Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json)
Hash identifier: K6Wjj9GjSBkW8VxqfHRJ0fMiDN3dLZV1MrGDR1p1F88=
Subject key identifier: BF:0B:E1:F6:C3:61:E2:7D:41:12:2C:DC:BB:A3:77:02:90:FB:03:0A
Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623
Certificate serial: 019512103AE55DF33D3DFED2DD5548ABEA96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
Manifest number: 13E8
Signing time: Mon 17 Feb 2025 04:00:08 +0000
Manifest this update: Mon 17 Feb 2025 04:00:08 +0000
Manifest next update: Tue 18 Feb 2025 04:00:08 +0000
Files and hashes: 1: JiqQ-b59vNl0MF5eVXzf0TfeO3c.roa (hash: OKAd29RpT9wnjVFO/8cLOZm/b/ev+jNX/rx5kLKiews=)
2: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: 2wTpGd4ddn2LfdGbimSFmLTm7E3MQzw/bXDg0w3WALU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:10:3a:e5:5d:f3:3d:3d:fe:d2:dd:55:48:ab:ea:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fed77339d938bef087599293c201b3b9f8223623
Validity
Not Before: Feb 17 04:00:08 2025 GMT
Not After : Feb 18 04:00:08 2025 GMT
Subject: CN=bf0be1f6c361e27d41122cdcbba3770290fb030a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e4:ef:ac:98:35:d6:ab:ae:79:11:b2:b3:f4:
eb:c2:00:be:71:91:15:25:7d:66:10:91:b4:24:44:
95:56:18:68:03:12:20:08:aa:be:21:60:6d:50:08:
90:9c:86:8f:af:16:ca:a6:ab:08:89:be:90:91:ed:
bd:3d:57:aa:e6:ee:cf:de:02:95:aa:a6:44:76:f5:
42:20:33:be:50:61:f4:3f:4f:84:d4:56:0f:f0:d1:
e1:48:42:76:fc:50:ff:33:e1:d2:dd:94:4c:18:d3:
84:84:5b:e0:75:7b:cd:3e:2b:07:35:4a:55:9a:b8:
8c:e7:10:97:7c:29:d2:6e:d0:e0:82:26:ab:52:97:
25:e1:3e:03:2a:9c:c5:2e:16:f1:bb:22:21:ed:c5:
09:da:d6:e6:05:66:a0:30:94:16:98:41:2f:92:1c:
38:87:05:1a:fb:61:56:c2:89:28:98:ca:3b:6f:d7:
c9:3a:b3:fb:c1:cf:61:4f:08:d8:d3:44:5d:e6:d3:
8e:ad:47:9c:82:a8:63:fe:af:15:83:52:67:06:82:
2c:5e:c1:c5:af:71:28:7b:14:80:73:70:36:70:52:
cb:ed:de:c4:63:aa:50:59:40:16:d0:7d:3c:9d:a9:
ff:39:cb:81:a9:7c:4e:12:cb:5f:53:f9:f2:c5:af:
69:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:0B:E1:F6:C3:61:E2:7D:41:12:2C:DC:BB:A3:77:02:90:FB:03:0A
X509v3 Authority Key Identifier:
keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:e7:ff:fb:ad:b4:61:c7:2d:ab:14:15:17:eb:dd:29:c7:5f:
b1:17:ec:6f:e7:36:50:68:4b:51:ea:2d:fd:48:bf:f3:b2:6c:
f8:64:4a:90:49:17:c8:5d:6b:48:5a:67:a7:d5:64:63:4a:c5:
20:49:21:b2:6a:6f:54:dd:d5:6f:60:e2:73:bc:9e:8c:88:9f:
d5:98:10:de:8c:b4:9a:d7:cb:80:f6:c4:d9:dc:8f:25:63:d3:
e0:b0:b3:88:fb:46:62:cb:29:a2:10:57:24:8f:d0:84:c4:92:
f0:33:59:77:e8:f1:ed:ad:66:e7:f8:47:9b:63:d1:18:07:1b:
91:d5:2d:c2:c7:ed:67:4e:a7:90:8f:33:0b:94:71:e5:e0:3e:
c3:42:93:1b:4e:28:ec:ae:46:2e:f2:69:c5:9d:ae:17:73:87:
70:7e:59:a4:db:a5:dd:aa:a5:aa:ef:e4:32:e5:87:f6:98:83:
74:6e:ed:98:05:5f:d4:91:6a:7f:cf:3b:44:90:73:8b:10:a3:
f3:35:92:cd:39:b2:a7:db:90:69:1b:26:9e:d2:35:fa:54:49:
bf:95:5e:4e:88:8e:a1:b5:3e:d6:04:85:6c:b3:c1:79:8d:c2:
eb:2e:ef:31:64:b5:29:e1:cc:e4:eb:ec:b8:35:a9:99:79:f3:
ab:4b:5c:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEDrlXfM9Pf7S3VVIq+qWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy
MjM2MjMwHhcNMjUwMjE3MDQwMDA4WhcNMjUwMjE4MDQwMDA4WjAzMTEwLwYDVQQD
EyhiZjBiZTFmNmMzNjFlMjdkNDExMjJjZGNiYmEzNzcwMjkwZmIwMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uTvrJg11quueRGys/TrwgC+cZEV
JX1mEJG0JESVVhhoAxIgCKq+IWBtUAiQnIaPrxbKpqsIib6Qke29PVeq5u7P3gKV
qqZEdvVCIDO+UGH0P0+E1FYP8NHhSEJ2/FD/M+HS3ZRMGNOEhFvgdXvNPisHNUpV
mriM5xCXfCnSbtDggiarUpcl4T4DKpzFLhbxuyIh7cUJ2tbmBWagMJQWmEEvkhw4
hwUa+2FWwokomMo7b9fJOrP7wc9hTwjY00Rd5tOOrUecgqhj/q8Vg1JnBoIsXsHF
r3EoexSAc3A2cFLL7d7EY6pQWUAW0H08nan/OcuBqXxOEstfU/nyxa9pNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8L4fbDYeJ9QRIs3LujdwKQ+wMKMB8GA1UdIwQY
MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt
ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1
LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbuf/+620
YcctqxQVF+vdKcdfsRfsb+c2UGhLUeot/Ui/87Js+GRKkEkXyF1rSFpnp9VkY0rF
IEkhsmpvVN3Vb2Dic7yejIif1ZgQ3oy0mtfLgPbE2dyPJWPT4LCziPtGYsspohBX
JI/QhMSS8DNZd+jx7a1m5/hHm2PRGAcbkdUtwsftZ06nkI8zC5Rx5eA+w0KTG04o
7K5GLvJpxZ2uF3OHcH5ZpNul3aqlqu/kMuWH9piDdG7tmAVf1JFqf887RJBzixCj
8zWSzTmyp9uQaRsmntI1+lRJv5VeToiOobU+1gSFbLPBeY3C6y7vMWS1KeHM5Ovs
uDWpmXnzq0tc1g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:37 2025 by rpki-client