Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
File: obceuN8XHmQvGyuQQZAB8fxEXk0.mft (raw, json)
Hash identifier: 6vIRQzwpsv3lqPNudSdzZijk5ScoURhQEx83GPCKX18=
Subject key identifier: C2:94:C1:E1:5D:B5:FF:DD:31:51:F8:EF:7A:6F:73:6A:52:A2:69:E8
Authority key identifier: A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
Certificate issuer: /CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Certificate serial: 0195113554F2AE9479A9A41B5C659A39B2F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
Manifest number: 0D1C
Signing time: Mon 17 Feb 2025 00:01:02 +0000
Manifest this update: Mon 17 Feb 2025 00:01:02 +0000
Manifest next update: Tue 18 Feb 2025 00:01:02 +0000
Files and hashes: 1: cGMojoHA_ji4dpM9uQ1afR_tOH0.roa (hash: i1gFi8NRL0iquVx1S2o3krHyHH6AFrbXa2Ge0Nqnor8=)
2: obceuN8XHmQvGyuQQZAB8fxEXk0.crl (hash: F0uWtuKERNmRpZfFUDm8IpCCrwEZbEpVrmqdAGS2QaY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:35:54:f2:ae:94:79:a9:a4:1b:5c:65:9a:39:b2:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b71eb8df171e642f1b2b90419001f1fc445e4d
Validity
Not Before: Feb 17 00:01:02 2025 GMT
Not After : Feb 18 00:01:02 2025 GMT
Subject: CN=c294c1e15db5ffdd3151f8ef7a6f736a52a269e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2b:e8:5a:54:80:49:de:02:ec:29:30:32:cb:
39:bb:15:53:d3:a9:22:77:2b:5d:0f:01:fa:92:e9:
7a:f5:e3:f0:ce:19:93:a0:14:15:59:25:9e:e9:a4:
d5:73:cf:f9:41:10:55:c3:8c:49:78:10:8a:51:d2:
90:12:b1:c7:bc:29:eb:87:e3:28:c1:45:cb:14:3e:
ee:07:94:67:51:3f:2b:8d:cd:11:40:10:c1:0d:e9:
7c:0c:2d:ba:64:de:b5:37:85:34:1d:4f:06:40:ab:
c7:3a:8f:e0:d0:de:4f:20:d5:90:10:6f:7c:02:fe:
57:77:d0:29:55:ec:d0:8e:e5:94:4d:3e:a3:78:1a:
eb:2d:0f:6a:3b:e7:90:46:08:03:c0:ba:58:1a:1a:
35:53:a1:d5:86:76:a0:a3:ba:c0:a1:cd:42:7b:05:
0d:9d:39:b9:f7:74:b0:57:e3:65:b5:af:7e:94:89:
b0:e4:0a:63:12:8f:94:2d:55:f6:19:e7:08:0e:ca:
7c:19:4d:6b:1e:cb:44:7b:78:c5:e0:95:d7:d4:2b:
6f:ab:ba:00:75:60:52:f9:5b:79:9e:7f:bd:97:50:
9c:cd:a1:5e:f5:52:61:49:68:73:ed:05:01:e4:19:
b9:64:ab:53:0e:dd:de:2b:5d:e0:19:91:f1:10:ed:
a6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:94:C1:E1:5D:B5:FF:DD:31:51:F8:EF:7A:6F:73:6A:52:A2:69:E8
X509v3 Authority Key Identifier:
keyid:A1:B7:1E:B8:DF:17:1E:64:2F:1B:2B:90:41:90:01:F1:FC:44:5E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obceuN8XHmQvGyuQQZAB8fxEXk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f088bd-5029-4903-9616-0672ea0440bb/1/obceuN8XHmQvGyuQQZAB8fxEXk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:73:a3:38:9c:06:93:57:55:ce:55:c7:19:6c:b8:81:f2:1f:
87:f1:ac:6c:c4:e9:47:1c:f8:0b:06:7a:e3:52:1f:cb:fd:3f:
85:e2:cf:c2:06:1e:11:f9:81:54:34:9b:98:3a:c9:13:58:1c:
70:5b:40:05:e6:6b:f2:21:5f:77:d0:04:96:66:b9:2b:6a:18:
2c:23:0d:f9:8b:6c:b0:a1:b8:c2:c5:9e:67:a6:3e:49:08:7a:
96:fc:30:dc:29:f7:fb:e0:3e:1a:f0:20:b9:b0:11:de:98:f7:
73:ea:0e:8c:b5:35:e7:b5:8a:c0:ef:1d:4a:40:58:ab:36:a6:
ac:46:8d:b8:25:41:01:c2:fa:fb:e9:f3:67:5e:6e:00:ee:74:
55:c9:44:da:f8:61:6d:3f:6a:4d:69:5f:e6:b0:8a:25:e3:14:
86:b0:a3:b7:f0:52:6e:83:d7:f0:f5:5e:0e:f6:b9:90:30:d1:
12:91:d5:45:14:b2:d3:11:fa:fb:b5:4d:f0:2e:f8:d0:db:9d:
32:fc:e7:a6:d3:41:10:82:73:72:c4:1e:1a:eb:23:b4:bd:31:
e5:e7:db:55:8d:d8:ae:8c:f3:a2:c5:21:9f:66:3c:c6:e9:d2:
30:46:8a:c8:52:24:09:74:ac:97:11:76:b9:83:28:97:a7:1c:
40:e0:53:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNVTyrpR5qaQbXGWaObLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjcxZWI4ZGYxNzFlNjQyZjFiMmI5MDQxOTAwMWYxZmM0
NDVlNGQwHhcNMjUwMjE3MDAwMTAyWhcNMjUwMjE4MDAwMTAyWjAzMTEwLwYDVQQD
EyhjMjk0YzFlMTVkYjVmZmRkMzE1MWY4ZWY3YTZmNzM2YTUyYTI2OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySvoWlSASd4C7CkwMss5uxVT06ki
dytdDwH6kul69ePwzhmToBQVWSWe6aTVc8/5QRBVw4xJeBCKUdKQErHHvCnrh+Mo
wUXLFD7uB5RnUT8rjc0RQBDBDel8DC26ZN61N4U0HU8GQKvHOo/g0N5PINWQEG98
Av5Xd9ApVezQjuWUTT6jeBrrLQ9qO+eQRggDwLpYGho1U6HVhnago7rAoc1CewUN
nTm593SwV+Nlta9+lImw5ApjEo+ULVX2GecIDsp8GU1rHstEe3jF4JXX1Ctvq7oA
dWBS+Vt5nn+9l1CczaFe9VJhSWhz7QUB5Bm5ZKtTDt3eK13gGZHxEO2mJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKUweFdtf/dMVH473pvc2pSomnoMB8GA1UdIwQY
MBaAFKG3HrjfFx5kLxsrkEGQAfH8RF5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYt
MDY3MmVhMDQ0MGJiLzEvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mMDg4YmQtNTAyOS00OTAzLTk2MTYtMDY3MmVhMDQ0MGJi
LzEvb2JjZXVOOFhIbVF2R3l1UVFaQUI4ZnhFWGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASnOjOJwG
k1dVzlXHGWy4gfIfh/GsbMTpRxz4CwZ641Ify/0/heLPwgYeEfmBVDSbmDrJE1gc
cFtABeZr8iFfd9AElma5K2oYLCMN+YtssKG4wsWeZ6Y+SQh6lvww3Cn3++A+GvAg
ubAR3pj3c+oOjLU157WKwO8dSkBYqzamrEaNuCVBAcL6++nzZ15uAO50VclE2vhh
bT9qTWlf5rCKJeMUhrCjt/BSboPX8PVeDva5kDDREpHVRRSy0xH6+7VN8C740Nud
MvznptNBEIJzcsQeGusjtL0x5efbVY3YrozzosUhn2Y8xunSMEaKyFIkCXSslxF2
uYMol6ccQOBTfg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:44 2025 by rpki-client