Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
File: yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft (raw, json)
Hash identifier: aUr4GqY6g+qh+8NBWxjYRyyXdqQksGSn/bxt63Kebtk=
Subject key identifier: 8C:CB:55:19:EB:4A:E6:76:29:BD:56:BB:74:37:0A:21:15:43:E3:39
Authority key identifier: CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
Certificate issuer: /CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Certificate serial: 0194C38821C1E17DBA0946F0FFF04537BFC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
Manifest number: 01B3
Signing time: Sat 01 Feb 2025 22:01:06 +0000
Manifest this update: Sat 01 Feb 2025 22:01:06 +0000
Manifest next update: Sun 02 Feb 2025 22:01:06 +0000
Files and hashes: 1: eVWj75QB5-NY5cip7EaAMqsD3_Q.roa (hash: R8SYABsszbTf/c1Z91aXqCMR7hgNS09va3LcQa+6Zyg=)
2: yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl (hash: 9oLgOYbS/AheZGn8BzkEzlR1ylvibfDPge7hz1eZw48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:88:21:c1:e1:7d:ba:09:46:f0:ff:f0:45:37:bf:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca231a4362bc1ec0fdb4349901b61ccf9d679d65
Validity
Not Before: Feb 1 22:01:06 2025 GMT
Not After : Feb 2 22:01:06 2025 GMT
Subject: CN=8ccb5519eb4ae67629bd56bb74370a211543e339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e2:75:c0:2d:b7:c4:d2:7f:fb:2d:ed:52:9c:
a6:d0:96:52:8c:cb:a7:a6:4e:37:a8:59:db:c9:20:
b2:df:de:a1:70:85:ba:33:ca:53:60:39:5a:1c:cd:
db:e1:22:84:12:f1:ab:95:5f:80:35:28:74:3e:d4:
93:7e:2f:5f:6d:ec:95:65:3f:d5:a2:d4:10:68:dc:
f4:4a:2c:ee:87:88:7d:ad:ab:d1:4a:ea:ea:c9:fb:
61:f4:54:6d:12:f2:47:78:66:a0:fc:4c:bd:cd:f9:
8e:5a:fb:b7:8d:d9:92:dc:36:1c:5d:b6:1c:95:c6:
cc:5c:08:2f:e6:59:e1:04:0f:11:b0:21:f7:e7:b9:
46:40:8c:9e:1a:54:0b:a4:78:3b:52:a4:8f:8a:c9:
09:10:30:5d:d7:03:b0:40:12:5a:04:e8:6c:f0:42:
d5:ef:dd:84:b6:90:aa:bf:e7:42:54:55:3b:be:6a:
97:b2:48:c3:98:7b:cc:8e:6a:cc:dd:21:6b:1c:92:
7b:6b:62:8e:68:5e:e0:48:94:a0:6f:68:38:1d:7b:
2b:ff:02:8f:64:da:cd:3f:35:3c:65:17:fc:c4:30:
0c:cd:f9:77:c8:5a:76:ff:66:dd:8d:d7:b3:57:80:
16:97:24:99:e0:f1:4f:f5:ae:fe:e0:ef:a3:31:a8:
08:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CB:55:19:EB:4A:E6:76:29:BD:56:BB:74:37:0A:21:15:43:E3:39
X509v3 Authority Key Identifier:
keyid:CA:23:1A:43:62:BC:1E:C0:FD:B4:34:99:01:B6:1C:CF:9D:67:9D:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yiMaQ2K8HsD9tDSZAbYcz51nnWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/856c05-d7b2-499a-af39-39dfa48ea6b9/1/yiMaQ2K8HsD9tDSZAbYcz51nnWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:a4:b8:f0:14:31:19:47:3a:dd:6e:4b:2c:5b:21:42:2a:d0:
ff:53:90:65:7d:56:dd:f2:72:2c:bb:d6:60:f6:09:5a:db:bb:
02:be:3b:74:9e:49:11:89:c5:b4:3c:bc:d1:18:ca:cc:53:d8:
20:0a:1e:ee:42:03:b6:96:1b:24:d6:45:9e:f2:e4:15:dd:1f:
31:51:a8:15:59:9b:e4:fd:a9:63:db:00:69:de:ab:91:57:65:
ae:44:c1:94:28:17:b1:10:ce:68:ce:f0:68:46:44:08:1e:c6:
36:97:01:c6:ce:83:f3:90:be:bc:a4:f4:11:28:cb:39:60:64:
e5:e8:25:d6:ad:2c:7f:0b:b9:da:e2:8c:50:1d:cf:0d:91:4d:
c8:c5:9d:3a:56:22:80:e9:65:1a:7c:c2:a3:c3:dd:65:51:94:
63:7a:46:57:32:f3:b1:ab:8b:7d:bd:2e:a8:49:65:db:8f:6e:
ee:27:54:76:63:43:c9:c7:1e:d4:25:b0:be:64:10:7b:95:11:
0c:a3:d6:19:07:f3:8f:f0:de:8e:bc:44:69:ee:79:ff:c6:b8:
80:d8:37:4e:35:bb:39:78:75:9e:0a:2a:ab:a0:9c:76:ae:66:
95:d1:11:fd:70:41:ca:ca:a4:d2:92:73:5e:45:97:7b:bf:b6:
6b:b9:6e:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiCHB4X26CUbw//BFN7/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjMxYTQzNjJiYzFlYzBmZGI0MzQ5OTAxYjYxY2NmOWQ2
NzlkNjUwHhcNMjUwMjAxMjIwMTA2WhcNMjUwMjAyMjIwMTA2WjAzMTEwLwYDVQQD
Eyg4Y2NiNTUxOWViNGFlNjc2MjliZDU2YmI3NDM3MGEyMTE1NDNlMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+J1wC23xNJ/+y3tUpym0JZSjMun
pk43qFnbySCy396hcIW6M8pTYDlaHM3b4SKEEvGrlV+ANSh0PtSTfi9fbeyVZT/V
otQQaNz0Sizuh4h9ravRSurqyfth9FRtEvJHeGag/Ey9zfmOWvu3jdmS3DYcXbYc
lcbMXAgv5lnhBA8RsCH357lGQIyeGlQLpHg7UqSPiskJEDBd1wOwQBJaBOhs8ELV
792EtpCqv+dCVFU7vmqXskjDmHvMjmrM3SFrHJJ7a2KOaF7gSJSgb2g4HXsr/wKP
ZNrNPzU8ZRf8xDAMzfl3yFp2/2bdjdezV4AWlySZ4PFP9a7+4O+jMagIFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzLVRnrSuZ2Kb1Wu3Q3CiEVQ+M5MB8GA1UdIwQY
MBaAFMojGkNivB7A/bQ0mQG2HM+dZ51lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzkt
MzlkZmE0OGVhNmI5LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84NTZjMDUtZDdiMi00OTlhLWFmMzktMzlkZmE0OGVhNmI5
LzEveWlNYVEySzhIc0Q5dERTWkFiWWN6NTFubldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtaS48BQx
GUc63W5LLFshQirQ/1OQZX1W3fJyLLvWYPYJWtu7Ar47dJ5JEYnFtDy80RjKzFPY
IAoe7kIDtpYbJNZFnvLkFd0fMVGoFVmb5P2pY9sAad6rkVdlrkTBlCgXsRDOaM7w
aEZECB7GNpcBxs6D85C+vKT0ESjLOWBk5egl1q0sfwu52uKMUB3PDZFNyMWdOlYi
gOllGnzCo8PdZVGUY3pGVzLzsauLfb0uqEll249u7idUdmNDycce1CWwvmQQe5UR
DKPWGQfzj/DejrxEae55/8a4gNg3TjW7OXh1ngoqq6Ccdq5mldER/XBBysqk0pJz
XkWXe7+2a7luag==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:05:06 2025 by rpki-client