Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
File: 2ko-wHuXhY5oNKWh-I64_jG_eyA.mft (raw, json)
Hash identifier: 4NtARU93IjMh1OI6Y2u3QulILerWV15JLQ352nM1M3s=
Subject key identifier: 38:AF:5B:5B:83:F7:9D:0E:F9:24:05:AB:9E:EA:4D:42:85:DF:BE:9C
Authority key identifier: DA:4A:3E:C0:7B:97:85:8E:68:34:A5:A1:F8:8E:B8:FE:31:BF:7B:20
Certificate issuer: /CN=da4a3ec07b97858e6834a5a1f88eb8fe31bf7b20
Certificate serial: 019511D99B8AD2B101A27F1BD91E7A2776B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ko-wHuXhY5oNKWh-I64_jG_eyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
Manifest number: 0502
Signing time: Mon 17 Feb 2025 03:00:28 +0000
Manifest this update: Mon 17 Feb 2025 03:00:28 +0000
Manifest next update: Tue 18 Feb 2025 03:00:28 +0000
Files and hashes: 1: 2ko-wHuXhY5oNKWh-I64_jG_eyA.crl (hash: 2jQzfgnAu5CI28DxbW2r9QVoRLKKZyvWMODvM17sGP0=)
2: SKL1Cd8Tn-ZKbcOxgMo9-wJ0gbQ.roa (hash: 4u4TOuVY+peXwBlO4N668GLOAFUf52/Bj870kxpoG3I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ko-wHuXhY5oNKWh-I64_jG_eyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:d9:9b:8a:d2:b1:01:a2:7f:1b:d9:1e:7a:27:76:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da4a3ec07b97858e6834a5a1f88eb8fe31bf7b20
Validity
Not Before: Feb 17 03:00:28 2025 GMT
Not After : Feb 18 03:00:28 2025 GMT
Subject: CN=38af5b5b83f79d0ef92405ab9eea4d4285dfbe9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:d2:eb:17:71:49:b9:5f:14:ea:fe:cf:75:
70:0f:0b:ae:3c:c6:21:18:dc:3b:b3:88:f2:c7:7d:
b7:fc:18:2c:22:9f:40:7b:67:64:8a:0b:d7:38:d9:
6d:3c:c5:d2:dd:b8:c4:e8:71:8f:98:3b:d9:e0:31:
4d:9a:58:35:2b:30:20:b1:8f:87:e0:fe:d2:ef:d0:
db:7a:59:d4:42:e3:1d:79:78:60:53:35:a5:07:6b:
56:d3:f0:26:68:60:70:cc:e2:06:9f:aa:c7:e1:f9:
28:dd:32:8b:fe:78:93:3d:1e:d5:0d:7e:aa:71:ae:
ff:4a:40:4f:1b:f7:5d:c1:8b:03:e6:69:b6:dd:13:
1d:6e:a2:4a:4c:a8:06:9f:87:b8:8b:3d:de:34:b5:
68:4e:e0:17:0e:e2:23:43:57:53:70:a6:cc:bf:20:
d7:ce:bf:39:24:fd:13:a2:af:dd:f8:a9:7b:1e:d6:
0d:6f:3c:57:24:f1:f8:34:91:a4:0c:9d:ec:19:18:
da:32:b0:37:03:22:ef:9a:65:78:25:e1:f3:74:84:
77:af:45:53:b4:de:3f:63:8e:96:0e:89:6d:57:f2:
a1:74:2d:f7:cb:a1:72:ac:19:49:e7:3d:cd:3a:ad:
f2:29:29:9c:80:13:fc:70:e8:c5:79:db:27:e1:f8:
87:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AF:5B:5B:83:F7:9D:0E:F9:24:05:AB:9E:EA:4D:42:85:DF:BE:9C
X509v3 Authority Key Identifier:
keyid:DA:4A:3E:C0:7B:97:85:8E:68:34:A5:A1:F8:8E:B8:FE:31:BF:7B:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ko-wHuXhY5oNKWh-I64_jG_eyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:58:ca:56:06:76:4c:cf:45:32:e0:20:c4:c9:eb:b4:59:7c:
23:82:ac:39:86:7a:59:e0:d0:86:c4:31:e1:c5:11:8c:6d:98:
0a:2f:9a:98:e2:e3:40:97:7f:1a:07:c5:ce:03:27:4a:09:bf:
f6:be:c9:25:29:00:0c:02:0c:7c:f9:7c:f4:50:ce:e8:a2:fa:
32:09:00:d3:1c:b5:20:69:a1:80:0b:ae:84:d3:d4:c9:86:73:
4e:43:c7:04:23:17:3e:28:0f:be:11:14:a9:ba:d5:12:f4:a0:
a2:c5:f4:d1:4b:ee:a7:f0:70:1e:77:ec:fc:56:67:9e:36:61:
aa:18:53:58:20:f1:44:f2:c7:a8:32:f4:86:0d:44:c0:5d:4b:
80:da:ff:50:20:8a:83:7e:d1:ec:8a:ef:de:82:14:b5:69:3d:
9b:50:70:71:eb:01:a7:be:91:78:04:59:8d:b6:e9:b5:b9:93:
aa:d4:29:f6:b8:20:64:94:5b:a0:9f:f8:5e:73:c3:b0:3b:00:
01:75:aa:be:5e:aa:eb:c5:b2:48:21:44:89:9a:fc:45:6c:f7:
9a:c0:cb:85:0d:77:5c:56:cf:0c:6e:a7:a5:30:97:45:c0:82:
b4:14:b6:60:80:a1:41:fb:6d:33:39:8f:ca:6a:4b:ea:21:6f:
18:71:51:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2ZuK0rEBon8b2R56J3azMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNGEzZWMwN2I5Nzg1OGU2ODM0YTVhMWY4OGViOGZlMzFi
ZjdiMjAwHhcNMjUwMjE3MDMwMDI4WhcNMjUwMjE4MDMwMDI4WjAzMTEwLwYDVQQD
EygzOGFmNWI1YjgzZjc5ZDBlZjkyNDA1YWI5ZWVhNGQ0Mjg1ZGZiZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/PS6xdxSblfFOr+z3VwDwuuPMYh
GNw7s4jyx323/BgsIp9Ae2dkigvXONltPMXS3bjE6HGPmDvZ4DFNmlg1KzAgsY+H
4P7S79DbelnUQuMdeXhgUzWlB2tW0/AmaGBwzOIGn6rH4fko3TKL/niTPR7VDX6q
ca7/SkBPG/ddwYsD5mm23RMdbqJKTKgGn4e4iz3eNLVoTuAXDuIjQ1dTcKbMvyDX
zr85JP0Toq/d+Kl7HtYNbzxXJPH4NJGkDJ3sGRjaMrA3AyLvmmV4JeHzdIR3r0VT
tN4/Y46WDoltV/KhdC33y6FyrBlJ5z3NOq3yKSmcgBP8cOjFedsn4fiHOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDivW1uD950O+SQFq57qTUKF376cMB8GA1UdIwQY
MBaAFNpKPsB7l4WOaDSlofiOuP4xv3sgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmtvLXdIdVhoWTVvTktXaC1JNjRfakdfZXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mZTAzMDYtYWY4NC00ZThlLTg4ODUt
Yjg0YTk4MTllYWQ2LzEvMmtvLXdIdVhoWTVvTktXaC1JNjRfakdfZXlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mZTAzMDYtYWY4NC00ZThlLTg4ODUtYjg0YTk4MTllYWQ2
LzEvMmtvLXdIdVhoWTVvTktXaC1JNjRfakdfZXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEljKVgZ2
TM9FMuAgxMnrtFl8I4KsOYZ6WeDQhsQx4cURjG2YCi+amOLjQJd/GgfFzgMnSgm/
9r7JJSkADAIMfPl89FDO6KL6MgkA0xy1IGmhgAuuhNPUyYZzTkPHBCMXPigPvhEU
qbrVEvSgosX00Uvup/BwHnfs/FZnnjZhqhhTWCDxRPLHqDL0hg1EwF1LgNr/UCCK
g37R7Irv3oIUtWk9m1BwcesBp76ReARZjbbptbmTqtQp9rggZJRboJ/4XnPDsDsA
AXWqvl6q68WySCFEiZr8RWz3msDLhQ13XFbPDG6npTCXRcCCtBS2YIChQfttMzmP
ympL6iFvGHFRcg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:25 2025 by rpki-client