Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
File: roNVKZN0KXkz0oH1HrdLpcLJHME.mft (raw, json)
Hash identifier: /8CHZ6jBCx8Nb1wNDp60K/ht35Jh9KGsXsMUFodwf68=
Subject key identifier: 40:31:6C:65:16:A0:34:8C:E9:D9:B0:66:AB:86:5C:32:E9:E6:59:65
Authority key identifier: AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
Certificate issuer: /CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Certificate serial: 0195127E54DBF2C733735A26C89D3EF268D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
Manifest number: 0FAA
Signing time: Mon 17 Feb 2025 06:00:23 +0000
Manifest this update: Mon 17 Feb 2025 06:00:23 +0000
Manifest next update: Tue 18 Feb 2025 06:00:23 +0000
Files and hashes: 1: RaM_OWQwVXsafD9lAhumGxuaVJ0.roa (hash: 9wqEU77JRh8FONfv1sMAYtuNvig1s1ZaVt3dre8RnDg=)
2: roNVKZN0KXkz0oH1HrdLpcLJHME.crl (hash: VNOnBLj5W40F50I3OwATlX40wKPx101KFqv6iomXDNw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:7e:54:db:f2:c7:33:73:5a:26:c8:9d:3e:f2:68:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Validity
Not Before: Feb 17 06:00:23 2025 GMT
Not After : Feb 18 06:00:23 2025 GMT
Subject: CN=40316c6516a0348ce9d9b066ab865c32e9e65965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:35:14:15:2f:a4:f2:98:61:4a:f4:31:a3:97:
45:d6:6c:e5:e4:c9:09:48:66:b8:4e:e6:10:22:2b:
2c:ff:8d:ee:25:1d:6a:64:6e:e4:62:b8:14:fc:d6:
d0:a1:03:cd:da:a1:58:60:62:38:f0:cd:18:c2:8b:
04:2b:5f:ee:86:94:b0:35:b7:20:e5:82:65:84:be:
ea:47:48:9f:59:90:bf:00:ea:9d:25:b5:f4:a9:4d:
53:63:c2:48:d4:c8:e0:31:52:d4:07:b1:90:a2:5c:
ec:f4:25:85:9f:95:a8:65:d2:94:c0:4c:80:fc:df:
0c:71:bb:80:9b:05:1e:f5:f7:7d:f9:7a:75:d3:74:
40:a0:dc:57:62:0b:19:8e:ad:c8:b7:04:f0:94:ba:
d3:7c:6d:97:3b:1b:19:6e:0b:24:9a:31:23:76:0f:
1d:49:67:65:ca:44:68:79:d5:03:cc:1a:54:0c:cf:
07:bd:c0:9b:2a:99:6b:76:d8:0e:83:d8:8b:23:b2:
7a:35:f6:85:43:be:15:f1:fd:70:66:fe:28:63:67:
23:9c:04:c8:9a:87:6a:8d:a2:44:4e:7b:de:34:1b:
b7:d3:08:85:6b:10:47:b1:8a:f9:57:ce:e3:3f:45:
41:cb:cf:8e:a0:39:d4:2d:29:4e:6f:4f:9c:62:64:
c4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:31:6C:65:16:A0:34:8C:E9:D9:B0:66:AB:86:5C:32:E9:E6:59:65
X509v3 Authority Key Identifier:
keyid:AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:66:b6:84:14:a2:30:9c:08:73:b9:7c:16:90:25:55:25:30:
b4:6a:5d:87:d2:6a:d1:3c:d7:92:9a:73:90:f6:9b:b0:bf:1f:
32:36:a9:da:35:ff:80:7c:05:e8:58:18:9d:bb:51:a6:86:67:
69:be:2f:87:a2:c5:78:17:f1:56:a4:01:0d:92:f4:ff:76:32:
0e:33:7c:c6:8d:3b:40:03:29:41:8c:1e:77:ed:30:f6:16:d5:
ab:f4:f3:bb:1b:48:5d:9f:98:65:81:3b:f4:44:05:91:30:5a:
b0:23:6e:53:07:d9:ad:f9:3e:81:3c:2b:2f:a2:db:28:26:24:
3a:25:f1:98:9e:80:dc:db:42:f6:f7:7b:ae:33:2a:64:44:e7:
cc:79:2c:cc:29:bd:ee:96:e4:19:39:53:a7:1b:8a:75:59:12:
32:86:6c:8a:d1:ea:f2:08:22:42:94:d2:b1:46:59:32:46:67:
bc:2f:fa:f6:42:0f:84:7b:d2:0d:d3:a4:34:38:76:ae:91:2b:
19:f2:09:06:40:01:1c:6e:34:cf:dd:0a:28:c0:b4:17:b1:c6:
55:10:a3:e4:c6:70:69:16:86:74:f9:95:a7:4f:89:3f:cc:70:
c3:98:77:a0:71:71:f5:c1:e0:30:e3:33:c1:f6:fd:21:42:46:
00:49:7a:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSflTb8sczc1omyJ0+8mjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM1NTI5OTM3NDI5NzkzM2QyODFmNTFlYjc0YmE1YzJj
OTFjYzEwHhcNMjUwMjE3MDYwMDIzWhcNMjUwMjE4MDYwMDIzWjAzMTEwLwYDVQQD
Eyg0MDMxNmM2NTE2YTAzNDhjZTlkOWIwNjZhYjg2NWMzMmU5ZTY1OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9TUUFS+k8phhSvQxo5dF1mzl5MkJ
SGa4TuYQIiss/43uJR1qZG7kYrgU/NbQoQPN2qFYYGI48M0YwosEK1/uhpSwNbcg
5YJlhL7qR0ifWZC/AOqdJbX0qU1TY8JI1MjgMVLUB7GQolzs9CWFn5WoZdKUwEyA
/N8McbuAmwUe9fd9+Xp103RAoNxXYgsZjq3ItwTwlLrTfG2XOxsZbgskmjEjdg8d
SWdlykRoedUDzBpUDM8HvcCbKplrdtgOg9iLI7J6NfaFQ74V8f1wZv4oY2cjnATI
modqjaJETnveNBu30wiFaxBHsYr5V87jP0VBy8+OoDnULSlOb0+cYmTE8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAxbGUWoDSM6dmwZquGXDLp5lllMB8GA1UdIwQY
MBaAFK6DVSmTdCl5M9KB9R63S6XCyRzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQt
M2I0ZDAyYTYxZWMyLzEvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQtM2I0ZDAyYTYxZWMy
LzEvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdGa2hBSi
MJwIc7l8FpAlVSUwtGpdh9Jq0TzXkppzkPabsL8fMjap2jX/gHwF6FgYnbtRpoZn
ab4vh6LFeBfxVqQBDZL0/3YyDjN8xo07QAMpQYwed+0w9hbVq/TzuxtIXZ+YZYE7
9EQFkTBasCNuUwfZrfk+gTwrL6LbKCYkOiXxmJ6A3NtC9vd7rjMqZETnzHkszCm9
7pbkGTlTpxuKdVkSMoZsitHq8ggiQpTSsUZZMkZnvC/69kIPhHvSDdOkNDh2rpEr
GfIJBkABHG40z90KKMC0F7HGVRCj5MZwaRaGdPmVp0+JP8xww5h3oHFx9cHgMOMz
wfb9IUJGAEl6kA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:46 2025 by rpki-client