Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
File: khjNJev3TLGwBLAe5QVQP_8kbWE.mft (raw, json)
Hash identifier: h+ggyxKZZnHqQPgJzVcUFiAcOc2QtZtrhREfaxGjT2k=
Subject key identifier: 7E:25:96:D2:C0:E9:D5:0A:42:88:E4:76:AC:F9:38:E1:87:05:9C:9E
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 019511A2DDD9A27C1F2D5BDE19E45C716C4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
Manifest number: 0285
Signing time: Mon 17 Feb 2025 02:00:41 +0000
Manifest this update: Mon 17 Feb 2025 02:00:41 +0000
Manifest next update: Tue 18 Feb 2025 02:00:41 +0000
Files and hashes: 1: hzP2EY4V13WQH8d_pNPxVTI0pdE.roa (hash: p8JhkO3NrYZd+pd4+yMBXMa+gMDLxEDL5Q92aazBUYw=)
2: khjNJev3TLGwBLAe5QVQP_8kbWE.crl (hash: 34vfO1vR35FeCvAUNhVeMM61e1Ra5plsjvMYFdZugVk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:a2:dd:d9:a2:7c:1f:2d:5b:de:19:e4:5c:71:6c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Feb 17 02:00:41 2025 GMT
Not After : Feb 18 02:00:41 2025 GMT
Subject: CN=7e2596d2c0e9d50a4288e476acf938e187059c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3c:14:94:d0:20:68:5b:1b:ea:4a:35:f7:06:
16:f4:b0:a1:f9:23:a4:58:ce:8f:e4:ef:f3:76:8d:
e8:16:1e:f8:76:d0:ee:7b:f6:c0:a5:7e:e7:10:d6:
93:31:17:9c:4c:26:3c:77:6f:3d:04:97:07:f3:10:
dc:32:bb:f0:12:0e:7b:9c:d6:1d:da:7d:a4:57:83:
a7:cb:de:27:6d:a8:0b:f0:26:a1:f4:b8:51:f4:e7:
d4:7a:60:b4:64:59:e9:d7:b0:34:d8:53:40:61:84:
93:80:a9:82:cb:ff:17:f3:b3:92:17:4c:78:d2:4f:
dd:89:09:ca:14:6e:f2:b3:7f:d9:d9:4e:a1:8f:91:
da:48:f5:19:31:be:a4:18:61:6a:6f:f9:a2:a3:71:
6e:13:98:7a:98:d2:f9:a1:45:b9:14:eb:ba:7e:ef:
15:bd:47:f6:67:7d:4f:ac:17:c0:4d:99:22:5f:0c:
17:3c:56:e5:d3:55:d7:07:4f:62:a5:61:b9:2d:e7:
56:63:6c:14:b9:97:22:37:82:cb:7d:5f:b3:31:6e:
fc:8e:69:1f:cf:5d:0c:6e:a7:6c:df:ff:f7:db:68:
2f:5a:73:f8:f6:19:95:08:bb:5e:57:24:92:60:31:
18:da:6c:12:3b:fa:08:71:ec:0c:0a:11:bd:93:23:
93:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:25:96:D2:C0:E9:D5:0A:42:88:E4:76:AC:F9:38:E1:87:05:9C:9E
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:d0:37:f9:f1:73:47:47:33:e0:a5:93:51:4d:61:c7:cc:42:
89:10:d7:de:ad:5c:c4:4c:d2:b9:36:4b:70:08:85:57:d1:ad:
42:8c:f5:2a:c5:5c:12:f6:c4:e3:ba:6c:ad:d7:db:7f:a0:55:
4d:33:e5:9a:3f:f4:a1:8c:ac:09:93:58:fd:32:72:44:30:38:
6d:b3:d4:a0:8f:6a:17:49:bf:5b:e2:7f:e2:1b:c0:ec:06:31:
59:bf:0c:a9:61:20:a0:fc:9a:7b:d1:eb:1a:ad:f2:37:c2:5d:
43:73:83:d0:bd:ec:d1:2c:c7:d0:4a:cf:ba:5b:e0:8f:5f:96:
df:6e:76:07:6f:40:26:b5:57:b7:55:47:3a:84:ec:04:b8:81:
6d:88:af:ab:a3:f5:c2:33:7a:69:f6:9f:24:a3:ba:f7:0d:63:
3a:cf:a7:fb:33:4a:06:5b:c9:08:75:ce:2b:25:51:97:4e:11:
45:68:57:4a:14:05:48:48:c2:18:13:45:42:c3:78:a9:72:56:
2b:77:7b:44:eb:e1:74:ae:f8:24:41:8b:54:48:58:dc:fa:35:
a3:d3:f3:ac:21:2f:72:be:14:2b:e5:e0:35:c9:a0:f4:09:e2:
db:41:77:26:79:2b:56:45:0d:5d:f9:bc:31:3e:1a:19:26:4d:
81:ba:a7:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURot3ZonwfLVveGeRccWxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUwMjE3MDIwMDQxWhcNMjUwMjE4MDIwMDQxWjAzMTEwLwYDVQQD
Eyg3ZTI1OTZkMmMwZTlkNTBhNDI4OGU0NzZhY2Y5MzhlMTg3MDU5YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jwUlNAgaFsb6ko19wYW9LCh+SOk
WM6P5O/zdo3oFh74dtDue/bApX7nENaTMRecTCY8d289BJcH8xDcMrvwEg57nNYd
2n2kV4Ony94nbagL8Cah9LhR9OfUemC0ZFnp17A02FNAYYSTgKmCy/8X87OSF0x4
0k/diQnKFG7ys3/Z2U6hj5HaSPUZMb6kGGFqb/mio3FuE5h6mNL5oUW5FOu6fu8V
vUf2Z31PrBfATZkiXwwXPFbl01XXB09ipWG5LedWY2wUuZciN4LLfV+zMW78jmkf
z10Mbqds3//322gvWnP49hmVCLteVySSYDEY2mwSO/oIcewMChG9kyOT3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4lltLA6dUKQojkdqz5OOGHBZyeMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaNA3+fFz
R0cz4KWTUU1hx8xCiRDX3q1cxEzSuTZLcAiFV9GtQoz1KsVcEvbE47psrdfbf6BV
TTPlmj/0oYysCZNY/TJyRDA4bbPUoI9qF0m/W+J/4hvA7AYxWb8MqWEgoPyae9Hr
Gq3yN8JdQ3OD0L3s0SzH0ErPulvgj1+W3252B29AJrVXt1VHOoTsBLiBbYivq6P1
wjN6afafJKO69w1jOs+n+zNKBlvJCHXOKyVRl04RRWhXShQFSEjCGBNFQsN4qXJW
K3d7ROvhdK74JEGLVEhY3Po1o9PzrCEvcr4UK+XgNcmg9Ani20F3JnkrVkUNXfm8
MT4aGSZNgbqnEA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:31 2025 by rpki-client