Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
File: uT2pHx9TY0JyxZEQh85my602FKM.mft (raw, json)
Hash identifier: 5OmTIy3a7ad1lqQMZrM2/vl3PYDhVfiH6xkGxFtJmnE=
Subject key identifier: 5E:87:E6:31:EB:0F:77:CE:A6:27:8B:B2:3F:CC:00:33:43:1E:3D:4D
Authority key identifier: B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
Certificate issuer: /CN=b93da91f1f53634272c5911087ce66cbad3614a3
Certificate serial: 0194C387BF0BDD8B05C0130A3D6EB21E0AA8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
Manifest number: 05CC
Signing time: Sat 01 Feb 2025 22:00:40 +0000
Manifest this update: Sat 01 Feb 2025 22:00:40 +0000
Manifest next update: Sun 02 Feb 2025 22:00:40 +0000
Files and hashes: 1: 0386LGj4Sidbyca8KneFkNR54TI.roa (hash: jcV5FqK/anJpS83+3AC/ntYQGRcWnZsS3JRi5ZH9EXg=)
2: uT2pHx9TY0JyxZEQh85my602FKM.crl (hash: 8JMRfqKCvzckWgy3ojeNVXyrT+QpAw6znnswdLAUBMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:87:bf:0b:dd:8b:05:c0:13:0a:3d:6e:b2:1e:0a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93da91f1f53634272c5911087ce66cbad3614a3
Validity
Not Before: Feb 1 22:00:40 2025 GMT
Not After : Feb 2 22:00:40 2025 GMT
Subject: CN=5e87e631eb0f77cea6278bb23fcc0033431e3d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:4c:e2:29:88:bd:be:dd:17:9c:77:7d:3d:
71:c5:14:d3:e9:1a:8f:46:cc:85:f7:7a:eb:22:02:
90:0f:ef:b4:e7:55:86:d9:ab:fd:5a:ef:8a:6c:ea:
22:0b:73:78:ce:58:c9:dc:b6:74:d3:ea:8d:63:95:
13:ab:6d:e9:19:c4:22:6e:e3:74:e6:58:d9:3f:6c:
b1:06:0c:bd:52:7f:3a:34:aa:b3:d8:21:12:0d:88:
65:d0:ff:c1:1d:c8:1e:05:80:04:c6:c8:0c:ad:23:
72:51:b4:41:3b:14:0f:ac:7b:b8:c0:69:8f:9d:56:
a7:f5:da:d3:cd:5e:ea:1b:a2:d7:4f:3a:73:81:70:
c7:47:4b:6a:d7:6e:95:5d:4a:51:8b:b7:0a:02:55:
4b:b5:ff:6a:61:77:ef:7b:fc:e9:67:08:4c:65:2a:
cc:5d:3c:a4:51:b6:59:25:cd:ee:f6:98:72:d5:e3:
9e:b2:56:cf:1a:62:c0:36:c2:7b:f3:cc:ca:f4:bd:
e9:50:61:59:ec:9e:dc:d5:47:2c:4d:4d:ce:60:a7:
31:61:6b:6f:0b:18:b3:73:31:e3:60:81:d4:6e:8a:
a3:d9:57:2e:ca:4d:87:63:fd:2d:c9:e3:78:10:ce:
34:8b:9a:44:a2:f4:af:ef:d7:e0:be:61:8b:87:6c:
db:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:87:E6:31:EB:0F:77:CE:A6:27:8B:B2:3F:CC:00:33:43:1E:3D:4D
X509v3 Authority Key Identifier:
keyid:B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:c8:26:b6:72:48:01:3c:ce:41:0d:d1:3d:66:1c:ec:22:28:
a4:32:75:19:73:a7:b2:db:89:77:f2:40:6f:c3:bc:b6:4a:45:
2d:33:b2:4c:63:98:fc:4b:3f:c6:bd:06:00:4d:da:ee:1c:8c:
f0:6e:d5:2c:d1:08:1b:62:5f:a0:84:ed:3b:91:db:0a:7a:52:
8d:ab:3f:94:78:28:88:0b:8d:5c:37:f8:5a:49:4b:1b:e0:f1:
c7:b4:d0:a1:5b:f2:17:cf:d4:7c:84:8a:30:14:79:6f:e3:70:
f7:b5:a6:b4:0f:91:6a:34:e5:1d:f6:b9:f5:42:36:e2:eb:63:
42:62:98:fe:f9:fa:dc:4b:b5:2d:9f:e2:8e:c0:e4:99:96:94:
63:ac:fd:14:dc:bf:a4:1d:cf:9a:33:b7:42:98:86:b8:53:d7:
6b:79:8e:e6:5e:bb:5b:99:b6:08:66:8a:fd:d8:d9:bd:f0:49:
7b:ab:8a:c6:87:5f:29:83:0f:03:55:e8:2b:39:a5:46:6f:ad:
16:8b:c0:69:f3:b4:a0:19:25:08:36:27:83:8f:ba:1d:4e:66:
e7:1a:c0:f8:d4:d0:49:06:8a:31:a1:bf:e5:89:01:d7:2d:f1:
e5:de:22:1c:b3:a0:dd:d8:a2:74:74:d2:c7:5b:bb:05:bb:05:
7b:7c:f4:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh78L3YsFwBMKPW6yHgqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2RhOTFmMWY1MzYzNDI3MmM1OTExMDg3Y2U2NmNiYWQz
NjE0YTMwHhcNMjUwMjAxMjIwMDQwWhcNMjUwMjAyMjIwMDQwWjAzMTEwLwYDVQQD
Eyg1ZTg3ZTYzMWViMGY3N2NlYTYyNzhiYjIzZmNjMDAzMzQzMWUzZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArphM4imIvb7dF5x3fT1xxRTT6RqP
RsyF93rrIgKQD++051WG2av9Wu+KbOoiC3N4zljJ3LZ00+qNY5UTq23pGcQibuN0
5ljZP2yxBgy9Un86NKqz2CESDYhl0P/BHcgeBYAExsgMrSNyUbRBOxQPrHu4wGmP
nVan9drTzV7qG6LXTzpzgXDHR0tq126VXUpRi7cKAlVLtf9qYXfve/zpZwhMZSrM
XTykUbZZJc3u9phy1eOeslbPGmLANsJ788zK9L3pUGFZ7J7c1UcsTU3OYKcxYWtv
CxizczHjYIHUboqj2Vcuyk2HY/0tyeN4EM40i5pEovSv79fgvmGLh2zbDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6H5jHrD3fOpieLsj/MADNDHj1NMB8GA1UdIwQY
MBaAFLk9qR8fU2NCcsWREIfOZsutNhSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEt
OGJmNWIxZWQxMjA5LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEtOGJmNWIxZWQxMjA5
LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcgmtnJI
ATzOQQ3RPWYc7CIopDJ1GXOnstuJd/JAb8O8tkpFLTOyTGOY/Es/xr0GAE3a7hyM
8G7VLNEIG2JfoITtO5HbCnpSjas/lHgoiAuNXDf4WklLG+Dxx7TQoVvyF8/UfISK
MBR5b+Nw97WmtA+RajTlHfa59UI24utjQmKY/vn63Eu1LZ/ijsDkmZaUY6z9FNy/
pB3PmjO3QpiGuFPXa3mO5l67W5m2CGaK/djZvfBJe6uKxodfKYMPA1XoKzmlRm+t
FovAafO0oBklCDYng4+6HU5m5xrA+NTQSQaKMaG/5YkB1y3x5d4iHLOg3diidHTS
x1u7BbsFe3z0kg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:54:21 2025 by rpki-client