Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier: 6l3F+whZkdl+tWDNELm0b+mpfXviMDKB//jyQ/Oksss=
Subject key identifier: 49:6F:C2:01:D2:00:F2:F4:34:08:7D:59:73:D6:C4:9C:00:A8:3F:05
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 019511D9B24D425C725588C1E41235DFEE91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number: 145A
Signing time: Mon 17 Feb 2025 03:00:34 +0000
Manifest this update: Mon 17 Feb 2025 03:00:34 +0000
Manifest next update: Tue 18 Feb 2025 03:00:34 +0000
Files and hashes: 1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: +7orkjpGgC5Um0EbH5zUIBysBhvcyx5Hvu5ogp5xCaM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:d9:b2:4d:42:5c:72:55:88:c1:e4:12:35:df:ee:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Feb 17 03:00:34 2025 GMT
Not After : Feb 18 03:00:34 2025 GMT
Subject: CN=496fc201d200f2f434087d5973d6c49c00a83f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:36:4e:18:88:bc:f7:fb:88:23:3b:4c:c2:2b:
bf:e7:fc:fd:81:aa:c6:2c:b5:36:0f:76:12:9f:3f:
1b:3f:d3:6f:22:fd:68:fc:f5:61:7e:3e:06:c5:e8:
7f:d6:12:1b:9a:db:0e:b6:ac:04:c3:15:76:c9:49:
45:4d:54:5f:7a:cb:43:27:73:61:00:a3:11:e8:5f:
4e:d1:db:c9:02:8e:a8:6d:5a:47:fc:00:21:45:c5:
20:ed:84:eb:93:47:b6:6c:2c:86:a9:ed:e3:fc:aa:
cb:d0:7e:6e:83:23:0e:4c:85:b5:3f:4b:1a:fe:06:
7f:58:23:83:3a:16:ba:3a:1e:32:36:bf:49:fa:23:
45:86:1c:cd:11:d0:73:f4:2f:ba:90:f8:cf:e4:c0:
64:06:33:d2:3f:9e:15:4c:73:99:1e:73:42:a8:57:
f1:9f:05:a7:28:e8:54:7e:05:a5:6a:70:7b:0a:6d:
72:53:09:6a:04:0e:90:d7:37:47:21:ee:be:f9:55:
0e:d9:7b:18:e8:04:f5:6f:bb:4e:b5:d5:6d:e2:28:
91:0f:dd:2d:a1:c9:c3:c6:ff:8c:dd:6e:98:ac:bf:
86:c8:6e:c7:90:4c:f2:8a:95:28:de:bc:eb:56:fe:
fb:02:70:da:43:0d:7d:d8:a1:00:dc:80:28:e9:76:
03:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:6F:C2:01:D2:00:F2:F4:34:08:7D:59:73:D6:C4:9C:00:A8:3F:05
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:de:97:42:08:be:6d:fd:0a:fe:56:8c:f2:a9:2d:e1:b0:50:
43:3b:96:14:2e:72:ac:55:d0:6a:86:04:11:a9:74:0c:12:b6:
b3:52:c8:0a:a4:43:64:df:61:05:84:f5:b1:35:1d:ca:5c:38:
52:09:3d:fc:e1:a9:ab:5e:08:f1:4a:c0:b7:a5:5e:bf:31:f7:
f3:19:94:6c:8e:81:b1:b8:8a:9d:2c:87:2e:f1:40:93:44:d2:
61:0b:4f:a5:16:8a:c7:18:27:82:8c:70:7d:f7:2a:6f:c8:84:
e3:68:eb:5a:b5:de:24:7f:6a:c8:73:1b:73:89:8a:a4:44:92:
c5:20:3c:10:75:88:b2:61:34:ea:d5:7e:66:b0:c7:e2:53:15:
98:1f:e7:2a:55:7d:b9:2f:a7:d2:51:aa:94:96:03:f6:5a:36:
fb:f0:c0:79:58:b4:3e:04:e5:67:ea:67:cb:a0:6d:d9:51:ad:
44:e6:c8:b7:c2:1f:dc:11:85:75:ee:4a:b2:4d:ab:c9:75:6d:
8c:1f:5f:3d:e2:8b:a1:c7:70:78:34:c5:e8:62:96:e4:db:48:
22:a4:55:97:5b:14:4d:4a:d6:2f:85:b3:4e:0c:8b:5e:8d:96:
8d:e9:f8:90:0c:7c:30:0f:47:b8:b3:e7:f2:15:4a:4b:f1:4d:
84:66:fb:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2bJNQlxyVYjB5BI13+6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwMjE3MDMwMDM0WhcNMjUwMjE4MDMwMDM0WjAzMTEwLwYDVQQD
Eyg0OTZmYzIwMWQyMDBmMmY0MzQwODdkNTk3M2Q2YzQ5YzAwYTgzZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDZOGIi89/uIIztMwiu/5/z9garG
LLU2D3YSnz8bP9NvIv1o/PVhfj4Gxeh/1hIbmtsOtqwEwxV2yUlFTVRfestDJ3Nh
AKMR6F9O0dvJAo6obVpH/AAhRcUg7YTrk0e2bCyGqe3j/KrL0H5ugyMOTIW1P0sa
/gZ/WCODOha6Oh4yNr9J+iNFhhzNEdBz9C+6kPjP5MBkBjPSP54VTHOZHnNCqFfx
nwWnKOhUfgWlanB7Cm1yUwlqBA6Q1zdHIe6++VUO2XsY6AT1b7tOtdVt4iiRD90t
ocnDxv+M3W6YrL+GyG7HkEzyipUo3rzrVv77AnDaQw192KEA3IAo6XYD3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElvwgHSAPL0NAh9WXPWxJwAqD8FMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj96XQgi+
bf0K/laM8qkt4bBQQzuWFC5yrFXQaoYEEal0DBK2s1LICqRDZN9hBYT1sTUdylw4
Ugk9/OGpq14I8UrAt6VevzH38xmUbI6BsbiKnSyHLvFAk0TSYQtPpRaKxxgngoxw
ffcqb8iE42jrWrXeJH9qyHMbc4mKpESSxSA8EHWIsmE06tV+ZrDH4lMVmB/nKlV9
uS+n0lGqlJYD9lo2+/DAeVi0PgTlZ+pny6Bt2VGtRObIt8If3BGFde5Ksk2ryXVt
jB9fPeKLocdweDTF6GKW5NtIIqRVl1sUTUrWL4WzTgyLXo2Wjen4kAx8MA9HuLPn
8hVKS/FNhGb7lQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:48 2025 by rpki-client