Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
File: nY85NIPUicQp_Biwk0LXbQr-QkQ.mft (raw, json)
Hash identifier: fuJlPWNvsvy1YrgrtFKcuhXMhTsqjSasb7hGVcIdirU=
Subject key identifier: F9:73:93:96:A1:6E:3A:8A:70:BF:5B:EE:A2:52:0C:3E:87:8E:72:5A
Authority key identifier: 9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44
Certificate issuer: /CN=9d8f393483d489c429fc18b09342d76d0afe4244
Certificate serial: 0194C4D1011DD5862B4DD174D659A7975ED8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
Manifest number: 1018
Signing time: Sun 02 Feb 2025 04:00:19 +0000
Manifest this update: Sun 02 Feb 2025 04:00:19 +0000
Manifest next update: Mon 03 Feb 2025 04:00:19 +0000
Files and hashes: 1: fCKBgjNaPgCYlEAaSC02t2TX-HQ.roa (hash: z50OwHqPJLgmTj1OD+z+QDtPxp5JJkD8lN3khIG3bwQ=)
2: nY85NIPUicQp_Biwk0LXbQr-QkQ.crl (hash: HkmMe6HiCer2MToT2uKEpf91RLGj4kSeHZZ6t5tYVQs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:d1:01:1d:d5:86:2b:4d:d1:74:d6:59:a7:97:5e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8f393483d489c429fc18b09342d76d0afe4244
Validity
Not Before: Feb 2 04:00:19 2025 GMT
Not After : Feb 3 04:00:19 2025 GMT
Subject: CN=f9739396a16e3a8a70bf5beea2520c3e878e725a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0f:86:1e:0c:9e:37:30:9b:b2:47:65:2f:7e:
80:13:51:f1:ec:d3:da:cf:2e:6c:bd:4a:f0:1b:35:
3b:99:53:83:7a:a5:25:cc:c8:d1:af:66:f4:2f:65:
e5:f9:77:61:cd:3c:fc:f6:85:40:94:01:b6:c6:ef:
7f:48:b1:24:a8:cb:4e:79:9e:8a:6b:52:2d:fc:a9:
4c:6b:e1:2a:ed:ce:46:f9:24:68:d8:01:96:fd:8a:
68:9c:b5:74:97:79:a8:de:58:ec:7f:52:29:a7:50:
cb:56:39:02:24:fe:33:18:1a:4f:c5:b6:b9:6f:e0:
ca:bd:02:04:2c:d5:2e:f5:56:d7:3b:31:02:b0:c2:
ec:ea:50:38:a3:85:98:7b:e1:58:a6:48:15:31:3c:
b8:a9:1a:61:7a:b7:46:3c:b1:25:8e:93:3d:52:05:
e2:22:fb:64:c2:87:dc:ef:4e:dc:e9:77:d5:ad:32:
3c:c2:8a:f9:03:35:53:a3:8f:51:39:f7:11:08:e4:
aa:34:c1:1e:41:1b:26:68:11:ac:fe:0e:e6:19:4a:
6a:27:d9:47:32:89:8a:7e:6f:53:54:23:ab:c7:fb:
1c:f4:83:11:6f:fb:f3:8b:7b:0b:45:bb:e6:f5:23:
a8:17:43:63:1c:0c:7f:5c:44:e7:6b:09:6c:9a:6d:
49:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:73:93:96:A1:6E:3A:8A:70:BF:5B:EE:A2:52:0C:3E:87:8E:72:5A
X509v3 Authority Key Identifier:
keyid:9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:a9:e0:3b:24:82:27:55:6f:63:80:97:a6:27:fe:9a:2b:a1:
d6:8e:5d:d8:44:67:58:9b:b0:6d:25:64:e6:fc:89:33:cb:58:
84:44:33:25:a5:be:87:e0:5e:55:26:c9:5e:25:2f:fb:14:78:
5c:64:c3:3b:f1:a8:d3:85:73:27:46:fd:21:4e:2d:11:f8:34:
93:07:d2:fe:f1:af:cf:1a:18:87:ee:de:d4:ee:b2:d7:a3:72:
37:b8:a7:af:6c:58:3b:96:69:1f:31:bc:12:5d:1b:83:8e:0f:
43:f2:43:92:72:f6:25:40:9f:03:55:59:1a:8d:fb:c5:b4:d0:
0c:d3:78:01:fc:c5:21:ed:45:8d:ef:c2:7b:c5:4a:6a:44:44:
c1:c4:24:be:4c:1c:36:a4:3e:6a:52:09:c1:51:94:1d:df:f8:
99:8f:8e:a2:d0:bf:9a:89:0a:2f:30:05:fb:18:89:66:8f:15:
8c:49:e9:4d:27:ca:1c:85:60:7b:38:a9:3e:ab:1e:86:4e:77:
87:ce:a5:81:7c:e2:e1:20:48:f7:18:25:ba:e8:93:a8:eb:fd:
f2:e1:44:07:f6:1e:c8:c1:d0:56:80:fc:28:43:5f:2e:de:85:
83:16:6d:40:9b:de:f8:33:f4:4a:50:d9:a1:15:4d:18:ae:a5:
04:b1:3f:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0QEd1YYrTdF01lmnl17YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGYzOTM0ODNkNDg5YzQyOWZjMThiMDkzNDJkNzZkMGFm
ZTQyNDQwHhcNMjUwMjAyMDQwMDE5WhcNMjUwMjAzMDQwMDE5WjAzMTEwLwYDVQQD
EyhmOTczOTM5NmExNmUzYThhNzBiZjViZWVhMjUyMGMzZTg3OGU3MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ+GHgyeNzCbskdlL36AE1Hx7NPa
zy5svUrwGzU7mVODeqUlzMjRr2b0L2Xl+XdhzTz89oVAlAG2xu9/SLEkqMtOeZ6K
a1It/KlMa+Eq7c5G+SRo2AGW/YponLV0l3mo3ljsf1Ipp1DLVjkCJP4zGBpPxba5
b+DKvQIELNUu9VbXOzECsMLs6lA4o4WYe+FYpkgVMTy4qRpherdGPLEljpM9UgXi
Ivtkwofc707c6XfVrTI8wor5AzVTo49ROfcRCOSqNMEeQRsmaBGs/g7mGUpqJ9lH
MomKfm9TVCOrx/sc9IMRb/vzi3sLRbvm9SOoF0NjHAx/XETnawlsmm1JgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlzk5ahbjqKcL9b7qJSDD6HjnJaMB8GA1UdIwQY
MBaAFJ2POTSD1InEKfwYsJNC120K/kJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTct
MWUxNTFhYTFhZmRjLzEvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTctMWUxNTFhYTFhZmRj
LzEvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe6ngOySC
J1VvY4CXpif+miuh1o5d2ERnWJuwbSVk5vyJM8tYhEQzJaW+h+BeVSbJXiUv+xR4
XGTDO/Go04VzJ0b9IU4tEfg0kwfS/vGvzxoYh+7e1O6y16NyN7inr2xYO5ZpHzG8
El0bg44PQ/JDknL2JUCfA1VZGo37xbTQDNN4AfzFIe1Fje/Ce8VKakREwcQkvkwc
NqQ+alIJwVGUHd/4mY+OotC/mokKLzAF+xiJZo8VjEnpTSfKHIVgezipPqsehk53
h86lgXzi4SBI9xgluuiTqOv98uFEB/YeyMHQVoD8KENfLt6FgxZtQJve+DP0SlDZ
oRVNGK6lBLE/tw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:06:42 2025 by rpki-client