Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File: shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier: ReiPEgqK9a6jT/Xm9HOTCupIodeAjM0RgnqWQpdBlkQ=
Subject key identifier: A1:2D:83:CC:A4:76:C2:59:CD:72:CA:8A:E8:01:6C:5B:76:4C:CB:EA
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer: /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial: 01950F466AE73A8ACBD95AD3D233FEAA2EAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number: 1454
Signing time: Sun 16 Feb 2025 15:00:27 +0000
Manifest this update: Sun 16 Feb 2025 15:00:27 +0000
Manifest next update: Mon 17 Feb 2025 15:00:27 +0000
Files and hashes: 1: P2sE-3tUICXx7cfC0favLdtRCZ0.roa (hash: ayIaE8Pk074Tx7I6FVVUWCPvr0NKwOuaUa8Xe24IzDg=)
2: eGoVDFCAKRgMU7yFCgUyj1lHOYk.roa (hash: i9IHtchSCoTvu2jWZ+d1LDgXIzrS7PbiIZtxvaQvRRk=)
3: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: uI2mDEJzHSSzj08A2FhScQP+Y3z3XSvwzMTA+z3PMWw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0f:46:6a:e7:3a:8a:cb:d9:5a:d3:d2:33:fe:aa:2e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
Validity
Not Before: Feb 16 15:00:27 2025 GMT
Not After : Feb 17 15:00:27 2025 GMT
Subject: CN=a12d83cca476c259cd72ca8ae8016c5b764ccbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:15:85:4f:5e:cb:f2:9f:55:04:07:fb:45:9b:
34:8a:a8:d9:ba:28:22:44:61:b7:46:22:1e:fd:f6:
cb:b3:8e:f2:dc:2c:be:19:4c:80:e3:4b:57:4e:4c:
4b:9c:86:3e:85:29:33:f0:e7:6a:72:d9:dc:e2:6a:
4a:46:88:28:b2:5a:61:60:19:8b:ff:56:21:7e:b5:
c8:91:a1:36:fa:fc:5e:2f:08:a2:6b:58:b5:4a:dd:
e7:97:f3:93:79:dc:e3:1e:de:b2:e8:5a:87:99:57:
a8:48:27:f4:2e:34:d1:82:98:71:ab:4a:8b:e5:26:
98:68:02:93:2f:00:2b:7d:ee:94:88:8b:c0:f7:6d:
0e:ce:4a:43:2e:c7:f7:f9:f2:39:39:43:a6:1f:ed:
eb:d9:b4:a8:58:17:06:16:a8:eb:a0:15:49:3b:9a:
c3:b4:22:3e:ae:05:a1:5f:29:a6:7e:b9:d7:a2:46:
e6:aa:36:80:07:82:95:e6:fb:b2:18:8a:84:3b:02:
17:8d:88:d8:17:62:0f:d0:1e:d8:36:cf:b9:a9:12:
74:56:e7:11:a3:fd:7e:75:c6:de:47:97:ce:d4:8b:
12:d8:37:72:66:7e:29:9c:eb:d2:5f:17:6f:77:b6:
9c:16:00:c8:31:32:f0:c4:f6:cb:6f:5e:00:b3:84:
e7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2D:83:CC:A4:76:C2:59:CD:72:CA:8A:E8:01:6C:5B:76:4C:CB:EA
X509v3 Authority Key Identifier:
keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:e1:73:34:f1:77:a3:34:fb:c4:c7:cf:dc:bc:67:2d:22:99:
d4:0b:9a:d4:6a:94:9f:2e:72:c3:da:35:ef:bf:cc:81:e6:f2:
ec:2f:2e:9e:38:bf:ed:ac:c6:8c:8a:fd:1e:b4:7b:4c:14:50:
24:65:98:8a:e4:d3:a9:d4:7e:f6:56:ae:b4:65:51:3a:bc:62:
97:35:96:51:03:a1:e3:fe:ad:25:b6:3c:2e:bd:f1:48:42:90:
94:f1:e6:2a:42:3f:e5:8e:1b:45:2c:b5:36:b8:95:9e:03:a7:
66:91:c8:46:2a:71:7f:c0:08:17:dc:44:9c:05:ea:44:12:dc:
ba:ea:83:fd:ed:c9:89:12:eb:87:30:b2:c4:f2:a7:62:ec:34:
40:5f:42:d0:fe:56:af:46:bb:ed:65:59:57:11:2f:5d:2a:e4:
d8:65:bd:d6:85:e1:09:f6:2a:74:d8:74:37:dc:23:7e:a3:77:
ab:24:d4:41:e0:7f:67:18:01:11:84:1c:31:50:a4:c3:98:e6:
47:52:d8:d2:ba:21:09:c4:62:58:0a:f6:3c:7c:c2:e0:4a:ea:
e3:fc:34:e6:c3:c4:a7:0c:6a:d0:68:c4:f1:74:b1:1c:f4:83:
0f:4a:7c:b2:3e:f5:76:06:f6:87:76:3b:a5:aa:29:03:ff:ec:
62:4f:7d:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUPRmrnOorL2VrT0jP+qi6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjUwMjE2MTUwMDI3WhcNMjUwMjE3MTUwMDI3WjAzMTEwLwYDVQQD
EyhhMTJkODNjY2E0NzZjMjU5Y2Q3MmNhOGFlODAxNmM1Yjc2NGNjYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hWFT17L8p9VBAf7RZs0iqjZuigi
RGG3RiIe/fbLs47y3Cy+GUyA40tXTkxLnIY+hSkz8Odqctnc4mpKRogoslphYBmL
/1YhfrXIkaE2+vxeLwiia1i1St3nl/OTedzjHt6y6FqHmVeoSCf0LjTRgphxq0qL
5SaYaAKTLwArfe6UiIvA920OzkpDLsf3+fI5OUOmH+3r2bSoWBcGFqjroBVJO5rD
tCI+rgWhXymmfrnXokbmqjaAB4KV5vuyGIqEOwIXjYjYF2IP0B7YNs+5qRJ0VucR
o/1+dcbeR5fO1IsS2DdyZn4pnOvSXxdvd7acFgDIMTLwxPbLb14As4TnHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEtg8ykdsJZzXLKiugBbFt2TMvqMB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADOFzNPF3
ozT7xMfP3LxnLSKZ1Aua1GqUny5yw9o177/Mgeby7C8unji/7azGjIr9HrR7TBRQ
JGWYiuTTqdR+9lautGVROrxilzWWUQOh4/6tJbY8Lr3xSEKQlPHmKkI/5Y4bRSy1
NriVngOnZpHIRipxf8AIF9xEnAXqRBLcuuqD/e3JiRLrhzCyxPKnYuw0QF9C0P5W
r0a77WVZVxEvXSrk2GW91oXhCfYqdNh0N9wjfqN3qyTUQeB/ZxgBEYQcMVCkw5jm
R1LY0rohCcRiWAr2PHzC4Erq4/w05sPEpwxq0GjE8XSxHPSDD0p8sj71dgb2h3Y7
paopA//sYk99Ug==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:14:41 2025 by rpki-client