMAIQ7S/fuT5Vxwg/linBHdv/h5nZoTRLm4Y22M26QfT6UVKe
LZxE5vSSpJVSg7Wh6Jmw2EKe3yF7Ws4WoqzB6LlHZgHSRTta+ajfHNdbiy8zDykP
ukW/np5ZSdBOdvrVJnCVABwOoy7O+jbcxoR+hWvvfgJqbqhhr8vIilVRbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHKirDRn3Rf5Jl5dZSiSSnhE0bSMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQejPPNV
IC2YITY+Ld5zzv647bIj7oZxhTvobeiee0h1ouE1nFFzimsfVKFGzptSxLXZKHz4
nGMF8WRoshdc2GId+wGUq8oREyct4droIXWslBJJ8tof5zPF/VOc2fVDPqe6ySZz
97N2VFJXp8IewIDMWyCHEb6iZ7w5IYAUXBLPYpL1cnl5LfJH0nvBywHeQe3116CL
Vc1Ig8z0ObnVp1OX56xLLMzfppwXT1vwJ/5d9BnNTT57VajB/oVebbobptZEGWos
q4UTtFguSd1ON6ecuACVuxPBm34RH8oJZ4WFrhQzVyjcMxjzPrrHj+Wi4X9qAq4p
hfV15/qfzHUhuw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:34 2025 by rpki-client