Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft
File: XLOiFF-bTUZgWCrca3NUlp4InKk.mft (raw, json)
Hash identifier: YNwXfiDF6bRzsU1QfvgrZez9SBiCwcz8xYJvykUXLps=
Subject key identifier: 8B:C9:18:98:6C:B2:46:2D:17:D3:AD:F8:05:AE:0C:8C:D5:22:BE:2D
Authority key identifier: 5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9
Certificate issuer: /CN=5cb3a2145f9b4d4660582adc6b7354969e089ca9
Certificate serial: 0194C42C47C9A0A4E0EAD4F98C613625E6A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft
Manifest number: 0BDE
Signing time: Sun 02 Feb 2025 01:00:23 +0000
Manifest this update: Sun 02 Feb 2025 01:00:23 +0000
Manifest next update: Mon 03 Feb 2025 01:00:23 +0000
Files and hashes: 1: 8rSm2TYmCggVgedhJYf2d5mO9bY.roa (hash: u5F6NWnwd9MOKoxteUtWCw1+tPwzMsMfG5qFtnCO6pk=)
2: XLOiFF-bTUZgWCrca3NUlp4InKk.crl (hash: 1fk0lXcIHyJ1dSJ5nEHJM2AJ4nLCfaIaU3BSQPtUQnc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:2c:47:c9:a0:a4:e0:ea:d4:f9:8c:61:36:25:e6:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cb3a2145f9b4d4660582adc6b7354969e089ca9
Validity
Not Before: Feb 2 01:00:23 2025 GMT
Not After : Feb 3 01:00:23 2025 GMT
Subject: CN=8bc918986cb2462d17d3adf805ae0c8cd522be2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:72:58:b9:6e:0f:a5:06:bb:f8:8c:4b:40:
dd:ab:3f:6e:3a:ef:7f:ad:1e:1b:1e:0c:25:14:89:
da:cb:a0:9a:51:86:68:55:1f:9d:b3:81:37:f0:a9:
9b:65:a8:4e:4a:c4:17:69:29:b7:f7:c1:6c:6d:7a:
bf:a5:48:51:eb:70:c6:eb:57:ca:97:c1:65:75:ac:
67:86:8f:a8:ad:41:6a:0a:36:47:d0:da:ce:aa:ae:
db:3a:45:94:68:0f:29:79:e4:06:4d:5a:c3:5b:b6:
a9:50:f8:34:76:17:a5:81:64:84:db:cf:53:f6:df:
ec:0e:dd:3f:d7:ed:6a:68:a4:b8:a6:64:9a:44:f2:
72:3a:f9:48:42:3b:cf:49:df:c6:0a:de:0b:3e:82:
8c:34:92:58:61:6d:af:5f:b8:23:f7:38:04:bc:6f:
33:a6:77:16:3a:09:6c:8d:5a:65:77:df:89:82:ca:
ff:91:c1:a3:c0:c9:e0:3c:2d:48:ee:4c:0b:55:78:
f0:5f:e2:62:32:f1:7e:01:3a:db:11:35:6d:1d:d8:
f8:9a:8e:c5:ca:3d:3c:5e:d8:33:de:66:ca:a7:fd:
53:d7:b5:e3:c3:df:51:4a:bb:84:5c:e2:2d:b3:6c:
63:55:10:03:9a:cf:68:57:c9:3d:57:20:4d:f5:8d:
9d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C9:18:98:6C:B2:46:2D:17:D3:AD:F8:05:AE:0C:8C:D5:22:BE:2D
X509v3 Authority Key Identifier:
keyid:5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:7e:b1:35:6d:7b:2e:83:d3:25:d1:83:0e:ff:cd:fc:41:d7:
1b:a2:32:1e:ac:dc:9e:b5:a5:85:bb:b4:04:03:fa:70:f2:06:
6e:e0:04:d8:bd:86:ae:c3:a8:ec:60:9e:89:3c:3b:1f:15:a7:
c1:13:7d:41:4d:6f:20:36:f3:e8:1b:4e:00:7f:25:00:dd:1c:
14:5d:ab:ac:44:ac:42:7b:a6:e1:44:70:ac:2b:a9:96:eb:c9:
31:7f:d3:b7:2d:c2:ff:88:35:d4:cc:6d:e1:83:6b:bb:47:59:
4f:79:64:bf:3a:69:a3:b5:fb:15:03:f9:7b:19:c6:e2:9e:6a:
c8:68:04:a8:cc:ec:64:88:8f:2a:cc:4c:02:9f:90:e7:13:e3:
52:99:36:3f:f9:bf:ef:64:26:92:d2:f3:21:f5:12:02:8a:dc:
57:84:94:24:b4:21:cb:3c:2c:d0:a2:00:d9:eb:72:1f:a7:7c:
d4:f4:a0:93:48:34:07:d5:22:cf:1a:cf:b9:f1:9a:95:19:4f:
c6:ac:5c:41:c7:b1:7d:31:bb:79:29:f5:59:13:10:73:ff:4a:
ca:d5:7d:3e:8b:25:e0:c8:fa:40:69:01:3c:75:9f:41:63:75:
d9:20:2b:c1:20:9d:21:be:b7:88:24:ab:4b:58:4c:cc:5a:e5:
34:18:38:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELEfJoKTg6tT5jGE2JeapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYjNhMjE0NWY5YjRkNDY2MDU4MmFkYzZiNzM1NDk2OWUw
ODljYTkwHhcNMjUwMjAyMDEwMDIzWhcNMjUwMjAzMDEwMDIzWjAzMTEwLwYDVQQD
Eyg4YmM5MTg5ODZjYjI0NjJkMTdkM2FkZjgwNWFlMGM4Y2Q1MjJiZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BhyWLluD6UGu/iMS0Ddqz9uOu9/
rR4bHgwlFInay6CaUYZoVR+ds4E38KmbZahOSsQXaSm398FsbXq/pUhR63DG61fK
l8Fldaxnho+orUFqCjZH0NrOqq7bOkWUaA8peeQGTVrDW7apUPg0dhelgWSE289T
9t/sDt0/1+1qaKS4pmSaRPJyOvlIQjvPSd/GCt4LPoKMNJJYYW2vX7gj9zgEvG8z
pncWOglsjVpld9+Jgsr/kcGjwMngPC1I7kwLVXjwX+JiMvF+ATrbETVtHdj4mo7F
yj08Xtgz3mbKp/1T17Xjw99RSruEXOIts2xjVRADms9oV8k9VyBN9Y2d3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvJGJhsskYtF9Ot+AWuDIzVIr4tMB8GA1UdIwQY
MBaAFFyzohRfm01GYFgq3GtzVJaeCJypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWExPaUZGLWJUVVpnV0NyY2EzTlVscDRJbktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kMDY2MWMtY2ViYi00ZTIyLWIxOTct
MTM5ODAwYThjNzVmLzEvWExPaUZGLWJUVVpnV0NyY2EzTlVscDRJbktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kMDY2MWMtY2ViYi00ZTIyLWIxOTctMTM5ODAwYThjNzVm
LzEvWExPaUZGLWJUVVpnV0NyY2EzTlVscDRJbktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ36xNW17
LoPTJdGDDv/N/EHXG6IyHqzcnrWlhbu0BAP6cPIGbuAE2L2GrsOo7GCeiTw7HxWn
wRN9QU1vIDbz6BtOAH8lAN0cFF2rrESsQnum4URwrCupluvJMX/Tty3C/4g11Mxt
4YNru0dZT3lkvzppo7X7FQP5exnG4p5qyGgEqMzsZIiPKsxMAp+Q5xPjUpk2P/m/
72QmktLzIfUSAorcV4SUJLQhyzws0KIA2etyH6d81PSgk0g0B9UizxrPufGalRlP
xqxcQcexfTG7eSn1WRMQc/9KytV9Posl4Mj6QGkBPHWfQWN12SArwSCdIb63iCSr
S1hMzFrlNBg4qw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:02:13 2025 by rpki-client