Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
File: kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json)
Hash identifier: l+gQzp1O68+tLJb72p/6PUYEOMXz0XI2VzzrMmvJSUw=
Subject key identifier: 23:EB:FF:BE:F4:40:F1:72:67:31:DD:75:5A:3E:9F:13:C5:07:EA:FA
Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
Certificate issuer: /CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Certificate serial: 0195127E6C0AB585663C2E077A3CF8F65A00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
Manifest number: 0352
Signing time: Mon 17 Feb 2025 06:00:29 +0000
Manifest this update: Mon 17 Feb 2025 06:00:29 +0000
Manifest next update: Tue 18 Feb 2025 06:00:29 +0000
Files and hashes: 1: U5Y7YWVXNPPm9KoqmwsivloXzrs.roa (hash: ca5vcs2GJ+zXpmrDaBzBSEBE+1Vnejqdln+cTCo9uxU=)
2: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: 0m6skqWtZdqQKtqW5kg35sNuP79s6L1lUrMDzZMDPus=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:7e:6c:0a:b5:85:66:3c:2e:07:7a:3c:f8:f6:5a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Validity
Not Before: Feb 17 06:00:29 2025 GMT
Not After : Feb 18 06:00:29 2025 GMT
Subject: CN=23ebffbef440f1726731dd755a3e9f13c507eafa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cb:50:26:b3:47:19:d5:74:e2:da:af:5e:9b:
b2:dc:aa:44:34:26:7f:9d:18:b5:03:5d:ef:e6:d3:
51:d9:eb:56:58:a0:36:ad:d2:f9:b0:a1:c5:3c:13:
cb:e7:6b:ff:fa:a6:b5:7a:59:70:39:00:bb:a2:49:
d6:92:fd:b8:cf:74:98:63:ac:18:42:09:b1:82:54:
74:47:2b:30:b8:84:7d:76:f7:7f:a1:7d:bd:b4:61:
ae:ea:58:1c:83:32:b1:34:b6:26:80:21:19:2a:2f:
b6:3d:d7:c4:c0:44:c0:4d:37:0c:ed:f5:fe:6e:ca:
be:0f:0e:30:d7:d3:72:5e:f7:26:dc:b3:f7:c9:cf:
6b:0f:3d:c5:21:66:91:a7:8a:f5:c0:08:28:91:7d:
b7:ef:36:51:0c:0b:81:bd:bd:49:a3:be:90:18:6a:
66:16:53:55:14:ea:78:89:1e:55:e7:93:58:07:50:
85:e2:ea:c7:fb:a2:66:c1:24:7f:ae:a1:4c:71:ef:
c0:9c:58:b0:0e:b9:0c:aa:a4:3f:69:fa:41:5e:c4:
cc:1c:b5:0b:25:77:bc:c8:17:b2:59:f0:6a:8c:0d:
44:b8:b9:c7:0f:c9:06:83:6c:08:ba:a1:c8:39:1a:
9a:0c:1b:09:e3:8f:eb:ee:a6:fc:eb:d4:60:47:3b:
10:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EB:FF:BE:F4:40:F1:72:67:31:DD:75:5A:3E:9F:13:C5:07:EA:FA
X509v3 Authority Key Identifier:
keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:99:81:85:33:74:3b:de:5c:c2:a1:04:67:0f:4e:ca:f7:66:
ef:90:50:0e:43:a6:9f:32:59:36:5d:4f:e6:09:73:c5:b9:2f:
0a:92:fb:c7:ec:d7:c2:c2:ed:e9:53:77:43:ba:25:31:b7:67:
82:1b:0c:99:db:3e:48:36:52:95:33:6b:4b:16:c9:01:26:2c:
e2:f6:c1:69:01:97:04:27:d5:e0:0d:75:6a:33:ee:2c:d8:26:
e7:c2:88:b2:58:d5:4b:96:be:e4:f3:3e:7a:69:0d:29:b8:60:
09:15:a5:d7:a5:70:c9:41:72:3f:65:84:6b:16:8c:4b:9d:a9:
86:f9:31:fb:aa:db:3f:14:dd:a8:2d:5d:c4:06:6b:8d:6c:b8:
52:85:bf:22:70:7b:69:3d:16:b4:8a:17:51:1d:c9:43:15:13:
f4:84:09:4c:a3:84:61:79:01:9f:44:50:a3:30:db:ce:99:9a:
dd:03:6c:05:49:a7:ea:4c:8a:3f:65:9b:ed:af:bb:35:7e:12:
2b:0a:53:fa:b2:2e:75:d2:a2:c7:2d:60:36:22:3b:e3:83:82:
29:01:86:b2:ac:9a:74:15:dd:8d:c9:b1:9a:55:ae:88:dc:9d:
e3:33:be:ef:ec:f9:58:17:c3:84:31:12:c6:b6:57:c5:2f:4e:
79:f0:83:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSfmwKtYVmPC4Hejz49loAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm
NjI1MzEwHhcNMjUwMjE3MDYwMDI5WhcNMjUwMjE4MDYwMDI5WjAzMTEwLwYDVQQD
EygyM2ViZmZiZWY0NDBmMTcyNjczMWRkNzU1YTNlOWYxM2M1MDdlYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjstQJrNHGdV04tqvXpuy3KpENCZ/
nRi1A13v5tNR2etWWKA2rdL5sKHFPBPL52v/+qa1ellwOQC7oknWkv24z3SYY6wY
QgmxglR0RyswuIR9dvd/oX29tGGu6lgcgzKxNLYmgCEZKi+2PdfEwETATTcM7fX+
bsq+Dw4w19NyXvcm3LP3yc9rDz3FIWaRp4r1wAgokX237zZRDAuBvb1Jo76QGGpm
FlNVFOp4iR5V55NYB1CF4urH+6JmwSR/rqFMce/AnFiwDrkMqqQ/afpBXsTMHLUL
JXe8yBeyWfBqjA1EuLnHD8kGg2wIuqHIORqaDBsJ44/r7qb869RgRzsQlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPr/770QPFyZzHddVo+nxPFB+r6MB8GA1UdIwQY
MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt
OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1
LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHpmBhTN0
O95cwqEEZw9Oyvdm75BQDkOmnzJZNl1P5glzxbkvCpL7x+zXwsLt6VN3Q7olMbdn
ghsMmds+SDZSlTNrSxbJASYs4vbBaQGXBCfV4A11ajPuLNgm58KIsljVS5a+5PM+
emkNKbhgCRWl16VwyUFyP2WEaxaMS52phvkx+6rbPxTdqC1dxAZrjWy4UoW/InB7
aT0WtIoXUR3JQxUT9IQJTKOEYXkBn0RQozDbzpma3QNsBUmn6kyKP2Wb7a+7NX4S
KwpT+rIuddKixy1gNiI744OCKQGGsqyadBXdjcmxmlWuiNyd4zO+7+z5WBfDhDES
xrZXxS9OefCDVg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:47 2025 by rpki-client