Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: 2Ya2I3Y2/ARC3des3REmi9kIwOrYLU6hHDFrIqlZ6mI=
Subject key identifier: 7B:D6:F0:19:CA:4B:98:F7:6B:40:09:6C:34:1D:5A:00:03:12:C4:8C
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 0195116BE30EE65805F31A970BD18D0FC086
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 13C5
Signing time: Mon 17 Feb 2025 01:00:37 +0000
Manifest this update: Mon 17 Feb 2025 01:00:37 +0000
Manifest next update: Tue 18 Feb 2025 01:00:37 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: NEMxbGQxC0NzwDzBjFYb4SRS/v25uyc4Zklc6BprTAo=)
2: 42kA1PGA8no_1otOl8ofpG12v3U.roa (hash: xUXq/2K3klfSiQDOaLNutcuHJyhv84PrwrhgM3PQUAM=)
3: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (hash: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:6b:e3:0e:e6:58:05:f3:1a:97:0b:d1:8d:0f:c0:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Feb 17 01:00:37 2025 GMT
Not After : Feb 18 01:00:37 2025 GMT
Subject: CN=7bd6f019ca4b98f76b40096c341d5a000312c48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b1:ef:17:ad:88:93:64:94:26:ec:00:9c:97:
61:f5:d6:95:3a:cc:23:77:5c:58:12:b8:57:ab:f7:
8b:40:93:39:b7:cb:14:00:e2:46:58:01:f0:27:aa:
be:4b:c6:85:4c:75:e5:ac:5c:33:b1:ae:ea:74:95:
05:2d:1c:a9:7d:26:6e:02:35:b2:52:63:18:79:92:
8e:8a:f3:07:09:93:b5:4e:b1:9f:85:a6:c2:25:83:
c3:4c:7f:01:da:81:dd:4c:ea:36:b0:25:da:9c:c3:
61:90:23:34:ad:9b:0c:a2:a9:47:19:db:ce:f0:89:
f1:a8:ff:04:83:18:af:4c:c3:a4:28:02:92:0d:12:
f9:41:49:40:eb:49:1b:fe:b9:4f:03:ca:99:6e:05:
c3:92:b4:0b:f5:8a:a4:bd:f2:6b:f5:75:f1:96:78:
d6:f6:1d:53:59:6b:28:e7:22:bb:a6:e7:41:54:10:
d4:70:e8:93:2a:86:f6:6f:ae:c8:13:ef:54:c2:4a:
1d:9d:05:98:dc:65:fd:5a:19:5a:87:de:41:ae:88:
bd:8a:ad:26:1d:7c:72:dc:60:ff:78:86:fd:85:1b:
8d:52:86:b0:68:37:cb:38:16:59:4c:8f:ea:59:24:
47:1d:e9:a4:f0:46:c3:1d:74:cf:9b:ad:72:52:00:
f6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D6:F0:19:CA:4B:98:F7:6B:40:09:6C:34:1D:5A:00:03:12:C4:8C
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:2e:45:04:23:ca:7b:86:c1:69:e6:8f:82:af:43:25:9d:38:
02:8d:87:3b:d8:72:9d:2d:e7:00:2c:35:bf:0d:39:bf:7d:3f:
65:2a:59:0f:10:ef:ab:d4:38:1d:1b:fa:bc:b3:1b:13:a0:ba:
45:d5:ea:80:b8:a9:28:09:32:fe:af:14:b5:6c:c6:22:cf:84:
02:05:c9:7a:7c:6d:a8:04:fa:1e:97:8c:c8:a5:76:62:a3:58:
66:d8:e1:e9:d9:74:4e:dc:5d:e2:74:a1:17:46:1d:ed:7d:ac:
d9:15:20:d2:f1:28:c5:45:9f:29:f1:77:b6:76:c8:f3:60:6f:
37:9e:aa:e3:f7:c9:80:60:73:fd:e5:28:49:74:d0:3e:3b:24:
00:0a:cd:f0:dd:1d:74:1c:22:71:fb:17:a4:d1:65:94:dc:a8:
7c:57:a6:33:ae:7e:1d:1a:f3:5d:16:52:9f:59:2f:37:43:c5:
80:20:f1:fd:c6:76:83:0e:d2:fc:11:45:29:55:31:a0:3d:e7:
e9:e4:b4:47:ed:6a:3a:03:e4:ec:97:f5:7c:08:51:e3:f4:33:
5e:ee:e3:1f:92:42:af:23:7a:7a:f3:ff:2f:c3:d3:8c:35:28:
2f:1e:e8:ae:12:57:d3:74:1d:34:8e:01:a5:59:aa:d1:a7:d4:
4b:37:02:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURa+MO5lgF8xqXC9GND8CGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUwMjE3MDEwMDM3WhcNMjUwMjE4MDEwMDM3WjAzMTEwLwYDVQQD
Eyg3YmQ2ZjAxOWNhNGI5OGY3NmI0MDA5NmMzNDFkNWEwMDAzMTJjNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurHvF62Ik2SUJuwAnJdh9daVOswj
d1xYErhXq/eLQJM5t8sUAOJGWAHwJ6q+S8aFTHXlrFwzsa7qdJUFLRypfSZuAjWy
UmMYeZKOivMHCZO1TrGfhabCJYPDTH8B2oHdTOo2sCXanMNhkCM0rZsMoqlHGdvO
8InxqP8EgxivTMOkKAKSDRL5QUlA60kb/rlPA8qZbgXDkrQL9YqkvfJr9XXxlnjW
9h1TWWso5yK7pudBVBDUcOiTKob2b67IE+9UwkodnQWY3GX9Whlah95Broi9iq0m
HXxy3GD/eIb9hRuNUoawaDfLOBZZTI/qWSRHHemk8EbDHXTPm61yUgD2gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvW8BnKS5j3a0AJbDQdWgADEsSMMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZi5FBCPK
e4bBaeaPgq9DJZ04Ao2HO9hynS3nACw1vw05v30/ZSpZDxDvq9Q4HRv6vLMbE6C6
RdXqgLipKAky/q8UtWzGIs+EAgXJenxtqAT6HpeMyKV2YqNYZtjh6dl0Ttxd4nSh
F0Yd7X2s2RUg0vEoxUWfKfF3tnbI82BvN56q4/fJgGBz/eUoSXTQPjskAArN8N0d
dBwicfsXpNFllNyofFemM65+HRrzXRZSn1kvN0PFgCDx/cZ2gw7S/BFFKVUxoD3n
6eS0R+1qOgPk7Jf1fAhR4/QzXu7jH5JCryN6evP/L8PTjDUoLx7orhJX03QdNI4B
pVmq0afUSzcCag==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:30 2025 by rpki-client