Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
File: r2A0bQgbHFyBCzlMZuEFErv02Mk.mft (raw, json)
Hash identifier: zAHXjTSFZRMkXZIxq4ODeIxaOaCShJMNBnCaCNct5iw=
Subject key identifier: 52:E2:4A:C6:70:08:A7:83:92:6F:73:79:02:69:67:FB:E7:EA:89:EA
Authority key identifier: AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
Certificate issuer: /CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Certificate serial: 019512476CEF659A9A7FD1D5A4916046E3BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
Manifest number: 0170
Signing time: Mon 17 Feb 2025 05:00:25 +0000
Manifest this update: Mon 17 Feb 2025 05:00:25 +0000
Manifest next update: Tue 18 Feb 2025 05:00:25 +0000
Files and hashes: 1: j5QtHlhxEZZOM5CvXJMLssoxGGc.roa (hash: 8L3ZEU7bcEWssZWSFVojRb4D5wALELFNA26f5J8ZxnI=)
2: r2A0bQgbHFyBCzlMZuEFErv02Mk.crl (hash: 6mjQvPzod/+rH25TeKRsX8CCjvhkelt3n/3MuV8qFrA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:47:6c:ef:65:9a:9a:7f:d1:d5:a4:91:60:46:e3:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Validity
Not Before: Feb 17 05:00:25 2025 GMT
Not After : Feb 18 05:00:25 2025 GMT
Subject: CN=52e24ac67008a783926f7379026967fbe7ea89ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:43:13:0e:a8:4e:76:93:f4:43:b7:12:ae:2c:
03:9e:51:2d:cb:57:52:cd:c5:c1:d5:69:ce:cf:d0:
b8:ca:80:dd:1e:b5:05:d6:f5:4f:b5:2b:a9:90:b0:
2f:1d:e5:cd:7d:26:46:d7:3a:04:72:7e:be:b7:1f:
18:76:c8:3b:93:05:35:6a:e8:6a:50:c9:0a:a4:12:
06:e2:c6:ea:83:bd:c0:99:5c:b2:01:2e:ea:f7:49:
12:43:10:1d:22:97:70:18:fb:22:c5:99:a4:b6:e8:
28:08:9b:90:0d:64:00:f1:a0:eb:e9:19:05:e8:87:
08:6d:bc:06:3f:2d:34:b0:75:40:ed:af:4d:c6:20:
9e:f8:0f:93:54:54:ca:c7:c5:d6:0c:ff:7d:79:b8:
12:4c:2b:58:3f:9c:35:9b:23:f4:80:5e:22:43:c6:
1a:cf:e4:8c:9e:5e:2b:ae:9b:e3:63:ec:2b:06:f1:
86:59:95:f0:4f:59:39:24:9f:db:c5:6e:8d:e2:06:
bc:4b:54:3f:f6:4c:5f:8b:ed:83:80:4d:86:43:8a:
1f:d0:c9:f0:af:8d:46:7d:4f:55:74:97:a9:3d:6b:
e4:a5:c8:38:63:dc:44:79:a6:8c:7d:f9:1b:be:e9:
e5:28:07:e9:99:2e:71:6b:a9:cf:c9:9e:95:75:e7:
58:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E2:4A:C6:70:08:A7:83:92:6F:73:79:02:69:67:FB:E7:EA:89:EA
X509v3 Authority Key Identifier:
keyid:AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:fd:9c:7c:f2:24:bd:ad:a9:e4:10:be:5b:1e:61:04:76:42:
bb:f4:21:40:92:19:1c:4a:80:5b:00:d6:b7:2b:e7:2d:d6:4b:
e6:cf:11:2e:17:a8:b3:da:56:1d:94:ba:ec:c6:06:e0:73:5a:
bc:92:df:f4:98:de:75:79:97:64:72:04:cc:b4:62:fd:1b:04:
5c:67:1f:88:59:3c:cd:7d:e2:b9:cc:ac:12:7a:21:1e:ff:18:
0a:f7:19:2d:f3:4d:30:4d:13:a1:0b:b1:b2:1b:73:62:9e:b3:
25:9e:a2:9d:2a:0f:f2:37:60:e2:e4:82:95:33:be:02:4f:b8:
f6:8a:0e:40:78:4c:ba:86:56:c5:e6:1f:e8:04:5b:15:60:50:
5e:5a:44:c3:2c:c4:0a:a3:4f:b1:5d:7c:42:e9:31:85:f9:5f:
65:9a:37:93:46:f3:67:b9:8f:da:49:77:c1:6e:ff:de:9a:fa:
f9:1c:a7:b7:81:2b:6a:f4:c2:05:8d:19:8f:cd:e3:7a:76:aa:
4c:46:6f:43:5d:43:4d:cb:91:a8:40:91:f1:a9:15:7e:d9:9c:
1e:c9:52:14:d0:9f:91:d5:94:80:44:03:d0:a7:98:cb:57:47:
90:2e:93:7f:15:3f:39:fd:97:4b:05:c3:3b:b1:1e:44:08:de:
07:86:37:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSR2zvZZqaf9HVpJFgRuO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjAzNDZkMDgxYjFjNWM4MTBiMzk0YzY2ZTEwNTEyYmJm
NGQ4YzkwHhcNMjUwMjE3MDUwMDI1WhcNMjUwMjE4MDUwMDI1WjAzMTEwLwYDVQQD
Eyg1MmUyNGFjNjcwMDhhNzgzOTI2ZjczNzkwMjY5NjdmYmU3ZWE4OWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkMTDqhOdpP0Q7cSriwDnlEty1dS
zcXB1WnOz9C4yoDdHrUF1vVPtSupkLAvHeXNfSZG1zoEcn6+tx8Ydsg7kwU1auhq
UMkKpBIG4sbqg73AmVyyAS7q90kSQxAdIpdwGPsixZmktugoCJuQDWQA8aDr6RkF
6IcIbbwGPy00sHVA7a9NxiCe+A+TVFTKx8XWDP99ebgSTCtYP5w1myP0gF4iQ8Ya
z+SMnl4rrpvjY+wrBvGGWZXwT1k5JJ/bxW6N4ga8S1Q/9kxfi+2DgE2GQ4of0Mnw
r41GfU9VdJepPWvkpcg4Y9xEeaaMffkbvunlKAfpmS5xa6nPyZ6VdedY9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFLiSsZwCKeDkm9zeQJpZ/vn6onqMB8GA1UdIwQY
MBaAFK9gNG0IGxxcgQs5TGbhBRK79NjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEt
MjYzOTgzOWY4MjhkLzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEtMjYzOTgzOWY4Mjhk
LzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgv2cfPIk
va2p5BC+Wx5hBHZCu/QhQJIZHEqAWwDWtyvnLdZL5s8RLheos9pWHZS67MYG4HNa
vJLf9JjedXmXZHIEzLRi/RsEXGcfiFk8zX3iucysEnohHv8YCvcZLfNNME0ToQux
shtzYp6zJZ6inSoP8jdg4uSClTO+Ak+49ooOQHhMuoZWxeYf6ARbFWBQXlpEwyzE
CqNPsV18QukxhflfZZo3k0bzZ7mP2kl3wW7/3pr6+Rynt4EravTCBY0Zj83jenaq
TEZvQ11DTcuRqECR8akVftmcHslSFNCfkdWUgEQD0KeYy1dHkC6TfxU/Of2XSwXD
O7EeRAjeB4Y3zA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:28 2025 by rpki-client