Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: 0JXR0LZZFvJs1BaLlx4GpeVjF5Tkn+32XCSw/cv9994=
Subject key identifier: BF:D3:4A:66:D5:CC:B1:62:1B:A4:31:24:4D:BD:17:5B:64:B5:53:5F
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 0194C42C92A36E787041BAB7BC2B27943139
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 0FFB
Signing time: Sun 02 Feb 2025 01:00:42 +0000
Manifest this update: Sun 02 Feb 2025 01:00:42 +0000
Manifest next update: Mon 03 Feb 2025 01:00:42 +0000
Files and hashes: 1: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (hash: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: NA2se57TspbM7p1aUV6JW/b5h96wbqidIO7QdqfU1rs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:2c:92:a3:6e:78:70:41:ba:b7:bc:2b:27:94:31:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Feb 2 01:00:42 2025 GMT
Not After : Feb 3 01:00:42 2025 GMT
Subject: CN=bfd34a66d5ccb1621ba431244dbd175b64b5535f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c0:74:9a:61:05:58:08:da:8f:9c:4b:6e:b7:
2b:57:eb:a1:23:58:d8:96:b4:13:a4:ce:d6:c7:b0:
42:87:e7:77:50:7f:7e:3a:4a:d4:3d:bd:ce:b5:c1:
d7:1e:34:cd:82:76:3e:51:36:bc:7e:38:52:3b:8c:
20:e4:51:e5:af:88:6e:53:1d:98:53:f2:9c:1f:1c:
29:ad:6c:de:86:4d:74:fa:ea:96:87:21:bd:40:03:
6c:84:e1:ea:42:6e:df:5b:cc:48:ed:f1:13:18:b2:
96:29:71:04:24:8e:52:9b:01:3e:1c:04:dc:61:bb:
54:85:1d:83:ae:49:a4:4d:5b:89:d1:0f:dd:32:44:
d7:e4:e9:c0:56:8e:31:b9:42:f4:ab:04:20:56:7a:
0f:ae:a9:94:75:d9:54:aa:e5:6f:c9:57:57:75:a3:
10:c5:63:85:d8:ea:82:a4:ac:23:e9:41:92:54:47:
19:5f:0d:a9:ad:dd:05:3e:a7:be:d7:a0:db:ce:3e:
01:43:ad:7c:35:b6:37:80:71:74:00:d5:89:5e:12:
7a:bf:b4:1a:97:5b:d1:5c:16:d0:aa:ca:27:48:95:
e6:cb:2c:37:dc:c2:31:5f:00:b5:67:0a:7d:09:ef:
d9:f6:40:57:0b:9d:66:11:8b:aa:68:cc:ce:95:9b:
5c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D3:4A:66:D5:CC:B1:62:1B:A4:31:24:4D:BD:17:5B:64:B5:53:5F
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:a9:8a:47:9a:18:59:04:64:fb:e8:42:f5:a3:f3:80:4d:4f:
61:da:21:c9:1d:ae:6a:5f:3a:4a:0a:53:cb:04:f7:58:61:eb:
a9:20:38:65:c9:19:09:9c:ea:7a:5e:00:93:d9:52:0e:98:dc:
43:1a:c4:a0:78:17:f9:02:c3:05:b1:50:0e:f7:ee:ff:33:87:
9e:df:00:9c:c5:70:e0:5c:eb:64:29:cd:8b:88:37:72:2b:3b:
f8:c4:56:e2:78:15:a1:30:0d:c6:5a:b7:46:f4:83:32:9f:8a:
76:d0:58:51:7a:ca:1c:fa:96:0a:24:62:c6:36:ff:49:36:55:
b3:b7:ca:d1:81:8d:3f:49:78:f8:5a:07:60:96:fa:1c:1d:0a:
f9:b9:cd:66:90:6c:2b:b1:c1:6d:94:78:e0:40:2f:8f:e6:16:
1b:48:60:ca:5e:09:fc:1c:bf:ff:f1:41:f1:ec:34:3e:d1:07:
cf:8b:c0:c6:72:c5:1d:e9:45:82:e6:58:61:bf:1a:26:ac:8b:
8d:92:fa:cf:ec:b1:31:2e:55:69:cd:47:cb:dd:cc:65:c0:8d:
a2:c8:fe:93:48:f2:a9:47:52:0a:3a:d7:3d:3f:19:f0:62:b6:
86:a9:15:80:03:b4:94:fb:21:d0:e8:c0:a6:2d:b8:4f:3a:be:
b6:b2:6d:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTELJKjbnhwQbq3vCsnlDE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjUwMjAyMDEwMDQyWhcNMjUwMjAzMDEwMDQyWjAzMTEwLwYDVQQD
EyhiZmQzNGE2NmQ1Y2NiMTYyMWJhNDMxMjQ0ZGJkMTc1YjY0YjU1MzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcB0mmEFWAjaj5xLbrcrV+uhI1jY
lrQTpM7Wx7BCh+d3UH9+OkrUPb3OtcHXHjTNgnY+UTa8fjhSO4wg5FHlr4huUx2Y
U/KcHxwprWzehk10+uqWhyG9QANshOHqQm7fW8xI7fETGLKWKXEEJI5SmwE+HATc
YbtUhR2DrkmkTVuJ0Q/dMkTX5OnAVo4xuUL0qwQgVnoPrqmUddlUquVvyVdXdaMQ
xWOF2OqCpKwj6UGSVEcZXw2prd0FPqe+16Dbzj4BQ618NbY3gHF0ANWJXhJ6v7Qa
l1vRXBbQqsonSJXmyyw33MIxXwC1Zwp9Ce/Z9kBXC51mEYuqaMzOlZtcawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/TSmbVzLFiG6QxJE29F1tktVNfMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVamKR5oY
WQRk++hC9aPzgE1PYdohyR2ual86SgpTywT3WGHrqSA4ZckZCZzqel4Ak9lSDpjc
QxrEoHgX+QLDBbFQDvfu/zOHnt8AnMVw4FzrZCnNi4g3cis7+MRW4ngVoTANxlq3
RvSDMp+KdtBYUXrKHPqWCiRixjb/STZVs7fK0YGNP0l4+FoHYJb6HB0K+bnNZpBs
K7HBbZR44EAvj+YWG0hgyl4J/By///FB8ew0PtEHz4vAxnLFHelFguZYYb8aJqyL
jZL6z+yxMS5Vac1Hy93MZcCNosj+k0jyqUdSCjrXPT8Z8GK2hqkVgAO0lPsh0OjA
pi24Tzq+trJtHA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:47:58 2025 by rpki-client