Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
File: NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json)
Hash identifier: zPkhq2cn3M5jvpiFzKXbjuKvC0X4B4zkpY0MwGpXZIU=
Subject key identifier: 8C:E9:C8:C4:F1:07:46:DD:1A:83:83:23:69:C2:8D:F3:6C:97:95:4D
Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
Certificate issuer: /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Certificate serial: 019510C734E74F1BA2AA0F7A0663AFF0AD2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
Manifest number: 035A
Signing time: Sun 16 Feb 2025 22:00:45 +0000
Manifest this update: Sun 16 Feb 2025 22:00:45 +0000
Manifest next update: Mon 17 Feb 2025 22:00:45 +0000
Files and hashes: 1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: FYI7bmwJPiHIpgGMKLCYNB4+AUTKKJe805GfYZuVFTg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 22:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:c7:34:e7:4f:1b:a2:aa:0f:7a:06:63:af:f0:ad:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Validity
Not Before: Feb 16 22:00:45 2025 GMT
Not After : Feb 17 22:00:45 2025 GMT
Subject: CN=8ce9c8c4f10746dd1a83832369c28df36c97954d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ef:dd:ba:34:49:5a:2d:76:17:30:fc:d1:36:
19:47:3c:a0:8c:aa:be:5a:48:40:77:c7:e4:1d:01:
0d:37:a5:65:db:9e:31:cb:5c:9e:fd:98:a0:c7:34:
e2:b1:77:fb:75:71:e7:bd:6e:ed:e0:4e:7f:c7:95:
6e:48:0d:6b:8b:2b:00:a1:98:48:d3:52:92:1c:82:
f7:3b:58:00:c6:71:c0:65:2e:c9:32:85:d5:ee:f9:
de:16:a9:a6:c2:b4:05:24:bb:59:60:a6:8b:5c:8a:
da:3b:75:03:90:99:f8:7d:2c:de:b5:90:72:08:2f:
83:ab:cd:24:09:34:55:9e:00:62:26:33:91:c7:7c:
cb:56:ad:de:7a:20:c2:60:d5:2e:ae:c7:78:db:8e:
ae:83:5d:7a:17:8c:7f:27:04:6c:d4:16:0d:2b:c2:
7c:63:0d:df:93:c9:89:4d:4d:1e:50:1b:56:37:99:
df:05:77:6a:50:43:76:e3:bb:5a:dc:45:aa:c6:78:
63:5d:b8:89:5c:a9:7e:6a:42:e4:35:68:9d:99:48:
a6:a8:90:0e:de:c5:33:8d:90:f1:49:34:0d:1f:87:
d6:a7:d2:61:73:48:92:1e:cb:a8:ed:b1:08:4d:80:
39:f1:c6:0b:49:f9:47:86:2f:01:10:8e:34:9a:15:
1a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E9:C8:C4:F1:07:46:DD:1A:83:83:23:69:C2:8D:F3:6C:97:95:4D
X509v3 Authority Key Identifier:
keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:77:d0:35:af:40:54:5e:ba:52:3a:4f:bb:51:b8:bf:c7:d1:
e3:70:1f:d6:1d:1c:8e:f9:26:32:d6:60:a2:9d:15:ed:33:98:
7e:33:4d:29:b2:77:7f:e4:51:8e:3c:ac:88:eb:4e:2c:2f:60:
04:9d:4e:0c:06:21:11:a9:47:b2:51:fc:70:65:8b:37:1b:cc:
0b:7f:f7:45:7a:86:e0:49:da:7f:61:b2:03:40:fd:6e:5d:c7:
33:7b:78:8f:4f:f9:5d:9c:3f:5c:51:99:62:70:2c:0b:85:d6:
12:19:e4:05:b4:0d:7d:75:4f:6b:72:52:bc:3c:4a:ab:79:6a:
aa:c8:cb:9c:16:98:3c:1d:66:eb:02:47:40:b1:c6:4a:da:8b:
30:8e:30:41:49:bf:1a:97:50:08:d7:27:85:4f:c1:b1:44:26:
c2:94:1b:27:92:4c:9c:f1:26:a6:0a:9b:40:bb:af:65:ce:61:
8d:81:14:55:ee:d6:4b:46:0f:a9:78:32:8c:0e:d4:43:5b:1c:
b5:5a:65:e3:e7:65:30:f0:54:b1:a4:e2:93:26:15:f3:48:7c:
1e:ad:4d:bc:c6:30:c2:93:e4:ed:5f:f1:88:d8:cc:dd:ed:ff:
39:49:c4:dc:14:91:6a:5e:7b:e9:e6:77:ba:cc:6a:70:53:60:
ed:da:42:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxzTnTxuiqg96BmOv8K0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj
M2YyOWUwHhcNMjUwMjE2MjIwMDQ1WhcNMjUwMjE3MjIwMDQ1WjAzMTEwLwYDVQQD
Eyg4Y2U5YzhjNGYxMDc0NmRkMWE4MzgzMjM2OWMyOGRmMzZjOTc5NTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+/dujRJWi12FzD80TYZRzygjKq+
WkhAd8fkHQENN6Vl254xy1ye/ZigxzTisXf7dXHnvW7t4E5/x5VuSA1riysAoZhI
01KSHIL3O1gAxnHAZS7JMoXV7vneFqmmwrQFJLtZYKaLXIraO3UDkJn4fSzetZBy
CC+Dq80kCTRVngBiJjORx3zLVq3eeiDCYNUursd4246ug116F4x/JwRs1BYNK8J8
Yw3fk8mJTU0eUBtWN5nfBXdqUEN247ta3EWqxnhjXbiJXKl+akLkNWidmUimqJAO
3sUzjZDxSTQNH4fWp9Jhc0iSHsuo7bEITYA58cYLSflHhi8BEI40mhUalQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzpyMTxB0bdGoODI2nCjfNsl5VNMB8GA1UdIwQY
MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt
ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx
LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT3fQNa9A
VF66UjpPu1G4v8fR43Af1h0cjvkmMtZgop0V7TOYfjNNKbJ3f+RRjjysiOtOLC9g
BJ1ODAYhEalHslH8cGWLNxvMC3/3RXqG4Enaf2GyA0D9bl3HM3t4j0/5XZw/XFGZ
YnAsC4XWEhnkBbQNfXVPa3JSvDxKq3lqqsjLnBaYPB1m6wJHQLHGStqLMI4wQUm/
GpdQCNcnhU/BsUQmwpQbJ5JMnPEmpgqbQLuvZc5hjYEUVe7WS0YPqXgyjA7UQ1sc
tVpl4+dlMPBUsaTikyYV80h8Hq1NvMYwwpPk7V/xiNjM3e3/OUnE3BSRal576eZ3
usxqcFNg7dpCdg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:53 2025 by rpki-client