Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
File: lZI0IMz-4DjNyutDkjEKBZivej4.mft (raw, json)
Hash identifier: 30JW3rmvNXByqm69MIDoIxFp804KihEW/mF0ynsDKvs=
Subject key identifier: 02:F9:CE:36:52:53:3C:E8:74:EF:EB:7C:29:A6:91:E0:CF:22:18:40
Authority key identifier: 95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
Certificate issuer: /CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Certificate serial: 0194C3509C6078DCA466100B7303138C7CE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
Manifest number: 31
Signing time: Sat 01 Feb 2025 21:00:27 +0000
Manifest this update: Sat 01 Feb 2025 21:00:27 +0000
Manifest next update: Sun 02 Feb 2025 21:00:27 +0000
Files and hashes: 1: dIg4TNKkMSnsTJTQVJ3Ejrbskbc.roa (hash: PWSy8/5JjoBCA/zGiy62FNSv3d86zc+ySEbRw/F/ETk=)
2: lZI0IMz-4DjNyutDkjEKBZivej4.crl (hash: 6dZydZLBLYUrORM+tgnkv6W++MhNuKr3B8JSe+13xEU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:50:9c:60:78:dc:a4:66:10:0b:73:03:13:8c:7c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Validity
Not Before: Feb 1 21:00:27 2025 GMT
Not After : Feb 2 21:00:27 2025 GMT
Subject: CN=02f9ce3652533ce874efeb7c29a691e0cf221840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:df:d7:3a:78:a6:95:3d:80:af:bc:af:47:89:
cd:56:2d:ab:a2:b8:ac:e8:2c:0e:78:12:9d:17:e3:
28:d2:0f:41:80:ef:a1:cc:89:ae:9c:2c:54:00:3e:
7a:5c:95:c4:4b:b8:19:b9:db:d8:e1:4d:9c:de:a8:
4b:54:52:50:f0:77:c5:8a:e6:9e:ed:e5:53:92:dc:
53:7e:f3:78:24:6f:06:8c:f8:ef:83:44:be:45:1b:
8d:f2:63:1d:95:e5:d3:eb:7a:d1:6a:6c:f2:81:66:
6d:57:30:6b:6d:18:2c:03:ad:a6:c2:a8:d4:4d:93:
96:99:a0:41:ce:4d:1f:bf:b7:0b:a4:74:cd:f4:b0:
7f:ad:61:be:c9:b8:2a:86:c3:bc:a0:50:e3:86:06:
7a:d1:f0:09:6f:41:ad:6d:6b:e5:b2:42:0a:84:42:
4e:88:f7:ad:f6:d6:39:d5:4e:8f:ec:0f:36:3a:fc:
0d:43:4b:d4:9b:ca:0d:2d:23:e7:b4:fe:57:1c:32:
c9:27:b5:9c:59:68:fb:dd:5a:91:2e:2b:35:66:52:
65:5f:f0:1b:ff:f8:45:d8:a6:18:c9:eb:14:3c:39:
35:04:88:92:ba:0e:83:e3:3d:ef:21:fb:9b:56:2a:
b8:e1:f3:6e:f6:78:ab:8a:29:fc:9e:26:8b:f1:2b:
39:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F9:CE:36:52:53:3C:E8:74:EF:EB:7C:29:A6:91:E0:CF:22:18:40
X509v3 Authority Key Identifier:
keyid:95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:81:6c:95:4f:a1:92:c9:1e:48:d4:c6:1e:e4:48:28:90:3f:
b8:66:2c:c8:d1:05:79:f8:95:bc:c8:61:4b:ea:11:16:65:e6:
a6:26:c0:c8:d9:62:83:25:0d:60:45:d5:1d:07:a8:e2:c9:9f:
c0:06:6b:9e:1a:d0:45:7f:f9:34:10:66:14:f5:ba:8f:6b:fd:
92:38:a2:e3:30:79:1e:5d:48:02:ea:8e:39:f9:5f:68:b9:dd:
1a:ab:28:cc:04:25:27:41:d8:06:e1:c0:54:c9:10:68:03:fd:
8e:e4:5a:2c:4a:70:84:5c:2c:ee:2b:3e:28:53:64:a4:9b:58:
85:57:c4:80:d8:45:8c:97:b0:5c:d2:5c:40:3d:57:7d:c2:58:
85:c6:b5:70:ef:c3:2b:35:3e:f4:61:02:54:8e:5f:0b:35:3f:
c4:7d:16:3f:ee:90:95:65:ab:4b:dd:bf:6d:b0:51:69:d7:67:
e3:e5:39:b7:61:b6:cb:92:a2:80:82:20:19:57:f6:7a:ad:07:
5f:93:f0:ca:09:5b:05:bd:0a:b2:6d:5a:3b:a3:98:a4:77:67:
0c:49:87:8e:75:e7:d4:dc:fa:1a:b6:69:24:67:b2:19:11:c3:
d2:6d:c6:73:b7:18:9c:77:ae:ef:4d:f9:fa:d3:d0:b3:92:6d:
e7:4c:2d:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDUJxgeNykZhALcwMTjHziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTIzNDIwY2NmZWUwMzhjZGNhZWI0MzkyMzEwYTA1OThh
ZjdhM2UwHhcNMjUwMjAxMjEwMDI3WhcNMjUwMjAyMjEwMDI3WjAzMTEwLwYDVQQD
EygwMmY5Y2UzNjUyNTMzY2U4NzRlZmViN2MyOWE2OTFlMGNmMjIxODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59/XOnimlT2Ar7yvR4nNVi2roris
6CwOeBKdF+Mo0g9BgO+hzImunCxUAD56XJXES7gZudvY4U2c3qhLVFJQ8HfFiuae
7eVTktxTfvN4JG8GjPjvg0S+RRuN8mMdleXT63rRamzygWZtVzBrbRgsA62mwqjU
TZOWmaBBzk0fv7cLpHTN9LB/rWG+ybgqhsO8oFDjhgZ60fAJb0GtbWvlskIKhEJO
iPet9tY51U6P7A82OvwNQ0vUm8oNLSPntP5XHDLJJ7WcWWj73VqRLis1ZlJlX/Ab
//hF2KYYyesUPDk1BIiSug6D4z3vIfubViq44fNu9niriin8niaL8Ss52wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAL5zjZSUzzodO/rfCmmkeDPIhhAMB8GA1UdIwQY
MBaAFJWSNCDM/uA4zcrrQ5IxCgWYr3o+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzct
NTIwMGZjMTZmZjhjLzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzctNTIwMGZjMTZmZjhj
LzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABoFslU+h
kskeSNTGHuRIKJA/uGYsyNEFefiVvMhhS+oRFmXmpibAyNligyUNYEXVHQeo4smf
wAZrnhrQRX/5NBBmFPW6j2v9kjii4zB5Hl1IAuqOOflfaLndGqsozAQlJ0HYBuHA
VMkQaAP9juRaLEpwhFws7is+KFNkpJtYhVfEgNhFjJewXNJcQD1XfcJYhca1cO/D
KzU+9GECVI5fCzU/xH0WP+6QlWWrS92/bbBRaddn4+U5t2G2y5KigIIgGVf2eq0H
X5PwyglbBb0Ksm1aO6OYpHdnDEmHjnXn1Nz6GrZpJGeyGRHD0m3Gc7cYnHeu7035
+tPQs5Jt50wt5A==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:53:20 2025 by rpki-client