Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
File: 1ehYR8xEuGECJwu9do5MPOuhyYg.mft (raw, json)
Hash identifier: aYngIKRuWWKth/LImGtdxRPlpAsRF4NxDykuDfNhxuc=
Subject key identifier: F1:CE:86:83:82:D3:E7:7F:F8:6B:0C:85:08:F4:9A:CA:11:37:6F:15
Authority key identifier: D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
Certificate issuer: /CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Certificate serial: 0195127E3013F0B1EB7DAB67052D58DAE5B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
Manifest number: 02E8
Signing time: Mon 17 Feb 2025 06:00:14 +0000
Manifest this update: Mon 17 Feb 2025 06:00:14 +0000
Manifest next update: Tue 18 Feb 2025 06:00:14 +0000
Files and hashes: 1: 1ehYR8xEuGECJwu9do5MPOuhyYg.crl (hash: 7xX0vnvmlfTA3l8tz/S1njbl9B03ZsJ8tMzvY0DvkFQ=)
2: HP2XU4ErP340JMFJBkwhXt7RSkM.roa (hash: jqU/k+IA4J2nUGc2ePon/4S6+Kq7gFeDjcwyWdzFAK4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:7e:30:13:f0:b1:eb:7d:ab:67:05:2d:58:da:e5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e85847cc44b86102270bbd768e4c3ceba1c988
Validity
Not Before: Feb 17 06:00:14 2025 GMT
Not After : Feb 18 06:00:14 2025 GMT
Subject: CN=f1ce868382d3e77ff86b0c8508f49aca11376f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bb:9c:8e:cd:37:74:d9:db:cd:c2:6f:69:0c:
c8:b4:33:6b:6c:62:3c:60:1a:0c:a1:81:6b:97:98:
04:95:a8:67:7e:c7:47:a9:6f:e3:64:37:66:ec:4d:
6f:7c:1a:d4:68:5c:d9:1c:61:00:b7:48:e1:df:1c:
35:1a:18:ae:4e:d3:14:09:a2:20:0b:93:a0:95:81:
21:e5:35:e8:05:ed:b7:7d:bf:0a:70:c2:b9:22:19:
dd:43:c6:b5:b6:b3:3d:d0:26:de:b5:2f:16:bf:03:
2a:71:5d:4c:ec:61:76:b9:69:00:fd:24:51:15:fc:
a6:ab:c7:01:d2:39:fe:02:98:69:76:00:b3:7c:c6:
76:8d:8b:87:51:ff:14:b1:5f:36:a9:17:f7:08:4d:
47:3b:c9:d5:6d:9c:c2:08:7d:a8:2b:1d:fb:17:87:
49:31:ae:76:d2:dc:c4:bd:c7:8f:ba:3c:d7:46:ba:
c6:b3:83:2a:bd:3b:0c:bb:77:ef:71:ec:68:61:b5:
3f:a7:6c:a3:5d:e9:a4:87:b0:6f:49:9a:f4:40:40:
01:83:f0:2f:b2:8b:c8:15:7a:46:24:8a:f1:43:32:
80:0b:32:de:ca:cc:f7:fc:68:3a:ce:5f:af:41:4c:
5b:b6:9f:39:63:47:28:b3:75:34:65:db:7f:54:1f:
d8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CE:86:83:82:D3:E7:7F:F8:6B:0C:85:08:F4:9A:CA:11:37:6F:15
X509v3 Authority Key Identifier:
keyid:D5:E8:58:47:CC:44:B8:61:02:27:0B:BD:76:8E:4C:3C:EB:A1:C9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ehYR8xEuGECJwu9do5MPOuhyYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/83f956-e18d-4738-bd6a-729c0f43414d/1/1ehYR8xEuGECJwu9do5MPOuhyYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:2b:b1:3f:b3:94:da:99:6e:2f:12:a2:24:fc:7c:41:4e:c4:
8e:e7:fc:cd:86:2e:ed:0b:94:bf:89:2d:e8:8a:41:7f:35:28:
94:9b:c9:e2:89:0e:c9:7d:14:ec:44:3a:52:0c:22:e6:7d:24:
9f:1f:c2:33:df:c8:16:4d:38:50:b1:61:0a:75:d9:83:06:e3:
60:82:a0:bd:fc:c5:30:a3:db:d9:6b:8c:c5:0d:3e:40:c2:ed:
96:f1:48:f9:db:0c:40:c4:1f:c4:55:0a:5b:56:07:4a:97:e9:
4b:f4:84:cf:15:0e:da:9c:ed:dd:b8:d4:39:fd:0f:83:2a:f0:
15:b6:1c:26:44:9d:af:a3:45:f3:7e:3c:ca:68:f3:7b:13:ba:
d9:8a:f4:cd:e0:1c:bd:a1:bf:bb:67:38:52:c2:b9:1e:1a:6c:
3f:7d:a7:3c:39:75:5b:48:2c:55:08:c3:35:38:17:c7:20:37:
68:6c:67:58:e5:5f:b9:06:84:2f:ad:04:3b:04:ae:73:59:c1:
a3:55:fd:58:8a:5d:0f:25:39:c7:bb:84:5e:94:26:4c:1c:64:
8c:11:fa:4d:72:48:0e:a5:e7:80:44:cd:fc:f4:ea:50:24:6b:
c2:87:81:3e:df:71:9f:03:84:91:26:75:f3:17:77:c3:90:82:
02:e2:a9:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSfjAT8LHrfatnBS1Y2uWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTg1ODQ3Y2M0NGI4NjEwMjI3MGJiZDc2OGU0YzNjZWJh
MWM5ODgwHhcNMjUwMjE3MDYwMDE0WhcNMjUwMjE4MDYwMDE0WjAzMTEwLwYDVQQD
EyhmMWNlODY4MzgyZDNlNzdmZjg2YjBjODUwOGY0OWFjYTExMzc2ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbucjs03dNnbzcJvaQzItDNrbGI8
YBoMoYFrl5gElahnfsdHqW/jZDdm7E1vfBrUaFzZHGEAt0jh3xw1GhiuTtMUCaIg
C5OglYEh5TXoBe23fb8KcMK5IhndQ8a1trM90CbetS8WvwMqcV1M7GF2uWkA/SRR
Ffymq8cB0jn+AphpdgCzfMZ2jYuHUf8UsV82qRf3CE1HO8nVbZzCCH2oKx37F4dJ
Ma520tzEvcePujzXRrrGs4MqvTsMu3fvcexoYbU/p2yjXemkh7BvSZr0QEABg/Av
sovIFXpGJIrxQzKACzLeysz3/Gg6zl+vQUxbtp85Y0cos3U0Zdt/VB/YfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHOhoOC0+d/+GsMhQj0msoRN28VMB8GA1UdIwQY
MBaAFNXoWEfMRLhhAicLvXaOTDzrocmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEt
NzI5YzBmNDM0MTRkLzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84M2Y5NTYtZTE4ZC00NzM4LWJkNmEtNzI5YzBmNDM0MTRk
LzEvMWVoWVI4eEV1R0VDSnd1OWRvNU1QT3VoeVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALCuxP7OU
2pluLxKiJPx8QU7Ejuf8zYYu7QuUv4kt6IpBfzUolJvJ4okOyX0U7EQ6Ugwi5n0k
nx/CM9/IFk04ULFhCnXZgwbjYIKgvfzFMKPb2WuMxQ0+QMLtlvFI+dsMQMQfxFUK
W1YHSpfpS/SEzxUO2pzt3bjUOf0PgyrwFbYcJkSdr6NF8348ymjzexO62Yr0zeAc
vaG/u2c4UsK5HhpsP32nPDl1W0gsVQjDNTgXxyA3aGxnWOVfuQaEL60EOwSuc1nB
o1X9WIpdDyU5x7uEXpQmTBxkjBH6TXJIDqXngETN/PTqUCRrwoeBPt9xnwOEkSZ1
8xd3w5CCAuKpBA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:47 2025 by rpki-client