Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
File: KVZYS3DOhHwam0AFSLFNsDG-3_I.mft (raw, json)
Hash identifier: Zw5FLySqowD047t4O1H2hfo6GWaNnY58Cc+/9CSsomY=
Subject key identifier: 33:B7:34:ED:CE:29:43:81:D6:E0:3E:58:3A:65:17:A4:7E:BC:79:E1
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 0194BB9710BFA892C37B22B0928BC71CDFF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
Manifest number: 070E
Signing time: Fri 31 Jan 2025 09:00:27 +0000
Manifest this update: Fri 31 Jan 2025 09:00:27 +0000
Manifest next update: Sat 01 Feb 2025 09:00:27 +0000
Files and hashes: 1: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (hash: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=)
2: KVZYS3DOhHwam0AFSLFNsDG-3_I.crl (hash: pYMnT6DqFitDgXHphDEg/qfmVlXRXWnfgF2qTgnQQRo=)
3: UY5PADzbeIj93cBuCOAZIezRods.roa (hash: 94p+JoB1n19vWg1B3h2izrs5nmNxhhnj9iR596bjT+I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 09:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:97:10:bf:a8:92:c3:7b:22:b0:92:8b:c7:1c:df:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jan 31 09:00:27 2025 GMT
Not After : Feb 1 09:00:27 2025 GMT
Subject: CN=33b734edce294381d6e03e583a6517a47ebc79e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c2:4f:02:13:4a:77:73:30:41:e7:bb:9a:dd:
13:4c:74:ca:f2:38:dc:7f:8e:1a:bc:74:69:e7:a1:
10:c0:e0:e0:c9:79:ae:30:cb:49:47:98:36:00:e3:
44:bc:78:f1:f6:70:d1:1d:b0:2f:4e:30:c4:9d:86:
27:0e:0f:62:75:84:dc:62:13:58:8b:b4:17:c5:0a:
a5:e9:c2:d5:1a:3b:2f:8d:33:d9:36:7a:84:4a:37:
36:c9:f0:f6:f8:0b:7d:85:a6:46:d5:8d:ec:b7:03:
63:70:74:55:21:6d:f7:d5:1c:19:2c:b1:b7:a8:a8:
63:08:fe:58:df:6d:1b:a1:c1:d3:bf:d2:45:67:9f:
b3:22:69:26:98:b4:f5:ac:eb:b3:dc:32:e1:7f:f1:
2f:93:f3:b3:da:7a:84:94:47:0a:ab:e6:97:81:52:
d3:b7:87:df:d9:c2:a0:bd:39:60:58:14:95:7a:31:
8a:dd:ea:af:e2:f4:39:fa:e2:12:fa:f2:58:a3:09:
ac:5b:98:dc:6c:2f:51:90:5d:62:5d:e7:ce:51:e3:
ba:92:4e:b9:4f:b9:5c:af:1d:ee:87:42:9d:92:9e:
c3:f9:70:66:23:fd:ba:8d:65:2a:63:fb:cd:7c:c8:
e1:04:60:e2:ba:4f:a4:50:d8:19:41:b2:88:7b:c4:
bf:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B7:34:ED:CE:29:43:81:D6:E0:3E:58:3A:65:17:A4:7E:BC:79:E1
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:fb:a9:f7:81:7e:f9:f4:ba:46:67:6c:47:30:7c:a0:d2:0b:
ee:cf:f3:9b:07:ae:6b:e1:5e:bf:0d:fb:18:5e:c9:9b:f6:b9:
bc:89:8d:bb:b3:bb:8a:11:08:06:e7:c3:98:e4:c0:44:d0:83:
35:aa:7e:c2:14:e5:fa:bf:f5:bc:48:de:0d:56:65:da:53:c0:
03:7a:ca:cb:90:73:c6:5c:af:d2:dd:69:bd:16:41:a8:22:47:
0c:35:b0:1a:ec:7d:05:58:a0:d1:da:95:d4:53:48:66:b4:0b:
a9:7e:f7:6c:d3:f8:92:c3:ab:77:90:df:8c:3d:0b:d4:f9:44:
64:5f:33:e0:f8:1f:1f:86:a0:f7:02:ce:0d:6b:bd:b6:8a:95:
08:e1:37:5d:2b:b7:91:e9:37:e3:6f:0a:ea:20:76:b6:ea:42:
6b:9b:be:45:57:1a:29:8f:ae:35:4b:bd:98:4d:a9:7a:4d:7c:
25:59:06:40:91:40:1a:f8:5d:60:62:98:31:ba:35:66:58:de:
92:7c:1d:81:72:6b:54:7d:88:03:95:49:a4:3f:21:ab:cf:52:
3a:43:0d:b0:66:6b:58:ab:a2:7a:fe:53:25:06:2a:42:69:ee:
0c:45:33:4f:89:5c:0d:a5:0b:05:61:18:4c:b3:d8:2e:4f:08:
b3:8c:31:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7lxC/qJLDeyKwkovHHN/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjUwMTMxMDkwMDI3WhcNMjUwMjAxMDkwMDI3WjAzMTEwLwYDVQQD
EygzM2I3MzRlZGNlMjk0MzgxZDZlMDNlNTgzYTY1MTdhNDdlYmM3OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsJPAhNKd3MwQee7mt0TTHTK8jjc
f44avHRp56EQwODgyXmuMMtJR5g2AONEvHjx9nDRHbAvTjDEnYYnDg9idYTcYhNY
i7QXxQql6cLVGjsvjTPZNnqESjc2yfD2+At9haZG1Y3stwNjcHRVIW331RwZLLG3
qKhjCP5Y320bocHTv9JFZ5+zImkmmLT1rOuz3DLhf/Evk/Oz2nqElEcKq+aXgVLT
t4ff2cKgvTlgWBSVejGK3eqv4vQ5+uIS+vJYowmsW5jcbC9RkF1iXefOUeO6kk65
T7lcrx3uh0Kdkp7D+XBmI/26jWUqY/vNfMjhBGDiuk+kUNgZQbKIe8S/7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDO3NO3OKUOB1uA+WDplF6R+vHnhMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfup94F+
+fS6RmdsRzB8oNIL7s/zmweua+Fevw37GF7Jm/a5vImNu7O7ihEIBufDmOTARNCD
Nap+whTl+r/1vEjeDVZl2lPAA3rKy5Bzxlyv0t1pvRZBqCJHDDWwGux9BVig0dqV
1FNIZrQLqX73bNP4ksOrd5DfjD0L1PlEZF8z4PgfH4ag9wLODWu9toqVCOE3XSu3
kek3428K6iB2tupCa5u+RVcaKY+uNUu9mE2pek18JVkGQJFAGvhdYGKYMbo1Zlje
knwdgXJrVH2IA5VJpD8hq89SOkMNsGZrWKuiev5TJQYqQmnuDEUzT4lcDaULBWEY
TLPYLk8Is4wxuw==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:38:49 2025 by rpki-client on console-fra.rpki-client.org