Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
File: kfWJGibPpDaiPn4f-XZki-5573c.mft (raw, json)
Hash identifier: GPi9iomiTnUDNVe9FFiwWqPW17F+9kTwUYAgGBS9A8U=
Subject key identifier: 76:8E:49:3E:0A:56:3E:3F:6D:F9:A7:9C:0C:FA:95:74:D9:74:21:12
Authority key identifier: 91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
Certificate issuer: /CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Certificate serial: 019510C6D60A1CBE028A7A6D951FAC96CD45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
Manifest number: 12C5
Signing time: Sun 16 Feb 2025 22:00:21 +0000
Manifest this update: Sun 16 Feb 2025 22:00:21 +0000
Manifest next update: Mon 17 Feb 2025 22:00:21 +0000
Files and hashes: 1: AwtKEHfYyxnQ1th-VlZxSnr7g6Q.roa (hash: kaMvuNz15dIgQL2M/Qvml14U3ZSUX9PuIaFhO+5H45U=)
2: DIxBuJDWRajN2G8Xp5FV5TyPSvA.roa (hash: OfQWp1njClDrdouukOkCvfJ95D6ij98TPOIuqpcwAzY=)
3: kfWJGibPpDaiPn4f-XZki-5573c.crl (hash: /8ovDWuzg7ZExTe+BoiFfFz6MgFPMdKel9Ez8my2xo8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 22:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:c6:d6:0a:1c:be:02:8a:7a:6d:95:1f:ac:96:cd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Validity
Not Before: Feb 16 22:00:21 2025 GMT
Not After : Feb 17 22:00:21 2025 GMT
Subject: CN=768e493e0a563e3f6df9a79c0cfa9574d9742112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3c:d0:1a:74:e5:a6:b9:34:c4:ea:29:9e:92:
c0:33:af:9a:8e:d0:4e:dd:83:4f:ff:f6:3f:9c:3b:
81:43:ff:10:90:c3:9f:0d:05:3c:b9:a9:05:e5:2f:
f9:e7:c9:1f:db:3c:cd:d7:16:44:62:00:c1:06:71:
64:00:30:7b:91:b1:ba:8c:e1:2d:76:9b:80:ef:68:
18:47:03:d6:8f:28:66:a5:e6:e1:4c:38:11:cf:30:
48:fe:00:6a:07:4a:3a:e1:e0:fc:ea:79:a6:2a:c2:
82:ec:da:c5:16:32:8b:10:a8:d5:25:cd:c4:e2:d4:
13:63:cc:2e:49:38:cf:e3:be:38:12:8c:56:8d:c4:
14:35:42:00:37:de:33:75:f9:e0:b4:e9:25:57:03:
8b:49:c5:fe:48:98:1f:f8:1a:94:96:55:fc:9c:55:
a9:ce:62:16:00:79:33:7b:ac:0e:09:c1:21:5b:2d:
01:cb:90:b1:9f:b8:9d:6f:38:fe:2d:38:c0:d7:21:
89:68:85:40:70:16:dd:85:1d:d3:ad:97:25:2f:a6:
bc:b4:7c:5c:7a:f3:b2:5c:a5:4d:45:f5:84:4d:e6:
5b:2c:8b:86:40:86:c1:e5:ba:33:70:dc:63:1a:92:
68:f1:eb:e8:ed:1b:f5:a8:fb:60:67:9b:53:6a:88:
8a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8E:49:3E:0A:56:3E:3F:6D:F9:A7:9C:0C:FA:95:74:D9:74:21:12
X509v3 Authority Key Identifier:
keyid:91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:ad:01:35:c9:e9:3d:84:49:8d:08:4d:a4:77:5e:6d:0c:e6:
ab:5b:44:c0:f1:7b:d0:af:86:c1:8a:31:81:52:fd:28:12:43:
02:53:7e:88:73:ed:2a:c1:00:cd:bf:f8:d8:b2:0d:65:8e:2c:
28:3d:bb:71:c3:55:5e:71:e9:97:25:5f:6f:a2:38:e5:de:dc:
97:a7:1a:8f:e7:0a:ff:7c:3a:4e:b2:62:03:40:ac:aa:87:5f:
79:d5:a1:a2:87:9c:7c:6e:ed:e1:b6:6b:16:9d:9c:77:70:ba:
ed:a7:7a:14:9e:f2:7f:dc:87:26:2a:45:e2:3b:e4:9f:3f:cc:
a2:9f:6b:39:c6:fa:54:34:55:df:42:ad:2f:19:8d:e8:94:20:
13:9d:1d:30:c8:45:55:76:ec:24:de:42:67:ad:21:bb:a5:57:
08:6a:78:67:e3:65:d2:68:dd:ec:d5:b9:e2:26:87:16:81:d5:
ce:91:eb:e5:02:26:a9:6f:2e:ce:36:44:b5:45:36:6e:89:90:
38:84:0e:86:51:ad:73:f0:45:b7:7b:00:b7:39:96:b8:84:4a:
a8:2a:dd:e9:36:7f:83:ca:e3:e1:93:29:c9:f3:13:8e:3a:87:
02:a0:78:57:db:1c:e7:3c:c3:c7:65:dd:df:8c:36:72:98:31:
1d:82:a6:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxtYKHL4CinptlR+sls1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjU4OTFhMjZjZmE0MzZhMjNlN2UxZmY5NzY2NDhiZWU3
OWVmNzcwHhcNMjUwMjE2MjIwMDIxWhcNMjUwMjE3MjIwMDIxWjAzMTEwLwYDVQQD
Eyg3NjhlNDkzZTBhNTYzZTNmNmRmOWE3OWMwY2ZhOTU3NGQ5NzQyMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jzQGnTlprk0xOopnpLAM6+ajtBO
3YNP//Y/nDuBQ/8QkMOfDQU8uakF5S/558kf2zzN1xZEYgDBBnFkADB7kbG6jOEt
dpuA72gYRwPWjyhmpebhTDgRzzBI/gBqB0o64eD86nmmKsKC7NrFFjKLEKjVJc3E
4tQTY8wuSTjP4744EoxWjcQUNUIAN94zdfngtOklVwOLScX+SJgf+BqUllX8nFWp
zmIWAHkze6wOCcEhWy0By5Cxn7idbzj+LTjA1yGJaIVAcBbdhR3TrZclL6a8tHxc
evOyXKVNRfWETeZbLIuGQIbB5bozcNxjGpJo8evo7Rv1qPtgZ5tTaoiKNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaOST4KVj4/bfmnnAz6lXTZdCESMB8GA1UdIwQY
MBaAFJH1iRomz6Q2oj5+H/l2ZIvuee93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzkt
ZGFhNzM5MGI1YmE3LzEva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzktZGFhNzM5MGI1YmE3
LzEva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXa0BNcnp
PYRJjQhNpHdebQzmq1tEwPF70K+GwYoxgVL9KBJDAlN+iHPtKsEAzb/42LINZY4s
KD27ccNVXnHplyVfb6I45d7cl6caj+cK/3w6TrJiA0CsqodfedWhooecfG7t4bZr
Fp2cd3C67ad6FJ7yf9yHJipF4jvknz/Mop9rOcb6VDRV30KtLxmN6JQgE50dMMhF
VXbsJN5CZ60hu6VXCGp4Z+Nl0mjd7NW54iaHFoHVzpHr5QImqW8uzjZEtUU2bomQ
OIQOhlGtc/BFt3sAtzmWuIRKqCrd6TZ/g8rj4ZMpyfMTjjqHAqB4V9sc5zzDx2Xd
34w2cpgxHYKmqQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:38 2025 by rpki-client