Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: Nx3spViRfwt86W1LQKZK+KBS9SVhlfvnAN9rr25bPFk=
Subject key identifier: 62:3C:0C:29:15:4A:D4:EA:BD:CB:BE:9D:FF:83:25:23:98:AB:18:0F
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 019651C8E6E8DA0E5281E10EB8C466514B4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 1346
Signing time: Sun 20 Apr 2025 06:00:42 +0000
Manifest this update: Sun 20 Apr 2025 06:00:42 +0000
Manifest next update: Mon 21 Apr 2025 06:00:42 +0000
Files and hashes: 1: LPL5COduulE_WMolEzZwrGXijT4.roa (hash: H3PvlGhuhwCJd5x48Dt0jme9fPhyxLV/+QRuAD/R+ek=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: UURm1pVunIfB8n+59DhYrTJv9qZx3LxySFIltTU99hc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:c8:e6:e8:da:0e:52:81:e1:0e:b8:c4:66:51:4b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Apr 20 06:00:42 2025 GMT
Not After : Apr 21 06:00:42 2025 GMT
Subject: CN=623c0c29154ad4eabdcbbe9dff83252398ab180f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:98:ee:c4:58:2c:a1:f8:a4:d9:1f:78:e4:
3e:e7:d3:ef:f7:90:52:0f:ce:7a:1b:29:f0:c0:52:
83:71:71:bc:a6:68:90:90:c9:40:93:c2:b4:b9:32:
7c:e6:13:7d:b3:94:1e:db:59:d8:19:4a:ec:fe:ea:
87:31:9d:8f:1c:b1:52:56:90:fa:d8:3c:98:f4:d2:
3a:95:45:77:80:a6:b9:40:4c:74:f0:4b:1d:90:9b:
49:92:5b:e1:7b:67:7d:98:f2:65:3c:12:18:58:1e:
d5:76:6b:c6:c7:bd:4d:b4:91:bf:59:63:63:f5:75:
e8:24:2f:d8:a3:bb:9d:4d:bf:77:29:9b:0b:4a:bf:
78:1b:bc:88:e4:93:6a:b7:0c:28:0c:71:56:b0:82:
62:0f:80:c2:bd:b5:f9:a8:9d:b7:93:98:51:a5:1a:
8c:92:07:c8:9e:45:17:d7:59:6a:06:1a:c4:ac:e9:
71:6d:e7:83:3c:b0:a5:e6:a2:62:38:b7:3d:ce:65:
27:eb:83:fc:2b:56:e8:b0:36:94:a6:73:d9:f1:9d:
b6:a4:62:fb:9d:3b:5f:56:51:be:1f:c7:6c:d4:96:
7e:85:45:71:5d:6a:b4:27:ad:8b:dc:08:61:7c:bb:
97:9c:64:f4:3e:d4:58:ea:3b:f0:db:30:0c:58:cd:
fd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3C:0C:29:15:4A:D4:EA:BD:CB:BE:9D:FF:83:25:23:98:AB:18:0F
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:ba:a6:f2:bf:e9:ae:55:41:3a:13:6c:ef:8d:83:02:c8:cb:
b6:34:dd:c6:53:f0:f5:d4:79:39:f3:61:29:2b:e2:3a:b7:e5:
85:be:24:47:a7:ad:d1:5b:6c:a0:ae:a0:0f:04:ba:42:43:bf:
ad:59:1a:05:65:22:24:c3:04:fa:46:a6:12:8d:04:b4:fa:b3:
57:ec:dc:dc:15:d5:b8:5e:a9:80:f4:d8:44:22:e4:31:de:b4:
8e:e0:2a:8c:44:21:18:0c:60:4b:1d:66:32:52:c0:16:b1:3a:
9f:2b:a9:81:80:29:a5:9f:e1:39:4c:e0:67:4b:1e:23:71:05:
04:1f:37:7a:ab:6b:24:03:5e:b7:e8:86:47:1e:af:4d:23:da:
20:02:f2:f2:a4:22:16:ba:59:a4:5e:d8:e1:c8:a6:77:78:5d:
24:ef:aa:73:6d:df:12:85:58:3d:c7:d2:67:39:92:01:45:29:
ee:37:6c:be:b4:42:9d:8a:a2:eb:c6:b3:7e:7d:5d:d3:a5:8c:
9c:20:d1:42:b0:01:22:ee:58:ae:a8:99:d1:e4:6c:e9:2b:65:
72:e2:0d:e2:49:09:52:99:4b:a1:3d:5a:b7:e9:ed:53:f1:23:
ac:24:08:a0:a5:94:08:49:24:64:5d:92:0b:c2:ea:d2:86:9d:
f5:db:c4:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRyObo2g5SgeEOuMRmUUtLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjUwNDIwMDYwMDQyWhcNMjUwNDIxMDYwMDQyWjAzMTEwLwYDVQQD
Eyg2MjNjMGMyOTE1NGFkNGVhYmRjYmJlOWRmZjgzMjUyMzk4YWIxODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqqY7sRYLKH4pNkfeOQ+59Pv95BS
D856GynwwFKDcXG8pmiQkMlAk8K0uTJ85hN9s5Qe21nYGUrs/uqHMZ2PHLFSVpD6
2DyY9NI6lUV3gKa5QEx08EsdkJtJklvhe2d9mPJlPBIYWB7VdmvGx71NtJG/WWNj
9XXoJC/Yo7udTb93KZsLSr94G7yI5JNqtwwoDHFWsIJiD4DCvbX5qJ23k5hRpRqM
kgfInkUX11lqBhrErOlxbeeDPLCl5qJiOLc9zmUn64P8K1bosDaUpnPZ8Z22pGL7
nTtfVlG+H8ds1JZ+hUVxXWq0J62L3AhhfLuXnGT0PtRY6jvw2zAMWM39NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGI8DCkVStTqvcu+nf+DJSOYqxgPMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxLqm8r/p
rlVBOhNs742DAsjLtjTdxlPw9dR5OfNhKSviOrflhb4kR6et0VtsoK6gDwS6QkO/
rVkaBWUiJMME+kamEo0EtPqzV+zc3BXVuF6pgPTYRCLkMd60juAqjEQhGAxgSx1m
MlLAFrE6nyupgYAppZ/hOUzgZ0seI3EFBB83eqtrJANet+iGRx6vTSPaIALy8qQi
FrpZpF7Y4cimd3hdJO+qc23fEoVYPcfSZzmSAUUp7jdsvrRCnYqi68azfn1d06WM
nCDRQrABIu5YrqiZ0eRs6StlcuIN4kkJUplLoT1at+ntU/EjrCQIoKWUCEkkZF2S
C8Lq0oad9dvEGw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:10:08 2025 by rpki-client