Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json)
Hash identifier: MIal8dc4ZAnINcQDV3N9gmo57ajYum0Qd9/SuMEeCqw=
Subject key identifier: 7C:D5:F2:0B:61:12:70:37:00:57:96:06:BD:06:5D:60:71:69:1C:C9
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 019511D970208F7DB96C7F02EF486EA19F1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
Manifest number: 0325
Signing time: Mon 17 Feb 2025 03:00:17 +0000
Manifest this update: Mon 17 Feb 2025 03:00:17 +0000
Manifest next update: Tue 18 Feb 2025 03:00:17 +0000
Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=)
2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: hDTrw8CgdB1LrnoJembHS6T0ckpq/fKK+p2G4b5TiNc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:d9:70:20:8f:7d:b9:6c:7f:02:ef:48:6e:a1:9f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Feb 17 03:00:17 2025 GMT
Not After : Feb 18 03:00:17 2025 GMT
Subject: CN=7cd5f20b6112703700579606bd065d6071691cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7b:48:3a:40:c8:f1:5f:90:3e:2a:cc:de:3f:
e9:b7:cd:6e:90:a0:20:3e:37:9b:e3:0c:da:85:0c:
67:2d:fe:e8:38:f9:ce:e0:58:05:eb:e6:d3:70:82:
93:07:1b:c4:c7:da:9f:a3:b9:dd:1a:c8:7e:63:41:
a1:21:66:a9:93:5f:22:51:a5:39:24:9d:53:5e:0d:
83:8e:ae:90:f7:4b:a1:18:e0:f1:7e:7d:1c:ee:ce:
14:14:17:cb:17:f4:32:4e:27:de:0f:ed:3f:e0:3b:
a9:f1:52:69:9c:90:d9:6b:db:af:18:97:d0:91:3f:
4b:1c:ac:49:4f:73:f9:c6:7b:98:e2:8c:25:33:4a:
d6:60:f3:b1:96:7b:f5:d8:9a:57:e5:a7:4c:84:45:
e7:57:ce:19:39:ce:c1:e3:6e:a5:98:81:f6:87:e4:
95:cc:f1:e2:fa:13:c5:cf:ea:9b:8b:3a:35:29:db:
04:37:5b:cf:86:7c:62:45:ef:e0:43:bd:e0:26:fb:
a2:00:8d:62:79:61:29:53:cb:f2:94:69:58:c0:d1:
b4:64:49:b4:c1:ec:6f:ed:46:ff:e5:e2:3a:7b:1e:
64:0a:f7:8b:2f:99:f0:8a:b2:92:28:cc:59:87:ea:
02:49:f4:5a:91:cc:03:7e:ea:05:65:57:6b:fc:ab:
d9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D5:F2:0B:61:12:70:37:00:57:96:06:BD:06:5D:60:71:69:1C:C9
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:37:56:42:57:80:f0:4f:db:c0:a1:f1:b8:11:93:11:9f:fe:
70:76:2c:57:e7:bb:fa:a8:7d:73:89:e9:39:d8:00:cd:db:77:
fe:9a:f9:d3:41:aa:a2:4f:87:8e:42:f7:48:7f:31:28:b4:0d:
45:35:fe:8a:34:9b:ab:d8:5c:d7:fd:02:ed:43:a9:a1:98:46:
82:85:1e:76:66:8f:1f:af:5c:14:4a:8f:d5:ba:b0:89:cf:b5:
9a:38:5d:26:d8:8e:fa:a4:ce:4c:6b:dd:80:8c:2f:32:f4:b8:
46:0a:02:10:1b:10:63:26:05:63:23:95:fa:60:b2:e2:32:c9:
58:3d:c7:10:06:1a:98:58:a5:a4:6c:5d:e1:7f:84:30:1a:9f:
a9:9f:3f:6d:b8:f4:10:b6:e5:1d:d6:e2:03:82:e1:f5:43:2f:
f6:11:3d:8e:90:9a:45:c6:48:21:74:f1:f9:57:f0:76:47:44:
d8:f3:1d:a1:2b:32:a7:f3:44:c0:72:de:0c:41:74:c0:be:1b:
cd:7e:97:8c:2a:d5:12:c0:59:5f:bc:9a:e4:ee:a5:a2:4d:57:
b6:97:05:84:3c:fc:88:74:ca:86:c9:3c:39:a2:a9:48:bc:57:
92:d9:62:c2:41:7d:18:8f:7a:1d:c8:13:ec:37:93:0d:f2:70:
a6:82:da:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2XAgj325bH8C70huoZ8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjUwMjE3MDMwMDE3WhcNMjUwMjE4MDMwMDE3WjAzMTEwLwYDVQQD
Eyg3Y2Q1ZjIwYjYxMTI3MDM3MDA1Nzk2MDZiZDA2NWQ2MDcxNjkxY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3tIOkDI8V+QPirM3j/pt81ukKAg
Pjeb4wzahQxnLf7oOPnO4FgF6+bTcIKTBxvEx9qfo7ndGsh+Y0GhIWapk18iUaU5
JJ1TXg2Djq6Q90uhGODxfn0c7s4UFBfLF/QyTifeD+0/4Dup8VJpnJDZa9uvGJfQ
kT9LHKxJT3P5xnuY4owlM0rWYPOxlnv12JpX5adMhEXnV84ZOc7B426lmIH2h+SV
zPHi+hPFz+qbizo1KdsEN1vPhnxiRe/gQ73gJvuiAI1ieWEpU8vylGlYwNG0ZEm0
wexv7Ub/5eI6ex5kCveLL5nwirKSKMxZh+oCSfRakcwDfuoFZVdr/KvZZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzV8gthEnA3AFeWBr0GXWBxaRzJMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTdWQleA
8E/bwKHxuBGTEZ/+cHYsV+e7+qh9c4npOdgAzdt3/pr500Gqok+HjkL3SH8xKLQN
RTX+ijSbq9hc1/0C7UOpoZhGgoUedmaPH69cFEqP1bqwic+1mjhdJtiO+qTOTGvd
gIwvMvS4RgoCEBsQYyYFYyOV+mCy4jLJWD3HEAYamFilpGxd4X+EMBqfqZ8/bbj0
ELblHdbiA4Lh9UMv9hE9jpCaRcZIIXTx+VfwdkdE2PMdoSsyp/NEwHLeDEF0wL4b
zX6XjCrVEsBZX7ya5O6lok1XtpcFhDz8iHTKhsk8OaKpSLxXktliwkF9GI96HcgT
7DeTDfJwpoLacg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:09 2025 by rpki-client