Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
File: LX893KDLOOx7CMaQKeIPUtxAjxc.mft (raw, json)
Hash identifier: Q77ccX8J2zfQ7heYt70T+70dgLrl+bkcUWMmKrsaau0=
Subject key identifier: 3D:9A:CB:23:96:18:1C:F6:0C:60:AA:C1:4F:88:1C:50:57:D2:83:7F
Authority key identifier: 2D:7F:3D:DC:A0:CB:38:EC:7B:08:C6:90:29:E2:0F:52:DC:40:8F:17
Certificate issuer: /CN=2d7f3ddca0cb38ec7b08c69029e20f52dc408f17
Certificate serial: 019512104AFA749CAC7DC88E721443B0191C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
Manifest number: 1459
Signing time: Mon 17 Feb 2025 04:00:12 +0000
Manifest this update: Mon 17 Feb 2025 04:00:12 +0000
Manifest next update: Tue 18 Feb 2025 04:00:12 +0000
Files and hashes: 1: LX893KDLOOx7CMaQKeIPUtxAjxc.crl (hash: SAecTG+VisIzHTczt6bi9wWzBeEESzodykPakKD9EwI=)
2: NJtD_wJPtwe6yI8QzJv-rd_AAv4.roa (hash: goN8mo/tdm+T4x5aP0V4Y6dre6dhF2ryG392gou/4Qo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:12:10:4a:fa:74:9c:ac:7d:c8:8e:72:14:43:b0:19:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d7f3ddca0cb38ec7b08c69029e20f52dc408f17
Validity
Not Before: Feb 17 04:00:12 2025 GMT
Not After : Feb 18 04:00:12 2025 GMT
Subject: CN=3d9acb2396181cf60c60aac14f881c5057d2837f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:09:52:f5:c2:a3:38:93:19:9c:41:4b:e3:c6:
e8:7a:58:a5:7d:2f:62:a6:97:51:ce:73:b5:5d:f8:
cb:00:4a:02:da:8a:13:60:68:d2:99:cd:b4:6b:7a:
16:c9:44:4d:00:03:f7:e2:3d:68:56:59:44:19:aa:
a8:ce:65:89:c0:eb:26:d4:73:c5:2d:09:fe:6d:af:
55:ba:3d:a2:7f:46:bf:f5:99:1f:c2:5e:66:ba:20:
b9:bc:4b:c9:5b:3b:69:ab:d6:88:d3:7c:33:ad:04:
dd:d7:85:0f:9a:d8:4c:8a:66:a3:bd:38:fe:b0:db:
6e:92:86:ff:b4:d1:62:97:0b:51:d3:e3:a3:30:68:
88:2f:a0:2c:1e:39:ab:eb:9c:18:5a:67:ff:36:c8:
fa:a6:c3:bd:d6:22:15:b1:19:b6:d4:08:6f:d0:47:
ad:f7:fa:d8:7f:8b:77:da:78:bd:d0:a5:26:ab:67:
5f:bc:c4:91:a6:95:c3:02:f2:da:91:ac:b0:ef:30:
a2:2c:b7:50:7e:ab:5a:0e:19:b9:6c:c6:ca:4b:69:
c8:4a:2a:cb:8c:aa:19:0f:f8:c7:db:dd:09:89:36:
2c:55:67:e5:e2:ae:ac:e8:38:f0:79:04:82:85:d3:
4f:22:2b:cc:b5:a6:ca:f0:5e:3b:5d:4e:34:bd:bf:
b4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9A:CB:23:96:18:1C:F6:0C:60:AA:C1:4F:88:1C:50:57:D2:83:7F
X509v3 Authority Key Identifier:
keyid:2D:7F:3D:DC:A0:CB:38:EC:7B:08:C6:90:29:E2:0F:52:DC:40:8F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:94:52:9c:b1:fd:72:75:16:e9:72:e6:e5:f4:ac:dc:a1:ff:
5d:87:da:9e:b9:7d:0e:7e:2e:56:e4:e1:ce:aa:18:93:34:50:
6b:d6:b7:87:2a:87:f0:81:93:77:3a:34:e2:37:ad:24:79:38:
d7:b5:da:5b:78:7b:8e:52:09:20:8b:96:60:e4:11:b1:83:ed:
23:db:45:bf:5f:b0:58:99:81:0e:73:01:46:67:26:e7:7c:de:
d9:cf:ff:41:3f:ac:17:13:8d:d0:fb:53:78:7e:4a:25:25:f2:
c4:d3:8c:20:93:9d:9d:58:fc:6e:81:d8:0e:0a:17:79:33:7e:
5e:5a:5b:d3:fd:a3:21:4b:e5:5c:ba:8a:61:16:ec:c4:93:01:
f6:c8:52:08:a0:b2:b5:de:e2:8e:a9:ac:75:92:3f:e0:05:7a:
2e:59:2f:52:41:cf:ff:a7:bb:1d:a8:ec:b7:91:fa:35:3b:b1:
00:1a:9c:ae:47:d2:c7:7f:3a:a7:a8:ca:39:d8:e5:d4:63:4e:
c0:d2:72:11:5f:74:6d:db:8b:36:eb:b5:08:96:cb:40:ba:c0:
47:ec:38:1b:14:75:18:0f:51:88:ad:50:32:a3:ca:69:97:f2:
1a:39:92:81:e9:7a:ff:8e:b5:d4:c4:bf:19:fc:75:53:52:3f:
d6:8a:8b:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEEr6dJysfciOchRDsBkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkN2YzZGRjYTBjYjM4ZWM3YjA4YzY5MDI5ZTIwZjUyZGM0
MDhmMTcwHhcNMjUwMjE3MDQwMDEyWhcNMjUwMjE4MDQwMDEyWjAzMTEwLwYDVQQD
EygzZDlhY2IyMzk2MTgxY2Y2MGM2MGFhYzE0Zjg4MWM1MDU3ZDI4MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQlS9cKjOJMZnEFL48boelilfS9i
ppdRznO1XfjLAEoC2ooTYGjSmc20a3oWyURNAAP34j1oVllEGaqozmWJwOsm1HPF
LQn+ba9Vuj2if0a/9Zkfwl5muiC5vEvJWztpq9aI03wzrQTd14UPmthMimajvTj+
sNtukob/tNFilwtR0+OjMGiIL6AsHjmr65wYWmf/Nsj6psO91iIVsRm21Ahv0Eet
9/rYf4t32ni90KUmq2dfvMSRppXDAvLakayw7zCiLLdQfqtaDhm5bMbKS2nISirL
jKoZD/jH290JiTYsVWfl4q6s6DjweQSChdNPIivMtabK8F47XU40vb+0IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2ayyOWGBz2DGCqwU+IHFBX0oN/MB8GA1UdIwQY
MBaAFC1/PdygyzjsewjGkCniD1LcQI8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9jNzVhZjQtOWQyNi00MjkwLWIwMjct
YTU2YzUyYmUxOThjLzEvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9jNzVhZjQtOWQyNi00MjkwLWIwMjctYTU2YzUyYmUxOThj
LzEvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdpRSnLH9
cnUW6XLm5fSs3KH/XYfanrl9Dn4uVuThzqoYkzRQa9a3hyqH8IGTdzo04jetJHk4
17XaW3h7jlIJIIuWYOQRsYPtI9tFv1+wWJmBDnMBRmcm53ze2c//QT+sFxON0PtT
eH5KJSXyxNOMIJOdnVj8boHYDgoXeTN+Xlpb0/2jIUvlXLqKYRbsxJMB9shSCKCy
td7ijqmsdZI/4AV6LlkvUkHP/6e7Hajst5H6NTuxABqcrkfSx386p6jKOdjl1GNO
wNJyEV90bduLNuu1CJbLQLrAR+w4GxR1GA9RiK1QMqPKaZfyGjmSgel6/4611MS/
Gfx1U1I/1oqLbg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:45 2025 by rpki-client