Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: xe/rOkhKnVgfa0S2P1LIxseDot5XQc3Og67NIVQ11jU=
Subject key identifier: 5B:02:08:CB:81:18:21:9E:98:78:CE:7C:FE:E0:22:BE:5B:08:F4:2E
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 0194C507F0ABC13EAB1D3553B16F24484BA6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 123C
Signing time: Sun 02 Feb 2025 05:00:19 +0000
Manifest this update: Sun 02 Feb 2025 05:00:19 +0000
Manifest next update: Mon 03 Feb 2025 05:00:19 +0000
Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: 1cAGo8IdnyMC8KiTmf2E17YEnG0LN3fL+oHqgh3Z3Vs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c5:07:f0:ab:c1:3e:ab:1d:35:53:b1:6f:24:48:4b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Feb 2 05:00:19 2025 GMT
Not After : Feb 3 05:00:19 2025 GMT
Subject: CN=5b0208cb8118219e9878ce7cfee022be5b08f42e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:da:5f:22:0e:55:77:a4:51:99:2b:11:dd:e6:
13:be:35:c9:a0:8b:ab:d7:61:49:c4:0d:6c:35:d0:
45:d2:2d:26:7c:8f:ce:d8:39:9d:f6:b1:93:62:30:
a2:1b:53:ce:f6:96:a5:92:19:f1:2b:82:1e:28:8b:
19:04:9b:c0:60:74:69:28:a2:60:43:00:f4:75:e8:
70:41:6d:14:31:7e:db:2b:44:e0:55:54:8a:b5:15:
64:91:41:1e:e0:52:39:96:26:f6:72:f4:fe:97:51:
66:df:cb:81:13:72:e8:5b:e7:f3:5d:8b:9a:7a:09:
d4:92:d6:d2:58:b3:d5:4e:0e:61:fe:13:0b:0e:07:
e2:9a:a0:fa:44:c9:19:40:29:1f:2a:47:e5:84:3c:
41:93:f4:20:46:b5:b2:12:0a:17:48:0d:9d:d1:15:
80:39:db:68:db:ff:0e:a5:e8:85:1a:eb:89:35:c3:
a7:31:bd:93:50:3a:4c:a3:22:00:21:e7:ce:c3:2b:
e8:67:e1:09:88:0c:20:76:9e:f3:cb:5c:47:5c:44:
ae:98:5a:a6:61:e3:16:5e:5b:f9:62:18:39:1d:a6:
4e:bc:04:2d:5f:31:e7:9a:38:ec:e1:95:47:10:8a:
72:d0:34:c8:7a:4f:c3:c6:4d:83:cc:4f:ff:38:e2:
de:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:02:08:CB:81:18:21:9E:98:78:CE:7C:FE:E0:22:BE:5B:08:F4:2E
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:e3:a4:ef:2e:f7:0d:51:71:3f:6e:88:4e:ff:a8:56:64:fc:
02:c5:a3:85:9b:d5:bd:48:71:ff:c2:fc:6c:a9:c4:e1:47:2b:
45:37:6a:c4:31:55:58:7e:e2:6e:7f:33:1d:5c:18:c7:72:02:
08:07:4b:bf:cd:72:70:03:31:94:93:e1:e2:ac:b2:db:83:cc:
49:44:0b:8a:56:d8:bb:ff:f9:3f:3a:f6:6a:2f:fb:7c:24:35:
f5:e9:71:6d:ae:59:8b:12:a7:23:a8:ee:09:fa:22:71:b1:b1:
fd:e5:c5:46:a7:da:2a:af:ee:9e:b5:a8:48:df:45:61:66:7c:
4b:82:7b:92:1f:32:9e:ac:f8:49:e6:c2:c2:0d:40:a8:c7:0a:
f9:a3:29:45:0c:81:97:5d:13:eb:61:11:2c:0a:22:83:51:e9:
4b:a5:63:90:ad:58:ff:20:04:e5:b4:8f:d4:2f:fe:10:82:0b:
ad:ec:be:cd:7e:ba:97:e4:1b:15:89:9d:c3:3b:45:79:38:e2:
23:72:20:14:6f:00:1f:e5:55:f8:19:9c:f1:6b:8f:24:e6:9a:
52:06:cb:5f:8e:c3:8e:54:da:dc:a0:c8:92:da:04:5f:f3:94:
ef:41:77:f5:20:ff:50:5f:ab:bd:c5:67:fa:bb:24:1c:78:80:
ea:5c:fa:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFB/CrwT6rHTVTsW8kSEumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUwMjAyMDUwMDE5WhcNMjUwMjAzMDUwMDE5WjAzMTEwLwYDVQQD
Eyg1YjAyMDhjYjgxMTgyMTllOTg3OGNlN2NmZWUwMjJiZTViMDhmNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtpfIg5Vd6RRmSsR3eYTvjXJoIur
12FJxA1sNdBF0i0mfI/O2Dmd9rGTYjCiG1PO9palkhnxK4IeKIsZBJvAYHRpKKJg
QwD0dehwQW0UMX7bK0TgVVSKtRVkkUEe4FI5lib2cvT+l1Fm38uBE3LoW+fzXYua
egnUktbSWLPVTg5h/hMLDgfimqD6RMkZQCkfKkflhDxBk/QgRrWyEgoXSA2d0RWA
Odto2/8OpeiFGuuJNcOnMb2TUDpMoyIAIefOwyvoZ+EJiAwgdp7zy1xHXESumFqm
YeMWXlv5Yhg5HaZOvAQtXzHnmjjs4ZVHEIpy0DTIek/Dxk2DzE//OOLebQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsCCMuBGCGemHjOfP7gIr5bCPQuMB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAauOk7y73
DVFxP26ITv+oVmT8AsWjhZvVvUhx/8L8bKnE4UcrRTdqxDFVWH7ibn8zHVwYx3IC
CAdLv81ycAMxlJPh4qyy24PMSUQLilbYu//5Pzr2ai/7fCQ19elxba5ZixKnI6ju
CfoicbGx/eXFRqfaKq/unrWoSN9FYWZ8S4J7kh8ynqz4SebCwg1AqMcK+aMpRQyB
l10T62ERLAoig1HpS6VjkK1Y/yAE5bSP1C/+EIILrey+zX66l+QbFYmdwztFeTji
I3IgFG8AH+VV+Bmc8WuPJOaaUgbLX47DjlTa3KDIktoEX/OU70F39SD/UF+rvcVn
+rskHHiA6lz6Vw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:59:23 2025 by rpki-client