Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
File: ihZhi3H_yA4cP0HtDfyJq16WP9I.mft (raw, json)
Hash identifier: Gd4Sq6fab/A0l+/LA1MD4WpT0APB9VBTaRVXycGDnp0=
Subject key identifier: B7:27:0A:39:C9:D1:9A:63:8A:39:86:44:F4:3C:11:13:3C:4E:BE:A4
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 019511D9A257BE09DA9726F15742E7A5CB33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
Manifest number: 145D
Signing time: Mon 17 Feb 2025 03:00:30 +0000
Manifest this update: Mon 17 Feb 2025 03:00:30 +0000
Manifest next update: Tue 18 Feb 2025 03:00:30 +0000
Files and hashes: 1: ExfUqNEW3Lyq9Nl7Jq22WcfJ1rw.roa (hash: 6SjZfPEMGV4QZNr6XzSlmm+VNkfjjPfYSSMSKKIpL5E=)
2: ihZhi3H_yA4cP0HtDfyJq16WP9I.crl (hash: tmzIb/7XlR2xvqgIHsHRTUzUFvYVkyxuGQ/wulVCjP4=)
3: vuckuXbmedLIJWITtJ1gJzQY8X0.roa (hash: BujWwxtiu31OcVkERDwp6qXjCF/qZpedTzNgbY+R4ug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:d9:a2:57:be:09:da:97:26:f1:57:42:e7:a5:cb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Feb 17 03:00:30 2025 GMT
Not After : Feb 18 03:00:30 2025 GMT
Subject: CN=b7270a39c9d19a638a398644f43c11133c4ebea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:13:d0:10:2d:b0:6e:ec:53:5d:ca:ec:16:96:
a9:8d:61:98:14:b2:55:43:8c:08:d1:2f:83:9d:86:
37:06:4f:90:fe:31:63:89:3f:79:86:6c:67:11:6f:
0e:26:4d:6d:a3:e9:64:a5:30:7c:26:75:97:5b:7e:
5c:9c:a4:66:e6:ad:6c:c5:c5:f9:48:c1:c7:07:e7:
6d:26:8d:0a:a8:26:22:a7:7f:c7:bb:ae:b2:7e:47:
82:d5:3e:ef:2a:7d:64:d1:9c:3a:ae:da:21:71:af:
fa:a7:62:5c:59:17:5e:12:81:d2:9e:a6:72:7d:31:
43:0f:24:a4:0d:58:08:93:db:5f:09:6b:79:22:f5:
d5:07:d5:c7:d6:10:39:5e:66:3d:b0:63:32:07:78:
1a:3d:69:20:5c:9a:2e:01:ea:a4:9b:7f:3f:5b:76:
e0:98:52:0b:9e:e0:43:c4:f3:a9:e5:b6:e4:e7:c1:
09:58:14:a2:2e:8f:1d:a6:db:1a:50:bb:46:c3:4e:
ff:da:d2:bb:52:5d:b7:ea:b5:ea:c7:00:7f:5a:b5:
ef:0a:d4:40:b9:f6:7c:2a:18:db:58:bc:2a:23:6b:
80:ba:c0:fc:ec:7a:32:ed:aa:0d:24:d4:8a:24:dd:
32:cb:86:d4:48:37:08:2c:6b:94:63:fe:e7:1f:a1:
ca:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:27:0A:39:C9:D1:9A:63:8A:39:86:44:F4:3C:11:13:3C:4E:BE:A4
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:86:63:0c:d5:b2:e4:ab:31:8b:8a:72:99:2e:64:e1:cb:a2:
38:02:f0:79:53:06:a7:be:9e:28:f7:ee:81:5a:0d:db:15:f3:
71:67:99:85:22:60:af:28:6f:51:51:62:e1:04:6f:e3:62:fd:
fc:82:24:a9:4b:de:c9:c3:05:8e:4b:a7:ab:26:61:32:ef:40:
d6:cb:3a:42:db:e2:e1:7a:5c:b6:55:87:e4:79:17:5f:c3:82:
a8:29:c9:cc:c8:14:ed:cc:92:4c:97:06:28:ad:04:9a:7c:e2:
c6:71:ec:c7:b2:e8:be:32:0e:40:1f:71:57:7d:32:24:fa:b5:
21:82:98:90:b0:dc:89:d6:09:85:f1:21:ad:64:6c:9c:81:9b:
12:7d:ae:60:97:66:4f:b7:3e:d8:22:cf:9e:c8:46:d8:81:d2:
91:a7:7d:8b:8f:58:9c:5c:a3:83:62:bd:79:b3:34:3d:ff:55:
b7:68:29:21:c7:ed:3b:20:98:b5:e8:90:75:6f:d1:d5:18:b7:
e9:4e:08:b4:ff:e4:36:33:c8:fc:bf:c3:c8:9c:91:0b:f0:d4:
ca:25:08:7b:fb:99:33:4c:ab:37:db:71:4c:21:ff:c7:d0:ee:
70:81:c4:c4:69:df:06:77:c3:f6:5b:d1:d6:8a:b6:5b:19:c4:
91:6b:85:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2aJXvgnalybxV0LnpcszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjUwMjE3MDMwMDMwWhcNMjUwMjE4MDMwMDMwWjAzMTEwLwYDVQQD
EyhiNzI3MGEzOWM5ZDE5YTYzOGEzOTg2NDRmNDNjMTExMzNjNGViZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBPQEC2wbuxTXcrsFpapjWGYFLJV
Q4wI0S+DnYY3Bk+Q/jFjiT95hmxnEW8OJk1to+lkpTB8JnWXW35cnKRm5q1sxcX5
SMHHB+dtJo0KqCYip3/Hu66yfkeC1T7vKn1k0Zw6rtohca/6p2JcWRdeEoHSnqZy
fTFDDySkDVgIk9tfCWt5IvXVB9XH1hA5XmY9sGMyB3gaPWkgXJouAeqkm38/W3bg
mFILnuBDxPOp5bbk58EJWBSiLo8dptsaULtGw07/2tK7Ul236rXqxwB/WrXvCtRA
ufZ8KhjbWLwqI2uAusD87Hoy7aoNJNSKJN0yy4bUSDcILGuUY/7nH6HKNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcnCjnJ0ZpjijmGRPQ8ERM8Tr6kMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs4ZjDNWy
5Ksxi4pymS5k4cuiOALweVMGp76eKPfugVoN2xXzcWeZhSJgryhvUVFi4QRv42L9
/IIkqUveycMFjkunqyZhMu9A1ss6Qtvi4XpctlWH5HkXX8OCqCnJzMgU7cySTJcG
KK0EmnzixnHsx7LovjIOQB9xV30yJPq1IYKYkLDcidYJhfEhrWRsnIGbEn2uYJdm
T7c+2CLPnshG2IHSkad9i49YnFyjg2K9ebM0Pf9Vt2gpIcftOyCYteiQdW/R1Ri3
6U4ItP/kNjPI/L/DyJyRC/DUyiUIe/uZM0yrN9txTCH/x9DucIHExGnfBnfD9lvR
1oq2WxnEkWuFcA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:08 2025 by rpki-client