Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
File: 2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft (raw, json)
Hash identifier: hYfVoRjEvlEUgl/UTIFJsQr9bwk9fIm6wv1c9vKtsS0=
Subject key identifier: 4A:68:C5:61:9E:C7:8E:64:AC:85:40:FF:99:EE:13:0E:CD:9B:18:9A
Authority key identifier: DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
Certificate issuer: /CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Certificate serial: 019512102D18767735B1040711BB1B5FD3CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
Manifest number: 1456
Signing time: Mon 17 Feb 2025 04:00:04 +0000
Manifest this update: Mon 17 Feb 2025 04:00:04 +0000
Manifest next update: Tue 18 Feb 2025 04:00:04 +0000
Files and hashes: 1: 2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl (hash: iYMKiws1b44JjqDHdlzpYVOywMLvQDO2fv9alp5V/LY=)
2: ERHgCqLjJCv-XvaDVjYAj8P1zKs.roa (hash: 0x7RKzsX7jR4DuJ9t+glZtV4k9Tiu2posJrN6U758NM=)
3: cJTD3IKsBKeCbDG4KiZEHnYFPTM.roa (hash: ufqwqkZa7S2iEhZdfjJxNYCun4AbNJ4X2aLuA4Ji7yY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:10:2d:18:76:77:35:b1:04:07:11:bb:1b:5f:d3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Validity
Not Before: Feb 17 04:00:04 2025 GMT
Not After : Feb 18 04:00:04 2025 GMT
Subject: CN=4a68c5619ec78e64ac8540ff99ee130ecd9b189a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2b:e3:a9:56:96:e5:8a:a1:06:0b:6a:80:0b:
0d:3b:9c:ef:f3:6c:d6:f6:be:99:58:5a:c4:48:c1:
97:95:0b:1c:43:ad:46:99:6c:e0:f6:3c:df:4e:af:
eb:75:78:6b:17:d1:68:d4:42:11:c8:24:4f:f0:7a:
9b:82:a8:c4:e3:0f:4c:9f:a6:13:90:05:01:d0:f5:
04:a0:c2:a6:f6:ec:6c:93:c0:d2:c7:fa:55:3d:12:
37:31:48:70:6d:c8:90:2d:2f:49:7d:68:c6:c2:25:
e3:15:db:f4:e3:ef:57:86:01:e9:83:77:f8:5b:ff:
d9:04:07:03:c5:57:19:0a:97:2f:db:4e:2e:65:84:
d1:f2:95:4c:58:d1:ac:24:00:64:b5:0c:61:9e:50:
1b:6e:09:bf:85:12:c4:bb:e7:44:c2:e3:3f:69:b5:
49:53:b2:75:2f:7a:e8:4b:b0:72:4a:a8:17:be:68:
a0:23:ac:11:ac:e7:e2:77:ce:83:8f:ba:9e:f7:c4:
f2:89:9d:ec:bc:80:63:7b:be:22:d7:06:60:f6:e1:
04:43:e5:01:a5:c8:45:d9:1c:30:1f:78:eb:85:87:
18:f2:86:df:9e:d5:74:06:ae:00:40:40:4e:80:f8:
e1:63:d1:a9:ea:07:61:a9:63:55:7a:5c:94:dd:44:
2f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:68:C5:61:9E:C7:8E:64:AC:85:40:FF:99:EE:13:0E:CD:9B:18:9A
X509v3 Authority Key Identifier:
keyid:DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:6d:68:40:67:80:a1:23:1a:35:9c:5e:6f:3d:e5:06:08:67:
6e:73:72:bd:03:74:3c:51:1f:91:02:2c:ab:ee:e5:d2:93:d3:
8e:57:b9:3e:7c:95:c0:37:36:2a:ce:6b:ea:33:65:cc:c5:f1:
45:64:75:1c:4a:9e:63:f0:c1:ec:1f:d4:65:fa:4f:87:29:57:
c1:8e:92:3f:39:4d:62:03:16:b3:be:be:11:78:77:e6:ed:6a:
f8:05:b3:85:32:dc:3a:d4:0b:6c:af:5a:08:64:5d:ce:29:f0:
52:e5:ca:02:10:38:08:53:34:c3:e6:4f:d1:fd:d2:50:78:dd:
c4:ca:97:86:31:08:19:f8:62:66:8d:4e:40:a1:73:62:a1:1b:
aa:f1:2a:a0:c3:e9:00:52:11:8f:4d:bf:3f:30:2e:f8:f7:ed:
e3:3b:82:5c:c1:a2:05:01:b3:60:75:fe:37:42:59:6c:36:01:
7a:48:ff:59:05:05:59:cb:7e:84:12:d0:80:0d:57:c0:3c:99:
9b:35:77:93:ce:83:eb:d8:b8:61:1e:fb:e6:25:4d:e9:2f:ac:
8d:0e:3e:08:fd:6e:82:0c:c5:eb:6e:5d:41:99:bc:e2:5c:b6:
93:d0:cd:e2:62:87:03:42:69:80:b9:ac:59:d7:f7:6b:b3:f0:
61:87:b5:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEC0Ydnc1sQQHEbsbX9PNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI0YjljNjNkYjVjMWExY2Y0YzU1ODFkYmU1YjM4MWNi
OTUwODcwHhcNMjUwMjE3MDQwMDA0WhcNMjUwMjE4MDQwMDA0WjAzMTEwLwYDVQQD
Eyg0YTY4YzU2MTllYzc4ZTY0YWM4NTQwZmY5OWVlMTMwZWNkOWIxODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyvjqVaW5YqhBgtqgAsNO5zv82zW
9r6ZWFrESMGXlQscQ61GmWzg9jzfTq/rdXhrF9Fo1EIRyCRP8HqbgqjE4w9Mn6YT
kAUB0PUEoMKm9uxsk8DSx/pVPRI3MUhwbciQLS9JfWjGwiXjFdv04+9XhgHpg3f4
W//ZBAcDxVcZCpcv204uZYTR8pVMWNGsJABktQxhnlAbbgm/hRLEu+dEwuM/abVJ
U7J1L3roS7BySqgXvmigI6wRrOfid86Dj7qe98TyiZ3svIBje74i1wZg9uEEQ+UB
pchF2RwwH3jrhYcY8obfntV0Bq4AQEBOgPjhY9Gp6gdhqWNVelyU3UQvFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpoxWGex45krIVA/5nuEw7NmxiaMB8GA1UdIwQY
MBaAFNoCS5xj21waHPTFWB2+WzgcuVCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYt
NzEyYjFhNzk2OGU2LzEvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYtNzEyYjFhNzk2OGU2
LzEvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuW1oQGeA
oSMaNZxebz3lBghnbnNyvQN0PFEfkQIsq+7l0pPTjle5PnyVwDc2Ks5r6jNlzMXx
RWR1HEqeY/DB7B/UZfpPhylXwY6SPzlNYgMWs76+EXh35u1q+AWzhTLcOtQLbK9a
CGRdzinwUuXKAhA4CFM0w+ZP0f3SUHjdxMqXhjEIGfhiZo1OQKFzYqEbqvEqoMPp
AFIRj02/PzAu+Pft4zuCXMGiBQGzYHX+N0JZbDYBekj/WQUFWct+hBLQgA1XwDyZ
mzV3k86D69i4YR775iVN6S+sjQ4+CP1uggzF625dQZm84ly2k9DN4mKHA0JpgLms
Wdf3a7PwYYe1xg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:54 2025 by rpki-client