Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
File: siDZG06dcPA0-hahaoh9QlV5Kt4.mft (raw, json)
Hash identifier: 5clDIdoOdUJxLsQq52C/c2h+NGZSeT/HMQmrgE5+yxk=
Subject key identifier: 42:79:EF:F9:CE:6D:A8:BE:9E:33:73:75:09:BA:BF:47:7C:F2:5D:DA
Authority key identifier: B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
Certificate issuer: /CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Certificate serial: 0194C49A70E98B8D49941E2A73EECAE9F095
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
Manifest number: 142F
Signing time: Sun 02 Feb 2025 03:00:43 +0000
Manifest this update: Sun 02 Feb 2025 03:00:43 +0000
Manifest next update: Mon 03 Feb 2025 03:00:43 +0000
Files and hashes: 1: mCm-KBIMQ6gtgsW9oEUxZqdGcRM.roa (hash: ItOlCehgUekOH/ud/IMp3e9dVCyKMOt54wV1YDUzoCg=)
2: siDZG06dcPA0-hahaoh9QlV5Kt4.crl (hash: HLX5DmpTFVJaxa/juSjEi/oDLXEschzm689f5XBHMso=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:9a:70:e9:8b:8d:49:94:1e:2a:73:ee:ca:e9:f0:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Validity
Not Before: Feb 2 03:00:43 2025 GMT
Not After : Feb 3 03:00:43 2025 GMT
Subject: CN=4279eff9ce6da8be9e33737509babf477cf25dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ee:1e:b4:5d:03:fe:94:62:35:ba:61:fc:91:
53:f9:8d:d5:fe:32:27:09:43:9a:9d:6c:43:1a:52:
de:12:f8:c3:c3:ce:6f:da:8d:62:3a:df:ad:5f:d2:
a7:13:4f:1d:f7:99:ef:db:2c:97:39:f8:8d:fa:04:
c9:f4:e9:05:81:28:07:64:18:d5:e2:e2:7e:b0:5e:
67:be:f4:00:03:85:55:a0:fa:dd:05:0a:8e:a4:ae:
95:4a:0e:01:ac:8a:c0:fa:ae:b3:d2:7f:22:0f:c0:
7b:91:9a:8e:a2:f3:ab:fd:d0:22:1c:9c:cd:b4:7b:
90:2f:25:cc:69:67:3f:71:63:13:4b:e8:04:a9:f0:
fe:41:67:a3:d7:9e:a3:bc:8e:16:f6:7c:56:d0:c2:
06:d4:66:6b:1e:88:2d:b7:bd:8e:48:ec:dc:6b:fe:
e9:61:eb:3b:54:52:a4:34:73:43:a7:62:11:07:d6:
24:56:2c:e6:71:1d:2c:37:0f:b4:0c:9c:a8:67:3d:
e6:0b:22:2c:c7:35:d1:a2:f3:aa:8b:14:ee:8b:06:
58:33:e2:db:e8:74:70:61:25:b8:05:58:ad:0f:8d:
1a:db:09:9a:57:3a:16:82:67:d8:95:9e:72:86:c6:
d5:87:e4:27:ff:c7:7f:d7:8c:e9:6c:89:57:3e:d2:
93:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:79:EF:F9:CE:6D:A8:BE:9E:33:73:75:09:BA:BF:47:7C:F2:5D:DA
X509v3 Authority Key Identifier:
keyid:B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:4b:9a:10:ac:f8:42:35:da:75:e1:0c:ef:1e:69:65:78:76:
c9:6b:2f:e5:4d:a8:20:9a:4d:21:03:87:0e:82:cd:fd:e8:e4:
90:a4:24:a2:14:9a:53:1c:51:3a:8b:f2:df:7d:67:18:4f:80:
fc:16:97:1b:60:20:5e:6c:07:74:bb:66:ba:b9:b7:80:1a:42:
30:df:c2:a9:47:73:c9:60:e2:37:06:c2:b6:25:51:48:f1:fc:
d9:ac:cd:30:10:bc:9c:e7:19:f2:0a:ee:a9:d4:58:a9:30:84:
e8:27:ad:17:e3:4e:e2:59:08:0b:ae:ab:a7:33:74:6a:74:ba:
60:35:aa:5f:44:34:47:4c:53:74:80:83:f6:1f:70:ed:b7:11:
fc:be:d0:78:e7:e1:9a:48:75:92:60:28:45:66:d4:50:dd:74:
33:8d:97:0e:46:a1:e9:e8:8b:f5:47:81:47:57:a8:fa:a1:64:
23:77:1d:93:bc:53:36:fa:97:44:22:db:2b:ed:3c:4d:11:9f:
e6:c6:6e:8c:4a:49:cf:a1:cd:3c:51:73:c1:cc:d3:e9:d3:e2:
b3:a2:51:55:65:4c:1b:9f:ba:37:53:2c:75:34:99:6a:ec:1e:
a0:05:0f:af:1a:68:68:c6:a1:9f:1b:fe:5c:fb:fe:e1:29:e5:
ab:51:cc:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEmnDpi41JlB4qc+7K6fCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjBkOTFiNGU5ZDcwZjAzNGZhMTZhMTZhODg3ZDQyNTU3
OTJhZGUwHhcNMjUwMjAyMDMwMDQzWhcNMjUwMjAzMDMwMDQzWjAzMTEwLwYDVQQD
Eyg0Mjc5ZWZmOWNlNmRhOGJlOWUzMzczNzUwOWJhYmY0NzdjZjI1ZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu4etF0D/pRiNbph/JFT+Y3V/jIn
CUOanWxDGlLeEvjDw85v2o1iOt+tX9KnE08d95nv2yyXOfiN+gTJ9OkFgSgHZBjV
4uJ+sF5nvvQAA4VVoPrdBQqOpK6VSg4BrIrA+q6z0n8iD8B7kZqOovOr/dAiHJzN
tHuQLyXMaWc/cWMTS+gEqfD+QWej156jvI4W9nxW0MIG1GZrHogtt72OSOzca/7p
Yes7VFKkNHNDp2IRB9YkVizmcR0sNw+0DJyoZz3mCyIsxzXRovOqixTuiwZYM+Lb
6HRwYSW4BVitD40a2wmaVzoWgmfYlZ5yhsbVh+Qn/8d/14zpbIlXPtKTOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJ57/nObai+njNzdQm6v0d88l3aMB8GA1UdIwQY
MBaAFLIg2RtOnXDwNPoWoWqIfUJVeSreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQt
OTg3MTczYjllOTg3LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQtOTg3MTczYjllOTg3
LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN0uaEKz4
QjXadeEM7x5pZXh2yWsv5U2oIJpNIQOHDoLN/ejkkKQkohSaUxxROovy331nGE+A
/BaXG2AgXmwHdLtmurm3gBpCMN/CqUdzyWDiNwbCtiVRSPH82azNMBC8nOcZ8gru
qdRYqTCE6CetF+NO4lkIC66rpzN0anS6YDWqX0Q0R0xTdICD9h9w7bcR/L7QeOfh
mkh1kmAoRWbUUN10M42XDkah6eiL9UeBR1eo+qFkI3cdk7xTNvqXRCLbK+08TRGf
5sZujEpJz6HNPFFzwczT6dPis6JRVWVMG5+6N1MsdTSZauweoAUPrxpoaMahnxv+
XPv+4Snlq1HM7g==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:49:25 2025 by rpki-client