Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
File: UFZxLM-od6u3YMt34nBBd0ywRzk.mft (raw, json)
Hash identifier: EcKiDh99zIz2NkRNclALlGg7BkO2Mo3+eAMfmkgAWsE=
Subject key identifier: B0:60:DB:68:A4:3B:02:C7:AB:CF:0D:1B:11:47:22:CC:E7:E1:50:C2
Authority key identifier: 50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
Certificate issuer: /CN=5056712ccfa877abb760cb77e27041774cb04739
Certificate serial: 0194C38775C20807990929ED35729219E7C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
Manifest number: 1432
Signing time: Sat 01 Feb 2025 22:00:21 +0000
Manifest this update: Sat 01 Feb 2025 22:00:21 +0000
Manifest next update: Sun 02 Feb 2025 22:00:21 +0000
Files and hashes: 1: KkYiM3e0iOAnAg_yFBFSK_bjJl8.roa (hash: 5A5Vdre+g6oCjMH5zABiFnTSkWahsDuZjsJoxbwHMo0=)
2: UFZxLM-od6u3YMt34nBBd0ywRzk.crl (hash: XTJZkYCvect/clObRfUukvS7mx9pWFT2pN3z6+OcaU4=)
3: _Q23PPlL8v2niGzmSooSDUdLWSk.roa (hash: 8JwVrSvS2kxaZsRD1vVjitt0fjw3hWWmjxqgx0yIUoc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:87:75:c2:08:07:99:09:29:ed:35:72:92:19:e7:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5056712ccfa877abb760cb77e27041774cb04739
Validity
Not Before: Feb 1 22:00:21 2025 GMT
Not After : Feb 2 22:00:21 2025 GMT
Subject: CN=b060db68a43b02c7abcf0d1b114722cce7e150c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:51:1e:3a:a2:29:2a:f4:a2:60:01:c9:6b:a2:
10:d8:6d:20:97:75:24:dd:4d:11:0e:4e:5e:51:7a:
4b:d7:d7:6b:3b:0d:05:29:cc:ab:7d:c0:f5:47:d7:
29:38:5a:25:95:e7:d5:ec:45:e7:55:f6:27:be:d9:
20:69:e5:49:b8:c0:a1:a1:b8:03:43:9a:da:2c:d3:
10:cd:05:c6:1e:c6:6d:6a:f0:7a:f7:ce:af:c1:1c:
5e:1e:b6:42:5e:e6:d8:0f:bf:68:17:e3:89:c8:fd:
69:31:b1:55:10:50:06:ae:c6:47:e4:ad:9c:7e:93:
87:a2:63:6c:2c:09:b5:c4:62:df:60:e6:81:d0:96:
d1:d4:ff:ae:60:c7:55:5f:ff:3a:91:b9:dc:e9:ea:
00:37:c9:5a:1e:64:2a:ee:c2:c6:14:1f:77:bf:1b:
42:69:aa:e6:37:96:e9:c2:b3:b7:72:15:50:b4:74:
90:85:c2:f7:55:e6:62:95:11:1f:51:0f:25:f8:36:
98:6f:e6:fb:8c:02:b5:cb:6b:0e:0c:42:46:a3:27:
0b:37:40:c3:6b:18:09:69:f6:56:0f:e3:db:47:c0:
71:7f:60:21:cf:dd:94:00:2d:c4:a9:e6:c8:2f:4c:
6c:bb:cf:1c:92:04:d9:d8:2f:04:b4:a8:76:fa:b7:
1c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:60:DB:68:A4:3B:02:C7:AB:CF:0D:1B:11:47:22:CC:E7:E1:50:C2
X509v3 Authority Key Identifier:
keyid:50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:80:91:d6:0f:07:e6:20:44:17:16:20:f0:97:5d:e1:e5:26:
f1:cf:15:c0:07:3d:5b:c5:fd:0e:b2:eb:f3:73:60:6f:44:1f:
fd:28:87:86:3b:a2:c6:15:a5:e2:8d:66:b3:29:d5:cb:0c:83:
fe:91:12:5e:dc:0f:23:d0:28:7e:0c:ec:aa:6a:f3:08:d6:31:
59:77:6e:c4:4b:0d:52:4a:99:18:b7:83:d9:43:dd:34:f1:a3:
f2:b2:07:5d:57:fe:b5:84:b6:15:26:c8:7f:c0:68:99:9a:80:
90:af:82:d8:27:6a:0e:33:e8:59:32:1d:5c:fd:ad:50:ff:cf:
16:b1:0a:ce:ec:33:95:d5:49:99:34:18:cb:26:c0:09:b2:eb:
9f:eb:85:02:9f:17:8f:49:db:f4:a1:ff:77:0d:98:b5:d1:42:
14:d0:2d:6e:50:a6:4c:81:a1:05:6d:c4:6a:75:3c:37:0a:5f:
88:17:74:2b:af:90:ef:4b:32:69:3c:12:1b:91:2d:ee:e0:f8:
55:af:66:61:a2:ab:41:64:c7:71:0a:b3:23:49:cc:62:a5:aa:
e6:24:42:00:b9:e1:2f:3c:f8:7a:1e:2e:8c:3b:76:8a:6c:28:
4b:2d:93:62:cf:e5:34:cc:60:f1:b3:59:91:e7:b6:49:37:a5:
2f:42:1e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh3XCCAeZCSntNXKSGefEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTY3MTJjY2ZhODc3YWJiNzYwY2I3N2UyNzA0MTc3NGNi
MDQ3MzkwHhcNMjUwMjAxMjIwMDIxWhcNMjUwMjAyMjIwMDIxWjAzMTEwLwYDVQQD
EyhiMDYwZGI2OGE0M2IwMmM3YWJjZjBkMWIxMTQ3MjJjY2U3ZTE1MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVEeOqIpKvSiYAHJa6IQ2G0gl3Uk
3U0RDk5eUXpL19drOw0FKcyrfcD1R9cpOFollefV7EXnVfYnvtkgaeVJuMChobgD
Q5raLNMQzQXGHsZtavB6986vwRxeHrZCXubYD79oF+OJyP1pMbFVEFAGrsZH5K2c
fpOHomNsLAm1xGLfYOaB0JbR1P+uYMdVX/86kbnc6eoAN8laHmQq7sLGFB93vxtC
aarmN5bpwrO3chVQtHSQhcL3VeZilREfUQ8l+DaYb+b7jAK1y2sODEJGoycLN0DD
axgJafZWD+PbR8Bxf2Ahz92UAC3EqebIL0xsu88ckgTZ2C8EtKh2+rccQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBg22ikOwLHq88NGxFHIszn4VDCMB8GA1UdIwQY
MBaAFFBWcSzPqHert2DLd+JwQXdMsEc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGIt
Zjg0YjYwNTIxZGY1LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGItZjg0YjYwNTIxZGY1
LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4CR1g8H
5iBEFxYg8Jdd4eUm8c8VwAc9W8X9DrLr83Ngb0Qf/SiHhjuixhWl4o1msynVywyD
/pESXtwPI9AofgzsqmrzCNYxWXduxEsNUkqZGLeD2UPdNPGj8rIHXVf+tYS2FSbI
f8BomZqAkK+C2CdqDjPoWTIdXP2tUP/PFrEKzuwzldVJmTQYyybACbLrn+uFAp8X
j0nb9KH/dw2YtdFCFNAtblCmTIGhBW3EanU8NwpfiBd0K6+Q70syaTwSG5Et7uD4
Va9mYaKrQWTHcQqzI0nMYqWq5iRCALnhLzz4eh4ujDt2imwoSy2TYs/lNMxg8bNZ
kee2STelL0IeyQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:50:58 2025 by rpki-client