Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
File: hEoXkcsH8dhhI8Y9w63P11TbEBs.mft (raw, json)
Hash identifier: zFiNgrmny3qDIIRriUa+f1f+Z8sNP2wOsNK6cXD6xzA=
Subject key identifier: 67:5B:89:EA:98:DA:C5:FC:BF:4B:82:6F:DB:1E:21:AE:30:F2:C9:A9
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Certificate issuer: /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial: 019511350225B54E5BC7900FEE8222AF3CD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
Manifest number: 0867
Signing time: Mon 17 Feb 2025 00:00:41 +0000
Manifest this update: Mon 17 Feb 2025 00:00:41 +0000
Manifest next update: Tue 18 Feb 2025 00:00:41 +0000
Files and hashes: 1: Ihp0VP8oRNeTGrBSGwpts6D1JhE.roa (hash: Qldf3LszJ2g2XwaE6LEoxPc+aR59tijRa50IN/mT6PY=)
2: gi2zaUr2ngLXfM8NV7jNPdt_PFI.roa (hash: pPPLz9b8ntu+6vKYV+GHcDLfS03p/6Pt+aGjIk5ADdw=)
3: hEoXkcsH8dhhI8Y9w63P11TbEBs.crl (hash: ZH2NkBP+/asKHz4VIWGxruzN8abq9ulZnRk9CjyP0DQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:35:02:25:b5:4e:5b:c7:90:0f:ee:82:22:af:3c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Validity
Not Before: Feb 17 00:00:41 2025 GMT
Not After : Feb 18 00:00:41 2025 GMT
Subject: CN=675b89ea98dac5fcbf4b826fdb1e21ae30f2c9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fd:1c:da:88:46:5b:52:3a:4c:8e:c4:ce:dc:
2b:04:ef:43:1a:b0:c4:c8:96:65:5c:40:cc:3a:c5:
45:32:eb:46:df:c9:7f:4b:51:84:1c:9a:53:4d:23:
5e:7e:5a:be:3f:98:f5:7f:a8:08:4a:47:a4:23:1a:
9d:8e:71:ad:3c:2d:03:13:fc:d4:29:ef:3c:26:40:
93:25:46:2f:23:ec:ae:bc:33:25:33:34:f3:df:b4:
45:84:47:4e:31:87:ed:a1:56:1c:81:67:32:c1:ac:
4f:c8:b0:b2:5c:33:80:9d:a0:72:21:31:4c:48:f5:
44:f2:65:b0:94:81:b6:e3:d9:7d:df:c0:b7:b8:66:
ea:bd:de:84:6d:eb:db:75:fd:b7:07:57:1b:77:89:
a2:0a:03:c4:d5:fe:06:2f:c7:3f:62:87:36:d4:07:
6c:f8:5d:88:19:38:20:2f:35:fa:4b:67:89:db:8f:
1b:26:f4:2d:47:4e:f3:46:51:f0:64:74:45:10:38:
4c:2e:f2:fc:2f:6b:58:9f:c6:59:2d:ba:40:1e:9f:
22:7b:6d:1d:f1:63:0c:70:5c:7e:b0:b3:51:3c:59:
66:24:59:89:31:ed:9e:16:16:3e:8c:b3:56:06:b9:
6a:30:9f:ac:c8:e4:f7:33:0a:b5:7b:d9:00:0c:07:
1d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5B:89:EA:98:DA:C5:FC:BF:4B:82:6F:DB:1E:21:AE:30:F2:C9:A9
X509v3 Authority Key Identifier:
keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:d1:55:e0:aa:40:db:22:07:64:d4:e7:44:5d:d4:d7:63:22:
d2:3b:cd:c2:74:04:59:7e:2c:27:86:d1:dd:a7:bf:1c:91:d8:
92:08:61:58:fe:f6:f0:02:da:98:6d:75:f9:59:3c:f2:14:26:
42:2c:ac:f5:0f:9c:27:f9:47:79:58:71:4e:6a:44:32:39:70:
28:06:18:be:8f:63:22:46:f7:76:b1:cf:4c:7e:3a:03:e9:67:
55:a4:a1:2e:b6:56:af:6a:36:ef:3b:c3:7c:f3:0e:3c:8e:38:
21:9a:fd:15:6d:4c:68:d1:d1:a2:d4:da:ed:1f:f5:0f:8c:9b:
2c:af:14:1b:e1:e3:b9:ed:f3:12:1f:eb:fd:dc:dc:f5:b1:ad:
c8:07:11:ad:1f:85:58:67:db:d5:ec:d7:82:a4:dc:47:44:4d:
0b:80:0a:82:e4:30:14:42:9c:31:8c:8f:9f:b6:fd:27:99:da:
fd:88:9e:d7:27:04:14:28:1a:6f:cf:a8:6f:ee:cf:e1:49:d8:
1c:8b:d0:6d:42:dd:86:6f:3d:c8:f8:02:5e:ff:ac:ba:a8:a9:
47:67:40:e1:bc:dd:ae:a5:c7:b2:7c:d2:97:ad:19:3b:d1:90:
25:c6:a8:61:6b:6e:4a:79:c1:97:63:d2:75:2c:49:69:f6:e2:
cc:c4:46:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNQIltU5bx5AP7oIirzzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjUwMjE3MDAwMDQxWhcNMjUwMjE4MDAwMDQxWjAzMTEwLwYDVQQD
Eyg2NzViODllYTk4ZGFjNWZjYmY0YjgyNmZkYjFlMjFhZTMwZjJjOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkP0c2ohGW1I6TI7EztwrBO9DGrDE
yJZlXEDMOsVFMutG38l/S1GEHJpTTSNeflq+P5j1f6gISkekIxqdjnGtPC0DE/zU
Ke88JkCTJUYvI+yuvDMlMzTz37RFhEdOMYftoVYcgWcywaxPyLCyXDOAnaByITFM
SPVE8mWwlIG249l938C3uGbqvd6Ebevbdf23B1cbd4miCgPE1f4GL8c/Yoc21Ads
+F2IGTggLzX6S2eJ248bJvQtR07zRlHwZHRFEDhMLvL8L2tYn8ZZLbpAHp8ie20d
8WMMcFx+sLNRPFlmJFmJMe2eFhY+jLNWBrlqMJ+syOT3Mwq1e9kADAcdrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdbieqY2sX8v0uCb9seIa4w8smpMB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAntFV4KpA
2yIHZNTnRF3U12Mi0jvNwnQEWX4sJ4bR3ae/HJHYkghhWP728ALamG11+Vk88hQm
Qiys9Q+cJ/lHeVhxTmpEMjlwKAYYvo9jIkb3drHPTH46A+lnVaShLrZWr2o27zvD
fPMOPI44IZr9FW1MaNHRotTa7R/1D4ybLK8UG+Hjue3zEh/r/dzc9bGtyAcRrR+F
WGfb1ezXgqTcR0RNC4AKguQwFEKcMYyPn7b9J5na/Yie1ycEFCgab8+ob+7P4UnY
HIvQbULdhm89yPgCXv+suqipR2dA4bzdrqXHsnzSl60ZO9GQJcaoYWtuSnnBl2PS
dSxJafbizMRGTg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:01 2025 by rpki-client