Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json)
Hash identifier: oy1F/U+iD8LXYNMssonmN/Gj4hEG9NxK52FeKfxfvDI=
Subject key identifier: 66:4E:83:28:BE:4F:C3:42:44:FA:BC:37:EB:27:7F:E0:0D:8F:5E:4A
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 0194C49A7281F0CEB94EE5FA714647EA8729
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
Manifest number: 05BC
Signing time: Sun 02 Feb 2025 03:00:43 +0000
Manifest this update: Sun 02 Feb 2025 03:00:43 +0000
Manifest next update: Mon 03 Feb 2025 03:00:43 +0000
Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=)
2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: o/kdZHgMJt12pQGQRIRtODwYh7LvvkA4fj39vANFYqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c4:9a:72:81:f0:ce:b9:4e:e5:fa:71:46:47:ea:87:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Feb 2 03:00:43 2025 GMT
Not After : Feb 3 03:00:43 2025 GMT
Subject: CN=664e8328be4fc34244fabc37eb277fe00d8f5e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a6:68:2d:26:9b:0b:09:7a:8b:25:93:79:be:
bd:ae:4b:9b:d9:db:95:98:2f:ce:03:b9:e3:0a:9c:
b0:67:e7:79:b4:29:a7:69:d2:bb:bd:35:73:1d:c2:
35:b3:68:a5:73:0a:84:19:03:f2:96:0f:33:6a:a9:
17:3e:98:ba:fc:fe:eb:ad:1a:8e:49:13:32:69:02:
06:55:53:bc:b1:19:10:37:62:d0:d1:cf:7d:1d:c2:
94:39:a5:1d:aa:fe:f2:e9:c8:e5:ff:87:d3:ce:7a:
55:89:e8:99:31:ab:5b:6e:d5:8b:b2:ec:18:b1:2d:
a9:08:a0:bc:cb:da:1f:d0:15:50:1d:8f:88:2e:47:
23:22:ed:29:e6:20:70:c9:f6:95:d0:78:10:ac:da:
b1:a1:89:72:0f:82:c3:ba:0e:0c:15:e4:5a:5b:36:
cb:4c:a7:38:d8:b5:fe:04:4d:00:ac:b3:4a:88:7c:
5b:2d:b2:84:47:bd:6b:51:df:f3:92:52:9f:5a:34:
ee:52:f6:66:dd:24:0d:28:53:92:67:97:b5:99:d6:
33:16:e7:11:05:3e:31:30:0d:ac:eb:bf:93:57:c8:
87:d0:6d:d0:19:a7:18:93:0a:08:0d:a0:48:a7:2a:
f7:53:e1:c9:45:77:8d:6e:75:29:0f:34:a6:de:48:
52:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4E:83:28:BE:4F:C3:42:44:FA:BC:37:EB:27:7F:E0:0D:8F:5E:4A
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:b6:ed:41:2c:21:ca:53:35:b0:e5:ea:d1:4f:81:b5:44:fa:
e0:e2:d0:61:cc:c6:8b:35:ae:83:b6:b6:6d:b1:d5:e5:95:27:
5a:ce:cd:99:9f:87:5b:83:30:ba:88:c6:9a:58:a6:0d:ad:9e:
74:3a:ea:be:7d:e2:cf:01:d2:ac:ec:b4:2c:75:3a:c0:b0:4b:
3a:fb:97:e7:82:ac:5e:93:d4:31:2d:38:cb:23:02:91:b7:0c:
34:09:f2:e7:93:9d:08:e8:a5:94:98:08:a3:16:8a:af:fe:3b:
95:97:c7:bc:68:81:9b:48:b1:3d:40:79:e8:3e:6c:50:66:de:
62:d1:4a:d7:e8:44:42:11:ec:fe:bd:4e:82:98:29:c8:a5:e6:
35:e3:de:0c:c5:d0:de:e0:cf:20:bf:83:ef:07:f3:78:65:5c:
28:e8:4b:e5:56:bd:45:46:05:fc:43:9d:5f:55:10:b6:23:a6:
03:dc:a2:3e:f6:3c:21:2f:6d:99:db:df:2f:fc:a2:19:d0:e0:
48:d8:59:d6:36:71:ba:07:b2:3d:da:fa:8f:61:ef:33:c4:6b:
71:0b:96:f4:39:c5:3d:38:3d:dd:31:fe:82:f5:d6:e3:80:ee:
c9:93:f9:0c:f5:2b:0a:ee:5a:e6:ff:d3:ca:c4:c6:2a:78:a2:
b8:1f:31:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTEmnKB8M65TuX6cUZH6ocpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjUwMjAyMDMwMDQzWhcNMjUwMjAzMDMwMDQzWjAzMTEwLwYDVQQD
Eyg2NjRlODMyOGJlNGZjMzQyNDRmYWJjMzdlYjI3N2ZlMDBkOGY1ZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKZoLSabCwl6iyWTeb69rkub2duV
mC/OA7njCpywZ+d5tCmnadK7vTVzHcI1s2ilcwqEGQPylg8zaqkXPpi6/P7rrRqO
SRMyaQIGVVO8sRkQN2LQ0c99HcKUOaUdqv7y6cjl/4fTznpVieiZMatbbtWLsuwY
sS2pCKC8y9of0BVQHY+ILkcjIu0p5iBwyfaV0HgQrNqxoYlyD4LDug4MFeRaWzbL
TKc42LX+BE0ArLNKiHxbLbKER71rUd/zklKfWjTuUvZm3SQNKFOSZ5e1mdYzFucR
BT4xMA2s67+TV8iH0G3QGacYkwoIDaBIpyr3U+HJRXeNbnUpDzSm3khSHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZOgyi+T8NCRPq8N+snf+ANj15KMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAErbtQSwh
ylM1sOXq0U+BtUT64OLQYczGizWug7a2bbHV5ZUnWs7NmZ+HW4MwuojGmlimDa2e
dDrqvn3izwHSrOy0LHU6wLBLOvuX54KsXpPUMS04yyMCkbcMNAny55OdCOillJgI
oxaKr/47lZfHvGiBm0ixPUB56D5sUGbeYtFK1+hEQhHs/r1OgpgpyKXmNePeDMXQ
3uDPIL+D7wfzeGVcKOhL5Va9RUYF/EOdX1UQtiOmA9yiPvY8IS9tmdvfL/yiGdDg
SNhZ1jZxugeyPdr6j2HvM8RrcQuW9DnFPTg93TH+gvXW44DuyZP5DPUrCu5a5v/T
ysTGKniiuB8xPQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 06:53:54 2025 by rpki-client