Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json)
Hash identifier: CeXqbizhLp3/FpLTzL+JcPd9Rfb5BMNbMEmPv1jYvjU=
Subject key identifier: 6E:4C:60:92:86:2D:78:C2:4B:AE:4A:D0:47:88:0D:C4:BE:A7:65:B3
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial: 0194C38745E0C46D72E8E60D2E5C013E9451
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
Manifest number: 06BC
Signing time: Sat 01 Feb 2025 22:00:09 +0000
Manifest this update: Sat 01 Feb 2025 22:00:09 +0000
Manifest next update: Sun 02 Feb 2025 22:00:09 +0000
Files and hashes: 1: IrS-qV3W0Ik-KE138sR-ycmjsj0.roa (hash: ZrhZqy7V3sNpl24EYUX1sc+YyDytYvN7JDm/U17ihTc=)
2: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: PtIVsoIKBOKeR+Gds57InmSCfk6bPaCK8jTUjJnYZhM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:87:45:e0:c4:6d:72:e8:e6:0d:2e:5c:01:3e:94:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Validity
Not Before: Feb 1 22:00:09 2025 GMT
Not After : Feb 2 22:00:09 2025 GMT
Subject: CN=6e4c6092862d78c24bae4ad047880dc4bea765b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:71:b4:63:20:c2:0a:77:75:0e:4a:f1:46:97:
6d:da:60:8f:88:e9:bc:0f:f3:01:4f:2e:ac:61:74:
92:2f:e4:1e:ce:cf:72:cd:6e:d8:0b:7e:41:c9:7a:
d2:90:79:2a:ed:ff:81:01:34:a8:26:8f:b4:76:48:
c4:27:e3:09:8e:56:d5:a8:92:88:c2:cd:ce:45:f6:
7c:f3:b5:a8:b8:48:eb:bd:7e:2a:a4:eb:45:f0:3e:
af:df:19:e3:d6:f4:6a:ac:b6:91:b0:ca:01:06:1f:
6b:cb:1a:62:1f:3c:f5:c1:6f:f9:16:b3:14:0d:f4:
1d:34:60:88:5f:c9:24:af:4e:67:4a:51:df:25:e9:
94:a9:0b:4f:86:8b:b7:83:75:5e:94:ef:2e:33:a0:
c8:9d:d1:30:3a:54:aa:42:61:cf:28:49:8a:07:93:
8d:16:05:da:22:be:e1:50:f8:79:eb:75:53:68:bb:
05:6e:87:a5:50:22:70:ef:d1:c8:ff:57:f1:05:25:
9f:3a:0c:4b:89:ff:b9:4e:c1:a1:69:8b:b0:77:9e:
f8:ef:7e:15:a5:58:7d:88:0b:2a:fb:0a:1b:52:8e:
24:1e:5b:6c:86:09:76:c0:6f:81:d7:05:6a:eb:ab:
97:ac:e3:f7:37:0a:b0:e7:c0:71:b8:12:d7:92:d2:
58:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4C:60:92:86:2D:78:C2:4B:AE:4A:D0:47:88:0D:C4:BE:A7:65:B3
X509v3 Authority Key Identifier:
keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c7:c5:dc:c8:0a:42:34:83:a7:11:de:3f:e1:35:0a:14:bf:fe:
4d:8a:f7:2b:17:98:6c:a7:d2:13:fe:ad:69:c4:08:c4:44:27:
50:a8:46:48:31:9b:5d:b6:d0:79:dc:9a:1b:d7:9c:50:5c:c1:
1f:5f:89:53:2e:52:f1:68:e3:c5:48:18:43:15:33:a9:99:94:
6f:ef:07:65:35:25:af:16:6a:66:8b:07:8d:10:c9:fa:7b:6c:
32:49:99:45:7f:cd:b5:90:e9:2b:51:f9:93:6b:2b:8a:d2:b2:
5e:83:81:39:2f:a0:2a:34:43:39:20:c5:f5:0a:f1:14:1d:4a:
85:b9:b3:53:12:8f:72:4c:8e:77:92:02:07:2b:21:ae:95:13:
3e:40:78:60:cd:c3:48:d3:19:07:70:08:da:f9:6d:fb:1f:b1:
65:d7:ad:40:cc:10:7d:15:db:cc:d5:f5:c6:ca:a1:a5:1a:f7:
05:6c:e5:53:ce:91:4c:0c:4c:16:46:af:c6:9b:6c:b7:5d:e6:
23:02:da:49:c8:d8:6e:b9:9d:21:bf:07:f7:82:6e:33:2b:12:
b0:53:75:78:5a:93:52:4a:d4:17:83:50:e8:05:1a:09:8f:0d:
c6:fd:12:c6:7f:80:ed:71:34:7d:1c:13:be:27:8c:f5:62:e8:
3e:3c:e8:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh0XgxG1y6OYNLlwBPpRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjUwMjAxMjIwMDA5WhcNMjUwMjAyMjIwMDA5WjAzMTEwLwYDVQQD
Eyg2ZTRjNjA5Mjg2MmQ3OGMyNGJhZTRhZDA0Nzg4MGRjNGJlYTc2NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXG0YyDCCnd1DkrxRpdt2mCPiOm8
D/MBTy6sYXSSL+Qezs9yzW7YC35ByXrSkHkq7f+BATSoJo+0dkjEJ+MJjlbVqJKI
ws3ORfZ887WouEjrvX4qpOtF8D6v3xnj1vRqrLaRsMoBBh9ryxpiHzz1wW/5FrMU
DfQdNGCIX8kkr05nSlHfJemUqQtPhou3g3VelO8uM6DIndEwOlSqQmHPKEmKB5ON
FgXaIr7hUPh563VTaLsFboelUCJw79HI/1fxBSWfOgxLif+5TsGhaYuwd574734V
pVh9iAsq+wobUo4kHltshgl2wG+B1wVq66uXrOP3Nwqw58BxuBLXktJYywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5MYJKGLXjCS65K0EeIDcS+p2WzMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx8XcyApC
NIOnEd4/4TUKFL/+TYr3KxeYbKfSE/6tacQIxEQnUKhGSDGbXbbQedyaG9ecUFzB
H1+JUy5S8WjjxUgYQxUzqZmUb+8HZTUlrxZqZosHjRDJ+ntsMkmZRX/NtZDpK1H5
k2sritKyXoOBOS+gKjRDOSDF9QrxFB1KhbmzUxKPckyOd5ICByshrpUTPkB4YM3D
SNMZB3AI2vlt+x+xZdetQMwQfRXbzNX1xsqhpRr3BWzlU86RTAxMFkavxptst13m
IwLaScjYbrmdIb8H94JuMysSsFN1eFqTUkrUF4NQ6AUaCY8Nxv0Sxn+A7XE0fRwT
vieM9WLoPjzofQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:42:27 2025 by rpki-client