Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File: nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier: n98FuBFVvs3bLRYx8JWabYasHEasuhdXoXYE/csHlZc=
Subject key identifier: CE:B9:25:C8:2E:53:8B:1C:53:37:D9:5A:44:F0:B2:FC:06:5B:97:D6
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer: /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial: 0194C387422E93BB48D9EA96E3965E99230B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number: 06A6
Signing time: Sat 01 Feb 2025 22:00:08 +0000
Manifest this update: Sat 01 Feb 2025 22:00:08 +0000
Manifest next update: Sun 02 Feb 2025 22:00:08 +0000
Files and hashes: 1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=)
2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: +yrRZhvInwIwDyqModTA6SC6r4ea2X6y6YaS23jY+bM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:87:42:2e:93:bb:48:d9:ea:96:e3:96:5e:99:23:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Validity
Not Before: Feb 1 22:00:08 2025 GMT
Not After : Feb 2 22:00:08 2025 GMT
Subject: CN=ceb925c82e538b1c5337d95a44f0b2fc065b97d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2f:cb:07:89:ea:e8:23:f8:49:4b:14:7c:93:
38:bc:22:ab:83:fc:8f:d0:ab:7c:ea:aa:1c:8f:4b:
de:cf:48:86:85:d8:4c:2f:06:0b:8f:e7:b3:17:90:
de:03:01:a0:9e:4e:3c:45:4c:7a:fe:b1:fd:25:e5:
80:04:45:75:45:5f:c9:0f:a9:5a:91:13:71:42:76:
37:58:4e:f1:5c:37:96:41:d2:27:8b:46:98:b4:86:
87:6a:4b:d8:78:72:ec:3f:2e:9a:d9:1d:78:9d:c9:
07:1b:d1:59:ad:1e:2a:bc:26:44:5b:06:38:0f:bc:
28:9e:f2:a5:55:34:cc:38:f7:50:8b:47:81:5d:33:
c1:5b:e3:d6:32:a5:20:70:3c:26:9c:cc:73:3f:21:
51:a7:8a:82:42:20:51:78:3d:d2:31:86:06:09:cd:
fc:85:8b:9f:4d:de:3a:4a:e6:a9:af:41:99:38:7c:
07:ae:39:77:5d:91:6d:e2:01:ba:1c:d6:44:71:db:
df:76:d5:0b:29:cb:3b:69:45:fd:52:f3:e4:01:27:
16:d5:5b:51:42:50:d7:5b:0c:e5:b1:ce:71:db:5f:
8b:6e:e1:1e:af:fb:ab:75:c7:3e:36:2b:ef:22:9c:
4a:b5:9d:25:d5:c2:c8:d1:70:61:9c:47:c1:1b:74:
5a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B9:25:C8:2E:53:8B:1C:53:37:D9:5A:44:F0:B2:FC:06:5B:97:D6
X509v3 Authority Key Identifier:
keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:4e:82:98:84:b5:a6:21:c0:ad:38:85:77:34:af:20:a7:10:
23:c2:e3:08:09:e4:c8:0d:43:f9:fc:42:f0:24:a2:31:82:f2:
b5:98:7e:64:e4:00:13:42:9d:ac:2e:d7:6e:5a:59:3f:9d:3d:
e7:dc:75:21:46:3e:6c:a4:91:9c:6d:16:49:24:69:af:52:a8:
31:ca:09:da:37:dc:0c:b1:a7:92:84:f1:b2:0d:04:d2:d7:e6:
ea:e3:68:e8:32:27:26:fc:69:38:b0:91:a2:d0:84:fe:0f:76:
6b:8f:70:2b:a2:4d:d5:2b:62:b1:24:d2:a9:cb:44:25:96:a7:
2c:52:ca:5f:49:c7:72:95:0e:45:25:f9:35:46:31:9c:02:2d:
27:69:4b:ec:cc:8e:ae:12:2a:f3:27:71:a4:19:06:c8:cd:f2:
ec:16:5a:e5:b5:a2:c4:ca:9f:9b:10:0d:38:d2:2e:29:bd:8f:
42:a8:14:ce:c3:da:b8:74:d2:e0:62:8b:56:e6:c1:11:e0:aa:
e1:4f:41:8c:a1:eb:f1:27:00:e9:3b:7b:33:19:78:66:2d:9c:
2f:0a:70:a2:42:62:b2:5c:43:00:c3:c7:b3:3c:ef:fc:69:f7:
b4:71:f9:83:4e:96:65:99:4a:0d:a0:f9:55:79:d2:19:c2:03:
04:dc:7d:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh0Iuk7tI2eqW45ZemSMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjUwMjAxMjIwMDA4WhcNMjUwMjAyMjIwMDA4WjAzMTEwLwYDVQQD
EyhjZWI5MjVjODJlNTM4YjFjNTMzN2Q5NWE0NGYwYjJmYzA2NWI5N2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi/LB4nq6CP4SUsUfJM4vCKrg/yP
0Kt86qocj0vez0iGhdhMLwYLj+ezF5DeAwGgnk48RUx6/rH9JeWABEV1RV/JD6la
kRNxQnY3WE7xXDeWQdIni0aYtIaHakvYeHLsPy6a2R14nckHG9FZrR4qvCZEWwY4
D7wonvKlVTTMOPdQi0eBXTPBW+PWMqUgcDwmnMxzPyFRp4qCQiBReD3SMYYGCc38
hYufTd46Suapr0GZOHwHrjl3XZFt4gG6HNZEcdvfdtULKcs7aUX9UvPkAScW1VtR
QlDXWwzlsc5x21+LbuEer/urdcc+NivvIpxKtZ0l1cLI0XBhnEfBG3Ra7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM65JcguU4scUzfZWkTwsvwGW5fWMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVU6CmIS1
piHArTiFdzSvIKcQI8LjCAnkyA1D+fxC8CSiMYLytZh+ZOQAE0KdrC7XblpZP509
59x1IUY+bKSRnG0WSSRpr1KoMcoJ2jfcDLGnkoTxsg0E0tfm6uNo6DInJvxpOLCR
otCE/g92a49wK6JN1StisSTSqctEJZanLFLKX0nHcpUORSX5NUYxnAItJ2lL7MyO
rhIq8ydxpBkGyM3y7BZa5bWixMqfmxANONIuKb2PQqgUzsPauHTS4GKLVubBEeCq
4U9BjKHr8ScA6Tt7Mxl4Zi2cLwpwokJislxDAMPHszzv/Gn3tHH5g06WZZlKDaD5
VXnSGcIDBNx9sA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:02:38 2025 by rpki-client