Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: lQ2Wj6JF+qZSEKGi+BQ/4PMXYwup+Q80eVP9A3xBLyk=
Subject key identifier: AB:B7:70:EA:C9:4B:B3:11:D5:9A:6D:F6:05:4C:30:3A:21:77:0A:24
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 0194C387DC735F49FEDF63DF912602FF80BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 096A
Signing time: Sat 01 Feb 2025 22:00:48 +0000
Manifest this update: Sat 01 Feb 2025 22:00:48 +0000
Manifest next update: Sun 02 Feb 2025 22:00:48 +0000
Files and hashes: 1: 1lrtH8qIV5e3th4jMCPobjKiYaU.roa (hash: xgADT5hDJzpgst28AckBVIlM/BW2ECMOC24fNQS3BL0=)
2: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: FjUBTIMqLFl9CdI3B1HOSqP/0lLvzJJhR7J/FEz+9yc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:87:dc:73:5f:49:fe:df:63:df:91:26:02:ff:80:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Feb 1 22:00:48 2025 GMT
Not After : Feb 2 22:00:48 2025 GMT
Subject: CN=abb770eac94bb311d59a6df6054c303a21770a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:55:3a:6a:86:4d:a6:38:03:fd:ff:9f:99:47:
61:59:d1:a7:a5:88:90:7a:b4:d7:19:e5:04:42:09:
74:d0:a5:6a:00:bc:eb:df:c4:9e:f2:bf:21:38:62:
d4:ad:c5:e9:05:dd:89:a4:67:95:a0:d2:12:16:57:
1f:16:14:93:67:eb:bc:a2:e6:a9:ef:67:31:2c:7a:
71:c4:36:45:8a:9a:ed:bd:a2:91:43:d8:32:8b:90:
2d:d0:0c:e1:fc:c3:8f:38:68:c7:8e:a3:46:35:d5:
22:5a:74:53:c2:b3:c2:f4:a9:88:e2:d1:f5:2f:0b:
b3:ef:fa:f7:0b:00:d3:9b:dd:6f:b9:33:46:73:2f:
1c:27:ec:7a:5c:a0:fa:ec:5a:a1:23:7d:d8:1a:7d:
0a:61:6f:82:81:da:79:a1:c4:8e:1e:ce:d9:f8:83:
4c:02:a6:cf:ac:9d:dd:a7:f7:41:6d:8b:e4:61:12:
cf:58:91:1d:c6:d7:f7:8e:29:39:15:17:1d:0a:9a:
97:83:f9:31:f5:9e:eb:66:76:da:83:d9:dd:f8:45:
e9:ac:7f:dc:66:5e:d5:37:bd:31:31:17:70:1c:0b:
1a:c6:05:a7:fc:7f:c6:2a:9b:eb:fc:16:c8:d6:93:
61:e1:13:ca:1e:c5:88:01:5e:f6:15:c6:83:04:de:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B7:70:EA:C9:4B:B3:11:D5:9A:6D:F6:05:4C:30:3A:21:77:0A:24
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:9b:92:20:71:cf:15:5c:e5:05:d4:eb:12:69:93:54:71:14:
8f:78:d7:c4:24:a9:cd:47:0c:ab:fe:64:fd:65:8f:bc:d0:ea:
ea:a5:51:f1:ee:ed:79:67:a8:f3:fe:02:60:70:1a:8d:49:d3:
75:65:9a:33:be:1e:ac:49:ef:05:b6:87:a4:9d:6f:c9:7d:7f:
77:31:43:dd:09:92:67:2b:13:02:40:e5:0f:97:a7:d9:84:41:
b3:3e:c6:df:ae:5f:3f:30:05:8f:2d:3c:11:52:a2:29:e9:19:
f5:d5:5f:2b:f9:81:73:71:b1:70:e5:1b:94:74:8e:a5:e8:69:
fd:12:94:3f:e3:ca:a9:37:46:38:61:40:88:3a:00:22:64:fe:
a0:9f:77:a8:fe:76:c6:1f:46:f4:b6:95:8b:0d:6c:5c:c5:ad:
8b:93:9c:38:4d:8b:03:59:02:01:06:26:d1:76:13:d0:8c:05:
d6:f6:27:41:3c:92:d1:4e:ed:ea:60:b4:b6:de:cc:b8:89:52:
07:32:ac:02:73:26:2c:a1:f6:da:83:4a:c5:ae:cd:1f:88:b4:
0e:e3:03:8d:ee:5a:09:89:29:a9:09:77:26:a7:63:61:4d:28:
9b:7b:3f:0f:bc:8b:99:de:f8:0a:3e:47:74:3d:98:2d:cb:8a:
4e:f1:d4:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh9xzX0n+32PfkSYC/4C6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjUwMjAxMjIwMDQ4WhcNMjUwMjAyMjIwMDQ4WjAzMTEwLwYDVQQD
EyhhYmI3NzBlYWM5NGJiMzExZDU5YTZkZjYwNTRjMzAzYTIxNzcwYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VU6aoZNpjgD/f+fmUdhWdGnpYiQ
erTXGeUEQgl00KVqALzr38Se8r8hOGLUrcXpBd2JpGeVoNISFlcfFhSTZ+u8ouap
72cxLHpxxDZFiprtvaKRQ9gyi5At0Azh/MOPOGjHjqNGNdUiWnRTwrPC9KmI4tH1
Lwuz7/r3CwDTm91vuTNGcy8cJ+x6XKD67FqhI33YGn0KYW+Cgdp5ocSOHs7Z+INM
AqbPrJ3dp/dBbYvkYRLPWJEdxtf3jik5FRcdCpqXg/kx9Z7rZnbag9nd+EXprH/c
Zl7VN70xMRdwHAsaxgWn/H/GKpvr/BbI1pNh4RPKHsWIAV72FcaDBN69cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKu3cOrJS7MR1Zpt9gVMMDohdwokMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdZuSIHHP
FVzlBdTrEmmTVHEUj3jXxCSpzUcMq/5k/WWPvNDq6qVR8e7teWeo8/4CYHAajUnT
dWWaM74erEnvBbaHpJ1vyX1/dzFD3QmSZysTAkDlD5en2YRBsz7G365fPzAFjy08
EVKiKekZ9dVfK/mBc3GxcOUblHSOpehp/RKUP+PKqTdGOGFAiDoAImT+oJ93qP52
xh9G9LaViw1sXMWti5OcOE2LA1kCAQYm0XYT0IwF1vYnQTyS0U7t6mC0tt7MuIlS
BzKsAnMmLKH22oNKxa7NH4i0DuMDje5aCYkpqQl3JqdjYU0om3s/D7yLmd74Cj5H
dD2YLcuKTvHUCA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:01:15 2025 by rpki-client