Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: 0bCWPgf21wS1lJB5+3yl6fwsniKNBN0g+FbLdeJBQiY=
Subject key identifier: 20:95:77:96:FC:C3:B7:7E:65:90:E4:07:24:B0:A9:C5:2A:2F:A6:85
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 019357D2568604A5DD9DFE07F57290B6CF26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 066D
Signing time: Sat 23 Nov 2024 07:00:22 +0000
Manifest this update: Sat 23 Nov 2024 07:00:22 +0000
Manifest next update: Sun 24 Nov 2024 07:00:22 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: T3PfHQLTNm9noLXRGBNOLhsEc7FaXtif4iIQHohhHp8=)
2: bqCVZpKVqbaM5FetsVkW7TIV3x8.roa (hash: P1R0wophtx74hRmtEyqxTrdXg8b4bk/BoOBOZgSKnS4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:57:d2:56:86:04:a5:dd:9d:fe:07:f5:72:90:b6:cf:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Nov 23 07:00:22 2024 GMT
Not After : Nov 24 07:00:22 2024 GMT
Subject: CN=20957796fcc3b77e6590e40724b0a9c52a2fa685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3d:66:27:ff:db:30:c6:5b:e6:3e:8d:90:be:
b2:cb:8c:15:2d:09:bb:74:b3:7c:d2:4d:84:aa:0b:
a2:e2:1f:1c:5e:74:9d:d9:ce:83:32:f6:ee:19:44:
6f:1f:40:55:b7:a0:01:ff:d0:99:4a:db:ca:9d:61:
c0:e4:2c:6f:7d:00:8f:0f:50:96:dd:4a:49:74:0b:
ea:27:58:f7:35:e7:39:c0:ff:90:f2:56:5a:11:f0:
ff:79:26:16:4e:2f:4a:ea:8b:ce:cf:5d:e5:59:8b:
1a:df:c4:31:0f:02:7a:d0:9f:8c:8a:64:db:a1:ef:
59:09:5a:48:46:77:ed:53:ac:4f:71:c6:d2:ed:46:
ee:fe:ff:df:b2:f9:5f:88:28:18:b9:cf:55:12:66:
ad:c6:a0:74:79:fd:c6:d6:42:b2:3e:22:13:75:f7:
13:08:ac:eb:3f:7b:d9:b7:42:fc:7d:26:38:a4:9b:
e6:6d:ef:2f:2a:8e:05:b9:04:2e:6b:9d:74:29:36:
46:2e:b0:e4:5c:72:a6:04:b3:67:3d:2c:ba:b2:c1:
6b:82:a5:fe:7b:75:80:6b:7a:df:c4:51:33:af:85:
59:38:b5:65:15:6d:f3:6b:29:f9:35:ed:94:97:43:
46:95:39:a7:28:bf:e4:b0:20:59:1f:c7:02:e0:1d:
ac:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:95:77:96:FC:C3:B7:7E:65:90:E4:07:24:B0:A9:C5:2A:2F:A6:85
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:39:2d:70:f3:36:91:26:b6:b6:0b:88:fe:c4:a5:75:76:d0:
f4:2e:38:a7:df:a6:98:98:a2:a5:11:9a:49:6c:24:37:e7:6a:
95:b3:de:96:d8:22:03:2e:08:71:2a:5a:4c:63:a7:0c:df:9e:
b3:ea:c4:cb:1b:e4:e9:1f:94:69:8b:72:74:72:9c:6f:fc:dd:
72:55:55:c7:b9:5a:6e:bc:4c:4c:2c:80:90:f4:72:6d:f8:de:
67:80:a8:00:7e:4a:8b:bf:0d:a6:19:95:6c:10:93:2a:c5:da:
c5:14:bf:08:d5:8d:bd:45:80:11:21:21:f9:1c:3f:7c:f8:8c:
7f:82:55:9d:ef:d3:ce:12:b8:2a:ce:fd:c9:f2:99:3e:49:2f:
39:64:27:8d:90:2c:4c:3d:4a:7a:54:c7:55:f5:98:2f:af:69:
3e:6b:2a:07:3d:2d:a6:1b:f5:a7:34:88:b8:13:3d:80:75:db:
9e:12:52:b3:0c:c0:e4:f5:65:b9:1f:09:63:9f:5b:dc:8f:c1:
50:ca:ba:a2:1a:b4:45:34:38:c9:b9:14:93:e6:36:69:92:4e:
17:ae:ae:a0:86:84:62:52:57:11:10:e1:1e:35:01:67:d3:d0:
cc:42:c7:46:91:7e:ae:01:f0:ec:b5:71:2b:ed:e6:d1:77:4a:
04:a2:d0:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0laGBKXdnf4H9XKQts8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjQxMTIzMDcwMDIyWhcNMjQxMTI0MDcwMDIyWjAzMTEwLwYDVQQD
EygyMDk1Nzc5NmZjYzNiNzdlNjU5MGU0MDcyNGIwYTljNTJhMmZhNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz1mJ//bMMZb5j6NkL6yy4wVLQm7
dLN80k2Eqgui4h8cXnSd2c6DMvbuGURvH0BVt6AB/9CZStvKnWHA5CxvfQCPD1CW
3UpJdAvqJ1j3Nec5wP+Q8lZaEfD/eSYWTi9K6ovOz13lWYsa38QxDwJ60J+MimTb
oe9ZCVpIRnftU6xPccbS7Ubu/v/fsvlfiCgYuc9VEmatxqB0ef3G1kKyPiITdfcT
CKzrP3vZt0L8fSY4pJvmbe8vKo4FuQQua510KTZGLrDkXHKmBLNnPSy6ssFrgqX+
e3WAa3rfxFEzr4VZOLVlFW3zayn5Ne2Ul0NGlTmnKL/ksCBZH8cC4B2s3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCVd5b8w7d+ZZDkBySwqcUqL6aFMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAzktcPM2
kSa2tguI/sSldXbQ9C44p9+mmJiipRGaSWwkN+dqlbPeltgiAy4IcSpaTGOnDN+e
s+rEyxvk6R+UaYtydHKcb/zdclVVx7labrxMTCyAkPRybfjeZ4CoAH5Ki78NphmV
bBCTKsXaxRS/CNWNvUWAESEh+Rw/fPiMf4JVne/TzhK4Ks79yfKZPkkvOWQnjZAs
TD1KelTHVfWYL69pPmsqBz0tphv1pzSIuBM9gHXbnhJSswzA5PVluR8JY59b3I/B
UMq6ohq0RTQ4ybkUk+Y2aZJOF66uoIaEYlJXERDhHjUBZ9PQzELHRpF+rgHw7LVx
K+3m0XdKBKLQlQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:36 2024 by rpki-client on console-ams.rpki-client.org