Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
File: nGfqNKARpHc4cVg-w5VOeR2MAo0.mft (raw, json)
Hash identifier: jI+twA7kEd3E/VWXDN2XGydAKxburNGVYEopqzjd6MM=
Subject key identifier: 8C:CD:49:79:1F:46:3B:3E:FD:D2:FA:7C:2C:3F:AD:0A:6C:14:CD:29
Authority key identifier: 9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
Certificate issuer: /CN=9c67ea34a011a4773871583ec3954e791d8c028d
Certificate serial: 019511A2E43A341F0F11E21472AD25C61F9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
Manifest number: 0B3B
Signing time: Mon 17 Feb 2025 02:00:42 +0000
Manifest this update: Mon 17 Feb 2025 02:00:42 +0000
Manifest next update: Tue 18 Feb 2025 02:00:42 +0000
Files and hashes: 1: NCPzn1GpZq4vT4gRDeBcmpEUhRQ.roa (hash: Vq8Q1+OKJnlcLx/yX0O6NcYNdeQRXSpw2T1WMWL6+Zw=)
2: nGfqNKARpHc4cVg-w5VOeR2MAo0.crl (hash: rbjIDgxqJwbb3I3K0KhZu2CnvkErpCGd/bODWUEwUeA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:a2:e4:3a:34:1f:0f:11:e2:14:72:ad:25:c6:1f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c67ea34a011a4773871583ec3954e791d8c028d
Validity
Not Before: Feb 17 02:00:42 2025 GMT
Not After : Feb 18 02:00:42 2025 GMT
Subject: CN=8ccd49791f463b3efdd2fa7c2c3fad0a6c14cd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a0:ad:6f:c1:71:29:84:f2:92:4a:ab:5c:c7:
67:c9:0d:cd:b9:d4:27:a4:76:2a:81:41:d0:94:32:
51:88:6d:15:0e:06:4b:9f:1c:ec:65:73:3f:98:4f:
1e:36:98:13:e3:94:79:a0:d4:64:80:47:1d:37:32:
c0:5b:8f:f8:1e:39:98:2d:d3:1b:cb:4f:6f:60:7f:
52:c6:01:a2:b7:1c:25:24:25:4d:91:d2:a7:84:83:
3a:0c:60:91:4d:2f:a5:23:4b:be:bc:75:75:5e:11:
68:69:7c:ce:8f:39:5c:7d:a8:1b:c1:c9:f0:df:5c:
39:1e:c9:04:19:0f:6d:8d:d1:1c:b9:68:f2:59:21:
60:2c:ca:c9:8a:4f:fe:2c:55:77:e9:a5:3d:22:77:
68:4c:ae:7a:43:0b:cc:17:3e:4a:ba:c7:dd:72:de:
dd:6f:af:67:da:68:95:32:3d:a5:b5:4c:ea:db:ce:
ca:76:6c:95:0c:30:55:b9:75:b3:22:09:a0:67:84:
a0:e7:98:3a:4e:1c:a7:79:23:99:c6:91:1b:52:26:
50:87:96:b3:46:51:80:26:70:01:92:3b:f1:a6:60:
45:8e:b5:af:98:ed:d7:1d:ca:9c:f4:21:89:1e:76:
74:97:cd:cd:29:45:a8:57:33:6b:a9:72:58:58:99:
d0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CD:49:79:1F:46:3B:3E:FD:D2:FA:7C:2C:3F:AD:0A:6C:14:CD:29
X509v3 Authority Key Identifier:
keyid:9C:67:EA:34:A0:11:A4:77:38:71:58:3E:C3:95:4E:79:1D:8C:02:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGfqNKARpHc4cVg-w5VOeR2MAo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8669d3-76cd-4cb0-8278-82c67c69e923/1/nGfqNKARpHc4cVg-w5VOeR2MAo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:66:6b:c6:97:88:28:a4:38:ac:2e:ed:42:08:82:29:0b:f2:
60:74:b6:85:d0:56:af:bd:4d:f0:19:2d:f3:7a:8a:86:49:49:
49:6f:fc:2b:75:dc:2e:16:7c:7a:c4:0f:27:51:11:42:81:66:
4e:19:3b:53:dd:a4:e9:82:f8:3f:30:51:3f:f8:7e:bd:df:53:
df:e2:ce:3c:f8:8c:7e:ee:af:e0:da:51:31:2e:43:41:d4:c1:
19:e1:02:46:40:0a:d3:5c:36:18:7b:4f:31:f3:17:a8:d0:e8:
96:8d:48:b9:d4:81:c4:98:06:03:57:52:1f:c3:76:b5:1b:5e:
35:d2:a8:93:83:32:28:98:cf:64:25:52:b2:14:ac:4f:27:58:
c4:1e:33:2a:82:a1:70:d4:ed:e0:0b:23:70:be:96:3d:21:b7:
67:da:73:a7:69:8d:8a:67:42:ba:a1:81:bc:28:17:1b:af:8f:
5f:f7:a8:8b:9b:92:d6:5e:7a:a9:cd:d7:99:03:68:25:1c:70:
f2:59:be:12:06:0c:34:4c:95:5e:f2:89:b1:6c:9d:97:37:c6:
0d:9a:03:c6:71:ba:af:4b:d7:d4:30:94:18:d7:84:74:26:a8:
d0:fd:92:b9:be:a0:5f:70:a9:a3:f6:e3:40:fc:c4:1e:f7:83:
71:96:97:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURouQ6NB8PEeIUcq0lxh+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjdlYTM0YTAxMWE0NzczODcxNTgzZWMzOTU0ZTc5MWQ4
YzAyOGQwHhcNMjUwMjE3MDIwMDQyWhcNMjUwMjE4MDIwMDQyWjAzMTEwLwYDVQQD
Eyg4Y2NkNDk3OTFmNDYzYjNlZmRkMmZhN2MyYzNmYWQwYTZjMTRjZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKCtb8FxKYTykkqrXMdnyQ3NudQn
pHYqgUHQlDJRiG0VDgZLnxzsZXM/mE8eNpgT45R5oNRkgEcdNzLAW4/4HjmYLdMb
y09vYH9SxgGitxwlJCVNkdKnhIM6DGCRTS+lI0u+vHV1XhFoaXzOjzlcfagbwcnw
31w5HskEGQ9tjdEcuWjyWSFgLMrJik/+LFV36aU9IndoTK56QwvMFz5Kusfdct7d
b69n2miVMj2ltUzq287KdmyVDDBVuXWzIgmgZ4Sg55g6ThyneSOZxpEbUiZQh5az
RlGAJnABkjvxpmBFjrWvmO3XHcqc9CGJHnZ0l83NKUWoVzNrqXJYWJnQqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzNSXkfRjs+/dL6fCw/rQpsFM0pMB8GA1UdIwQY
MBaAFJxn6jSgEaR3OHFYPsOVTnkdjAKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgt
ODJjNjdjNjllOTIzLzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS84NjY5ZDMtNzZjZC00Y2IwLTgyNzgtODJjNjdjNjllOTIz
LzEvbkdmcU5LQVJwSGM0Y1ZnLXc1Vk9lUjJNQW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWZrxpeI
KKQ4rC7tQgiCKQvyYHS2hdBWr71N8Bkt83qKhklJSW/8K3XcLhZ8esQPJ1ERQoFm
Thk7U92k6YL4PzBRP/h+vd9T3+LOPPiMfu6v4NpRMS5DQdTBGeECRkAK01w2GHtP
MfMXqNDolo1IudSBxJgGA1dSH8N2tRteNdKok4MyKJjPZCVSshSsTydYxB4zKoKh
cNTt4AsjcL6WPSG3Z9pzp2mNimdCuqGBvCgXG6+PX/eoi5uS1l56qc3XmQNoJRxw
8lm+EgYMNEyVXvKJsWydlzfGDZoDxnG6r0vX1DCUGNeEdCao0P2Sub6gX3Cpo/bj
QPzEHveDcZaXDg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:43 2025 by rpki-client