Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
File: yalITKcIq3cesduQuvyKEUwsPXk.mft (raw, json)
Hash identifier: /bAF5WSlyIrn821hOmzqTusgZXamVYFK82k7XqVADuE=
Subject key identifier: 18:53:E3:A7:2F:8B:AF:BC:3F:D1:7D:D7:56:AC:79:C6:F1:BB:4E:38
Authority key identifier: C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
Certificate issuer: /CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Certificate serial: 0194C3F5BD236A8F95D7DE9D107D43D7612E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
Manifest number: 142F
Signing time: Sun 02 Feb 2025 00:00:49 +0000
Manifest this update: Sun 02 Feb 2025 00:00:49 +0000
Manifest next update: Mon 03 Feb 2025 00:00:49 +0000
Files and hashes: 1: __KLjvjgMO1LuKrx6zZXZJBcRtk.roa (hash: kZSjdOtgx956Q9WcOxsnl5QBMbkPJAPdg2gED1ZbQy4=)
2: xmOvbRNpbfTNvGRi0NGmoChwF8k.roa (hash: 7oU4y3FJaTZ6zlZMUwxbLqzJR9lqEVzJSwfHVW5xI4s=)
3: yalITKcIq3cesduQuvyKEUwsPXk.crl (hash: kTZk0O5Gfhb6dJtjx4Pgec6sjjvSywqm19EI6r5RyG8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:f5:bd:23:6a:8f:95:d7:de:9d:10:7d:43:d7:61:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a9484ca708ab771eb1db90bafc8a114c2c3d79
Validity
Not Before: Feb 2 00:00:49 2025 GMT
Not After : Feb 3 00:00:49 2025 GMT
Subject: CN=1853e3a72f8bafbc3fd17dd756ac79c6f1bb4e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:95:6f:59:d1:24:71:43:83:99:15:d0:91:6e:
e4:6e:0c:6c:22:67:77:f2:ad:4a:4f:bf:ff:0e:60:
fa:69:9b:10:47:0e:a3:f4:9a:6c:5b:6a:28:0c:4e:
48:cc:f4:09:3b:4c:0c:78:c3:bf:d8:a0:d8:ce:47:
b8:d4:3c:49:8a:22:bf:b4:fc:58:06:86:9d:92:3c:
42:34:33:4d:39:98:47:a3:49:d0:72:bd:3e:5c:fb:
0d:a0:4f:91:f0:a0:c2:19:ca:26:cf:2f:7f:09:3a:
32:be:01:d3:4c:18:51:d8:84:25:a4:32:f1:f6:f0:
07:1b:3c:23:db:aa:52:db:c8:4e:73:2c:b5:30:af:
a9:73:e7:d6:1e:f2:c3:36:24:6a:4e:e0:79:a8:d4:
bd:86:57:f3:65:80:dc:83:36:6a:b5:87:bc:ca:08:
43:11:07:16:9f:28:42:90:2a:f2:97:21:22:c9:25:
8c:59:55:25:1f:8d:bd:dd:d0:f9:d4:32:4c:fa:4e:
ae:79:3e:8d:7c:b1:9a:73:ae:c5:c1:a1:a8:62:5a:
85:97:57:f5:3c:78:9d:f7:03:0c:89:32:da:a7:37:
2f:26:be:c2:58:5f:c2:95:01:66:5b:ba:06:dd:2d:
03:0d:cc:fb:4f:be:38:e5:60:e4:22:9f:76:c1:f5:
a9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:53:E3:A7:2F:8B:AF:BC:3F:D1:7D:D7:56:AC:79:C6:F1:BB:4E:38
X509v3 Authority Key Identifier:
keyid:C9:A9:48:4C:A7:08:AB:77:1E:B1:DB:90:BA:FC:8A:11:4C:2C:3D:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yalITKcIq3cesduQuvyKEUwsPXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/25e660-4056-42cc-a8b0-d0517db26dad/1/yalITKcIq3cesduQuvyKEUwsPXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:6f:22:05:e8:a9:ac:5f:87:78:a6:b6:a4:15:be:9a:55:11:
3b:e2:4c:d7:61:fd:25:ab:cf:43:dd:9d:f5:51:96:9a:91:bc:
c4:f3:39:1e:19:ea:98:da:e0:b0:02:d6:e7:5a:d6:6c:f4:44:
16:d4:37:10:a7:18:5d:16:a2:14:7b:c5:3a:3f:26:4b:e2:9e:
41:54:9b:b8:75:62:cf:bc:d7:1d:ac:bd:c7:25:78:d9:e4:c1:
82:5a:2b:a4:ea:d0:62:11:9d:27:58:3c:ec:b4:19:2a:91:f8:
ec:12:80:20:80:5a:ce:91:af:20:0a:e8:b8:cf:49:64:90:a7:
bc:0d:94:f5:8b:2a:3b:c2:5b:0d:c9:f4:42:ce:89:a6:99:b4:
13:e4:93:42:52:a6:24:b9:8d:4c:ea:bf:11:55:2f:65:1e:a7:
59:02:dd:e9:83:e2:ca:95:1c:ad:55:eb:89:49:52:e8:3e:4d:
a7:38:0b:35:15:e7:9c:be:b1:04:e3:61:31:5c:43:fc:03:73:
4f:b0:57:11:8b:3b:65:91:37:27:c2:cf:35:94:a4:07:5a:12:
ff:a5:18:cf:f4:07:f9:83:c2:df:b6:c7:7e:e9:fc:64:4c:a7:
d1:ef:29:1f:58:d8:df:0a:dd:31:82:43:ce:d4:e2:88:bb:4e:
83:37:dd:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTD9b0jao+V196dEH1D12EuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTk0ODRjYTcwOGFiNzcxZWIxZGI5MGJhZmM4YTExNGMy
YzNkNzkwHhcNMjUwMjAyMDAwMDQ5WhcNMjUwMjAzMDAwMDQ5WjAzMTEwLwYDVQQD
EygxODUzZTNhNzJmOGJhZmJjM2ZkMTdkZDc1NmFjNzljNmYxYmI0ZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpVvWdEkcUODmRXQkW7kbgxsImd3
8q1KT7//DmD6aZsQRw6j9JpsW2ooDE5IzPQJO0wMeMO/2KDYzke41DxJiiK/tPxY
BoadkjxCNDNNOZhHo0nQcr0+XPsNoE+R8KDCGcomzy9/CToyvgHTTBhR2IQlpDLx
9vAHGzwj26pS28hOcyy1MK+pc+fWHvLDNiRqTuB5qNS9hlfzZYDcgzZqtYe8yghD
EQcWnyhCkCrylyEiySWMWVUlH4293dD51DJM+k6ueT6NfLGac67FwaGoYlqFl1f1
PHid9wMMiTLapzcvJr7CWF/ClQFmW7oG3S0DDcz7T7445WDkIp92wfWpkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhT46cvi6+8P9F911asecbxu044MB8GA1UdIwQY
MBaAFMmpSEynCKt3HrHbkLr8ihFMLD15MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAt
ZDA1MTdkYjI2ZGFkLzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yNWU2NjAtNDA1Ni00MmNjLWE4YjAtZDA1MTdkYjI2ZGFk
LzEveWFsSVRLY0lxM2Nlc2R1UXV2eUtFVXdzUFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtG8iBeip
rF+HeKa2pBW+mlURO+JM12H9JavPQ92d9VGWmpG8xPM5HhnqmNrgsALW51rWbPRE
FtQ3EKcYXRaiFHvFOj8mS+KeQVSbuHViz7zXHay9xyV42eTBglorpOrQYhGdJ1g8
7LQZKpH47BKAIIBazpGvIArouM9JZJCnvA2U9YsqO8JbDcn0Qs6Jppm0E+STQlKm
JLmNTOq/EVUvZR6nWQLd6YPiypUcrVXriUlS6D5NpzgLNRXnnL6xBONhMVxD/ANz
T7BXEYs7ZZE3J8LPNZSkB1oS/6UYz/QH+YPC37bHfun8ZEyn0e8pH1jY3wrdMYJD
ztTiiLtOgzfdoQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:04:41 2025 by rpki-client