Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier: 3k/3h4/WJFWXepCgdf+6o2S4LOLHLxlV2uu/nGuFwfw=
Subject key identifier: F7:4F:80:53:78:02:16:E1:5B:E6:8E:CE:17:FB:50:91:9A:7F:10:C3
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial: 0194C3883C128723F96E068F3586011A01CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number: 0A83
Signing time: Sat 01 Feb 2025 22:01:12 +0000
Manifest this update: Sat 01 Feb 2025 22:01:12 +0000
Manifest next update: Sun 02 Feb 2025 22:01:12 +0000
Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: JeV/PiJR5JO1uqjQ1IY+N8ONi0GSnfJ7ILPUai6t2do=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:88:3c:12:87:23:f9:6e:06:8f:35:86:01:1a:01:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Validity
Not Before: Feb 1 22:01:12 2025 GMT
Not After : Feb 2 22:01:12 2025 GMT
Subject: CN=f74f8053780216e15be68ece17fb50919a7f10c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:2f:6f:96:42:ae:d6:76:f7:3b:f5:a2:02:
11:10:e8:dd:57:f1:00:93:89:eb:e4:fb:04:ea:45:
89:70:3c:fb:53:f8:91:d9:1e:cf:d6:e2:f7:c0:4d:
15:3d:33:7b:0f:4b:99:7d:9f:be:5b:c5:aa:ec:6d:
80:4e:e2:f3:de:44:fc:fd:67:1f:82:70:4f:11:ce:
0f:e9:1e:43:ca:6a:66:9d:73:9a:ac:a0:aa:d5:a2:
2e:64:7d:fc:2f:b5:ad:af:a8:ff:25:13:f9:84:83:
1b:a5:e4:96:ca:eb:fe:15:e7:1c:6e:bf:f7:6c:8b:
e0:29:66:e6:8a:c5:4d:bc:c6:9c:da:df:66:ed:26:
a3:01:18:46:2f:d7:b7:2d:a7:f6:6a:c6:bb:a7:0d:
c6:28:57:32:b9:be:17:4a:2b:22:f7:b3:af:bf:25:
a6:9f:89:ba:75:62:56:e6:92:14:99:a9:5e:6c:51:
59:2f:d9:08:fb:cf:1e:3c:77:9f:62:15:fa:a1:6f:
14:02:33:b4:b9:25:27:f1:35:48:7b:7c:60:54:9f:
8b:6b:2f:68:61:87:53:54:2a:7e:5b:d6:1d:28:5c:
7b:86:ce:eb:d0:d4:a7:65:de:27:98:d1:3a:25:22:
e1:6a:bc:21:cb:99:13:a8:c8:dc:c8:50:f5:7a:7a:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4F:80:53:78:02:16:E1:5B:E6:8E:CE:17:FB:50:91:9A:7F:10:C3
X509v3 Authority Key Identifier:
keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:ce:a2:6b:25:9d:eb:e3:2e:8b:5c:f2:47:e9:0a:c6:15:17:
e6:9f:d2:c1:33:ba:d5:4c:8f:d9:61:47:04:99:c4:ab:23:f7:
94:d1:77:ae:40:a9:cd:fa:d7:8e:1d:cf:4e:0a:42:0f:88:05:
86:ba:d8:23:07:26:c4:6d:90:af:9d:b7:f1:fa:f3:94:ed:f0:
cf:42:90:2b:be:b1:ba:27:72:14:16:02:13:d6:33:35:90:03:
70:d6:b3:74:19:de:6f:2e:db:c5:57:e2:f9:31:ac:68:44:ee:
c0:a6:aa:1d:9a:45:42:ec:85:99:7a:34:70:74:9d:42:ce:2b:
45:ef:07:70:27:a9:61:f5:d9:4b:28:6d:44:49:4f:5f:28:71:
8c:d2:83:ef:f0:31:3f:fa:53:0b:e6:58:63:0e:51:32:c3:c2:
0b:c3:be:f6:e8:a9:ca:ed:a9:73:d7:43:51:92:da:09:e4:d2:
27:fc:42:f8:28:8a:ff:75:6b:f8:77:d3:ab:b8:2a:f4:79:4b:
04:f6:96:f4:2c:98:62:47:3f:97:15:03:e8:24:3a:d4:85:6a:
16:eb:36:07:3f:ea:4e:63:64:e2:8c:4c:7a:b0:e3:fe:66:16:
31:77:4b:8c:e0:e7:ff:95:e0:c9:b2:8a:66:1f:4e:62:a3:3c:
96:f1:d6:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDiDwShyP5bgaPNYYBGgHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjUwMjAxMjIwMTEyWhcNMjUwMjAyMjIwMTEyWjAzMTEwLwYDVQQD
EyhmNzRmODA1Mzc4MDIxNmUxNWJlNjhlY2UxN2ZiNTA5MTlhN2YxMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2Uvb5ZCrtZ29zv1ogIREOjdV/EA
k4nr5PsE6kWJcDz7U/iR2R7P1uL3wE0VPTN7D0uZfZ++W8Wq7G2ATuLz3kT8/Wcf
gnBPEc4P6R5DympmnXOarKCq1aIuZH38L7Wtr6j/JRP5hIMbpeSWyuv+Feccbr/3
bIvgKWbmisVNvMac2t9m7SajARhGL9e3Laf2asa7pw3GKFcyub4XSisi97OvvyWm
n4m6dWJW5pIUmalebFFZL9kI+88ePHefYhX6oW8UAjO0uSUn8TVIe3xgVJ+Lay9o
YYdTVCp+W9YdKFx7hs7r0NSnZd4nmNE6JSLharwhy5kTqMjcyFD1enokUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdPgFN4AhbhW+aOzhf7UJGafxDDMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGM6iayWd
6+Mui1zyR+kKxhUX5p/SwTO61UyP2WFHBJnEqyP3lNF3rkCpzfrXjh3PTgpCD4gF
hrrYIwcmxG2Qr5238frzlO3wz0KQK76xuidyFBYCE9YzNZADcNazdBneby7bxVfi
+TGsaETuwKaqHZpFQuyFmXo0cHSdQs4rRe8HcCepYfXZSyhtRElPXyhxjNKD7/Ax
P/pTC+ZYYw5RMsPCC8O+9uipyu2pc9dDUZLaCeTSJ/xC+CiK/3Vr+HfTq7gq9HlL
BPaW9CyYYkc/lxUD6CQ61IVqFus2Bz/qTmNk4oxMerDj/mYWMXdLjODn/5XgybKK
Zh9OYqM8lvHWvQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:55:32 2025 by rpki-client