Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/pkzfoBYCORcDN7pgk0ugbkW4zRE.mft
File: pkzfoBYCORcDN7pgk0ugbkW4zRE.mft (raw, json)
Hash identifier: wPr44dgiQ3Mus7P2EuXYujgUPzoayfD75g82sBT7ERg=
Subject key identifier: 3A:A2:4E:EE:8C:A5:B5:7A:2B:F7:A2:38:B9:1C:EB:4C:A6:BD:A7:05
Authority key identifier: A6:4C:DF:A0:16:02:39:17:03:37:BA:60:93:4B:A0:6E:45:B8:CD:11
Certificate issuer: /CN=a64cdfa0160239170337ba60934ba06e45b8cd11
Certificate serial: 0194BB5FE195951CBDD323348AADCBCC70AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkzfoBYCORcDN7pgk0ugbkW4zRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/pkzfoBYCORcDN7pgk0ugbkW4zRE.mft
Manifest number: 1354
Signing time: Fri 31 Jan 2025 08:00:10 +0000
Manifest this update: Fri 31 Jan 2025 08:00:10 +0000
Manifest next update: Sat 01 Feb 2025 08:00:10 +0000
Files and hashes: 1: ZSYjjoE3tBto8BluSqunJgk7oHQ.roa (hash: iHTHcMwi7ntDSxANO5civkuDptItJ8z7l7j08RXxzHg=)
2: pkzfoBYCORcDN7pgk0ugbkW4zRE.crl (hash: //+CN6iTBFqYOT6v95bklEpUJzXV0+LQJJp1jOLbwEw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/pkzfoBYCORcDN7pgk0ugbkW4zRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/pkzfoBYCORcDN7pgk0ugbkW4zRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkzfoBYCORcDN7pgk0ugbkW4zRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:5f:e1:95:95:1c:bd:d3:23:34:8a:ad:cb:cc:70:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a64cdfa0160239170337ba60934ba06e45b8cd11
Validity
Not Before: Jan 31 08:00:10 2025 GMT
Not After : Feb 1 08:00:10 2025 GMT
Subject: CN=3aa24eee8ca5b57a2bf7a238b91ceb4ca6bda705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:00:7f:6f:a0:8a:a4:c9:61:5c:c5:0e:35:ed:
3e:db:eb:0d:4d:a4:47:f7:cd:51:24:19:50:0a:b4:
dc:56:25:71:c0:9e:73:b7:ba:3d:af:3f:12:66:5a:
c2:78:5f:68:44:42:32:d7:c8:86:c9:d3:26:02:ea:
65:cb:4e:d4:a4:23:76:30:e9:5e:a2:00:41:85:c6:
5f:1b:14:6b:ab:3e:df:c4:bb:3e:5f:45:0a:bf:84:
16:fe:19:e2:d1:01:83:f1:f6:00:89:2d:b4:4a:8b:
16:ac:51:1c:61:40:b4:15:ed:58:1e:59:a6:cc:15:
2b:bb:c9:0d:c6:5c:cb:c2:c5:43:cd:15:ab:87:c5:
2c:c4:ca:b6:aa:b1:82:f4:78:dd:f9:eb:a4:25:5b:
b0:65:44:e7:21:48:7c:fb:b7:38:cb:14:40:ea:ae:
71:0b:2a:c2:dd:3c:17:41:98:e5:e5:79:88:99:3c:
e2:e7:89:50:a6:33:b3:44:12:29:74:19:da:9e:36:
2d:82:9e:6a:f6:e3:f6:33:c0:b9:38:1f:d5:98:78:
8c:68:e5:69:4c:dc:9e:f9:c1:a4:61:f4:2c:c7:f2:
dc:9f:50:cd:a2:5f:50:12:f5:61:76:58:f2:8d:03:
45:8f:fe:c5:57:eb:12:f1:36:03:2c:af:31:b0:ae:
55:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A2:4E:EE:8C:A5:B5:7A:2B:F7:A2:38:B9:1C:EB:4C:A6:BD:A7:05
X509v3 Authority Key Identifier:
keyid:A6:4C:DF:A0:16:02:39:17:03:37:BA:60:93:4B:A0:6E:45:B8:CD:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkzfoBYCORcDN7pgk0ugbkW4zRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/pkzfoBYCORcDN7pgk0ugbkW4zRE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/75439d-fb06-4b63-84a3-8bd3c6c704dc/1/pkzfoBYCORcDN7pgk0ugbkW4zRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:1a:72:2a:ea:20:bc:0b:0e:fe:4d:7a:c0:61:32:ea:b8:c3:
bb:aa:3c:2d:01:49:39:d3:4c:74:0a:64:4f:0a:30:9a:5d:00:
7a:52:c4:33:82:05:b5:a3:4d:f8:95:8c:17:e2:a8:e5:62:1a:
cc:da:20:13:d9:73:82:35:8d:be:f8:b7:d8:9a:8a:41:c3:99:
f3:d1:d2:94:7e:fd:8d:d4:5b:64:ec:7e:b6:c9:79:93:64:85:
b5:20:51:12:d9:3d:63:1a:2b:33:3e:f1:27:17:b7:cc:71:27:
e4:94:a3:9d:97:38:12:6d:ce:f0:30:73:0a:8a:34:06:43:95:
d3:0e:26:ff:6a:81:54:39:66:47:2c:d8:4d:a0:b3:0b:52:e8:
d3:6d:16:dc:5b:42:8b:77:bb:14:15:98:fa:d4:15:5f:0d:97:
56:84:7b:45:28:35:f5:d5:f3:cf:22:0b:b3:6a:6a:34:b3:ed:
84:e3:c9:8b:55:d7:2b:f2:69:29:52:4e:7f:ea:8d:49:e4:a1:
d3:3e:0b:da:61:71:d9:e1:30:ba:cf:f3:bb:98:a9:38:79:2c:
e1:47:f4:6c:79:bc:d4:71:b6:0e:2c:ec:e7:d3:13:8f:61:3e:
f4:ff:09:c8:f7:7f:68:55:16:0e:cd:87:7d:60:e1:00:85:01:
d1:52:8f:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7X+GVlRy90yM0iq3LzHCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NGNkZmEwMTYwMjM5MTcwMzM3YmE2MDkzNGJhMDZlNDVi
OGNkMTEwHhcNMjUwMTMxMDgwMDEwWhcNMjUwMjAxMDgwMDEwWjAzMTEwLwYDVQQD
EygzYWEyNGVlZThjYTViNTdhMmJmN2EyMzhiOTFjZWI0Y2E2YmRhNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQB/b6CKpMlhXMUONe0+2+sNTaRH
981RJBlQCrTcViVxwJ5zt7o9rz8SZlrCeF9oREIy18iGydMmAuply07UpCN2MOle
ogBBhcZfGxRrqz7fxLs+X0UKv4QW/hni0QGD8fYAiS20SosWrFEcYUC0Fe1YHlmm
zBUru8kNxlzLwsVDzRWrh8UsxMq2qrGC9Hjd+eukJVuwZUTnIUh8+7c4yxRA6q5x
CyrC3TwXQZjl5XmImTzi54lQpjOzRBIpdBnanjYtgp5q9uP2M8C5OB/VmHiMaOVp
TNye+cGkYfQsx/Lcn1DNol9QEvVhdljyjQNFj/7FV+sS8TYDLK8xsK5VoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqiTu6MpbV6K/eiOLkc60ymvacFMB8GA1UdIwQY
MBaAFKZM36AWAjkXAze6YJNLoG5FuM0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGt6Zm9CWUNPUmNETjdwZ2swdWdia1c0elJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC83NTQzOWQtZmIwNi00YjYzLTg0YTMt
OGJkM2M2YzcwNGRjLzEvcGt6Zm9CWUNPUmNETjdwZ2swdWdia1c0elJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC83NTQzOWQtZmIwNi00YjYzLTg0YTMtOGJkM2M2YzcwNGRj
LzEvcGt6Zm9CWUNPUmNETjdwZ2swdWdia1c0elJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqxpyKuog
vAsO/k16wGEy6rjDu6o8LQFJOdNMdApkTwowml0AelLEM4IFtaNN+JWMF+Ko5WIa
zNogE9lzgjWNvvi32JqKQcOZ89HSlH79jdRbZOx+tsl5k2SFtSBREtk9YxorMz7x
Jxe3zHEn5JSjnZc4Em3O8DBzCoo0BkOV0w4m/2qBVDlmRyzYTaCzC1Lo020W3FtC
i3e7FBWY+tQVXw2XVoR7RSg19dXzzyILs2pqNLPthOPJi1XXK/JpKVJOf+qNSeSh
0z4L2mFx2eEwus/zu5ipOHks4Uf0bHm81HG2Dizs59MTj2E+9P8JyPd/aFUWDs2H
fWDhAIUB0VKP9w==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:34:55 2025 by rpki-client on console-fra.rpki-client.org