Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json)
Hash identifier: GNoyuVvjeBRAelHk9ch03Jv2jMTn4c9KDnyqA4BKFb4=
Subject key identifier: B3:EA:81:EC:FD:99:81:81:B3:8F:80:52:9B:08:16:8A:C1:5D:58:A4
Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14
Certificate serial: 0194C49A37CC3BC71C102CD3B97F8FFF3C0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
Manifest number: 0E29
Signing time: Sun 02 Feb 2025 03:00:28 +0000
Manifest this update: Sun 02 Feb 2025 03:00:28 +0000
Manifest next update: Mon 03 Feb 2025 03:00:28 +0000
Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=)
2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: BwSdlvEJVlQipDfiq0YS253ioDotLPv1Q8h4a0RW/Kk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:9a:37:cc:3b:c7:1c:10:2c:d3:b9:7f:8f:ff:3c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14
Validity
Not Before: Feb 2 03:00:28 2025 GMT
Not After : Feb 3 03:00:28 2025 GMT
Subject: CN=b3ea81ecfd998181b38f80529b08168ac15d58a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ef:ca:3e:2b:69:77:3e:5d:d6:04:09:95:15:
21:fa:3a:95:bc:17:ae:2c:c5:a4:9f:8d:2a:04:e7:
ac:cc:2d:66:17:48:19:4b:6c:1d:b1:8d:8b:f8:e2:
23:79:13:36:19:ed:c8:17:41:d8:33:39:71:91:d4:
cd:08:73:1c:38:cf:28:2e:22:fc:99:01:88:83:cd:
b9:48:79:44:c9:68:e2:1f:84:8e:f7:ae:d5:fe:50:
0e:9b:a2:d4:07:b5:43:b1:d0:73:e1:30:16:52:3b:
c9:75:a7:d5:9d:ee:25:df:60:a2:f2:26:22:07:26:
50:26:fd:5c:d1:12:34:a0:b1:89:72:1c:cf:cb:fc:
ee:2a:fa:c9:5d:7e:d6:8d:68:79:a6:fe:fb:a5:2c:
26:61:b3:d5:d9:8d:7b:04:a4:98:e3:3b:9a:98:1a:
8f:2c:bb:d4:4f:27:06:bd:91:45:27:e5:32:f5:bf:
be:38:2e:ba:e1:c3:77:ac:bd:d7:8e:fb:84:c4:2d:
56:b2:c9:2a:95:aa:85:9d:ca:3c:0e:60:04:41:c0:
5a:0a:54:ba:ec:60:8c:01:80:4a:ca:a8:49:00:c3:
b7:5e:6f:44:21:fa:69:32:6d:92:6a:ac:e2:c0:0b:
5e:36:f5:01:92:aa:d5:46:70:b8:66:eb:20:ff:77:
1a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EA:81:EC:FD:99:81:81:B3:8F:80:52:9B:08:16:8A:C1:5D:58:A4
X509v3 Authority Key Identifier:
keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:7f:4f:16:c8:ca:47:3c:e1:2c:ec:b3:ce:54:d6:c2:35:9b:
4d:7f:68:45:a4:1b:86:b6:2f:12:33:7e:15:2f:22:ae:a7:6f:
2e:35:02:b1:c2:53:db:aa:e1:cf:8c:16:41:b0:65:db:e9:8e:
85:40:a8:aa:3f:62:44:53:5e:89:07:17:19:c7:d2:59:80:98:
96:e4:03:ee:26:62:b4:f3:6f:6a:75:97:95:b8:bc:d4:8b:0e:
e1:b8:be:32:07:b1:3f:e7:6e:60:d9:fe:42:dc:f3:11:a3:6f:
ec:9a:08:af:7c:5b:02:3e:1f:7c:d3:14:61:c7:9f:ce:07:10:
da:42:dd:74:15:3a:ed:28:d9:4d:50:18:f9:69:25:48:dd:fb:
3f:f5:dc:a9:d4:dd:16:0e:6a:a6:db:b0:b8:6a:e4:08:d4:5f:
0c:9c:0a:6a:cd:71:d7:23:0e:b0:8d:e5:3e:f8:83:0b:7e:52:
e6:8f:d5:f3:ee:8f:6e:ca:1e:77:c5:24:71:90:94:e9:68:ed:
7a:52:1a:1d:32:84:f7:84:34:0c:be:62:b7:6d:62:6b:40:d6:
29:31:60:49:02:6b:55:0a:0c:56:d6:31:20:14:e4:bb:3b:0c:
de:61:33:16:9c:2d:c8:cc:8d:98:0e:b5:8c:9b:c6:7e:a2:40:
68:ab:5a:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEmjfMO8ccECzTuX+P/zwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5
NzVkMTQwHhcNMjUwMjAyMDMwMDI4WhcNMjUwMjAzMDMwMDI4WjAzMTEwLwYDVQQD
EyhiM2VhODFlY2ZkOTk4MTgxYjM4ZjgwNTI5YjA4MTY4YWMxNWQ1OGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6u/KPitpdz5d1gQJlRUh+jqVvBeu
LMWkn40qBOeszC1mF0gZS2wdsY2L+OIjeRM2Ge3IF0HYMzlxkdTNCHMcOM8oLiL8
mQGIg825SHlEyWjiH4SO967V/lAOm6LUB7VDsdBz4TAWUjvJdafVne4l32Ci8iYi
ByZQJv1c0RI0oLGJchzPy/zuKvrJXX7WjWh5pv77pSwmYbPV2Y17BKSY4zuamBqP
LLvUTycGvZFFJ+Uy9b++OC664cN3rL3XjvuExC1WsskqlaqFnco8DmAEQcBaClS6
7GCMAYBKyqhJAMO3Xm9EIfppMm2SaqziwAteNvUBkqrVRnC4Zusg/3caqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPqgez9mYGBs4+AUpsIForBXVikMB8GA1UdIwQY
MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt
ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk
LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACH9PFsjK
RzzhLOyzzlTWwjWbTX9oRaQbhrYvEjN+FS8irqdvLjUCscJT26rhz4wWQbBl2+mO
hUCoqj9iRFNeiQcXGcfSWYCYluQD7iZitPNvanWXlbi81IsO4bi+MgexP+duYNn+
QtzzEaNv7JoIr3xbAj4ffNMUYcefzgcQ2kLddBU67SjZTVAY+WklSN37P/XcqdTd
Fg5qptuwuGrkCNRfDJwKas1x1yMOsI3lPviDC35S5o/V8+6Pbsoed8UkcZCU6Wjt
elIaHTKE94Q0DL5it21ia0DWKTFgSQJrVQoMVtYxIBTkuzsM3mEzFpwtyMyNmA61
jJvGfqJAaKtaXA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:57:29 2025 by rpki-client