Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
File: CANpo1iWH3KE-9WR6SdzfNsFw10.mft (raw, json)
Hash identifier: mHhCWF8YhW9X9yfa9CIlAg9lpntJUSI6HH9NaiiVyaA=
Subject key identifier: 6B:6A:35:FD:A3:C6:99:85:86:D2:06:52:E9:EC:CC:84:08:6B:A0:2B
Authority key identifier: 08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
Certificate issuer: /CN=080369a358961f7284fbd591e927737cdb05c35d
Certificate serial: 0196439F1F095C8E021A191C4BAAE2E51F3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
Manifest number: 14F7
Signing time: Thu 17 Apr 2025 12:00:23 +0000
Manifest this update: Thu 17 Apr 2025 12:00:23 +0000
Manifest next update: Fri 18 Apr 2025 12:00:23 +0000
Files and hashes: 1: CANpo1iWH3KE-9WR6SdzfNsFw10.crl (hash: DKaBPZhwUmGEDU4O2sXki8GiJZLm5U+RB89Xoy/Spyw=)
2: GP2HIzJfCfnGM2MVlkSHwUHaN84.roa (hash: ETW1pgFwQtTKE9AFyJGtQ+Xl0Zj/E5KZv9xhDaWW5T8=)
3: qfVV9jSGkUSpTVAmIfthWu05Cnw.roa (hash: UbRHP3L39dp/ZkCYjMy0IuUuv/BT0urLDu7xXNtiXsY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:9f:1f:09:5c:8e:02:1a:19:1c:4b:aa:e2:e5:1f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=080369a358961f7284fbd591e927737cdb05c35d
Validity
Not Before: Apr 17 12:00:23 2025 GMT
Not After : Apr 18 12:00:23 2025 GMT
Subject: CN=6b6a35fda3c6998586d20652e9eccc84086ba02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3c:58:1d:7e:80:c1:14:fd:34:d2:3d:a5:52:
3c:36:ce:34:cc:37:a9:89:00:91:6d:0f:ae:d0:48:
39:d8:24:57:ec:30:2c:fd:57:4e:98:bc:49:17:70:
0d:62:66:a1:97:04:fa:b2:a5:83:1b:ad:70:3a:9e:
18:1e:79:f1:a7:08:77:b4:28:78:c6:9b:47:96:a8:
3c:5e:f2:b0:f8:f4:f9:0d:18:18:96:10:e9:0a:fb:
cf:76:f9:0f:fb:7b:26:b8:6c:14:aa:e4:5f:c8:a4:
05:73:cb:a7:b4:1b:4c:60:85:34:42:5e:46:e9:a3:
17:59:e8:57:3d:4c:96:8f:db:45:5a:77:c3:e3:57:
90:a2:f5:3f:2e:3d:05:6f:a2:89:84:03:ed:7a:27:
a2:e2:c3:4b:f6:ff:4e:b2:32:c6:69:82:ac:e3:ff:
2e:7d:ec:16:4b:5a:8d:bf:5e:1c:2f:9d:25:fc:56:
50:6b:06:c6:97:5c:40:2b:21:42:d1:52:a2:ad:c5:
8f:02:3b:8c:05:e2:54:ba:86:9d:70:fb:4a:f7:ef:
60:55:fc:63:12:ed:53:d8:39:34:e1:57:54:7f:19:
7b:85:58:1c:b5:77:f6:72:98:f3:c7:0c:53:ab:01:
9c:e7:df:19:4e:d6:76:1b:54:ac:a2:46:01:49:1f:
2a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6A:35:FD:A3:C6:99:85:86:D2:06:52:E9:EC:CC:84:08:6B:A0:2B
X509v3 Authority Key Identifier:
keyid:08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:f0:92:09:b5:fc:7e:b7:05:8c:9e:07:43:36:86:de:35:dc:
af:7b:27:7a:d9:f2:e9:e1:09:0a:4c:0d:75:04:89:6d:64:4a:
e2:2c:af:3e:66:6d:83:70:3f:24:24:69:3f:cf:d3:c7:06:e6:
ec:46:13:cf:a3:35:71:f0:64:81:7a:1f:31:db:5b:92:3d:30:
b9:96:f9:79:1a:9f:44:f6:92:37:2c:0a:0b:f2:d8:36:a9:09:
05:94:6b:88:83:f7:e2:fc:21:4a:09:bb:e7:e0:4e:24:9a:ce:
15:49:ef:42:38:c3:f6:95:98:25:a9:f3:98:da:22:54:21:4d:
35:3f:54:20:41:5e:35:20:42:2f:73:cd:7a:e4:f3:cd:bb:8e:
f7:1a:49:4d:60:9f:56:20:d5:0b:17:ca:57:89:40:42:04:8e:
b1:34:e7:54:6d:8b:7d:fb:44:ea:e7:d9:3f:df:00:85:a8:c4:
3c:d2:38:ed:2e:f9:1b:98:bb:c7:cd:a4:dc:44:b7:9a:7b:fb:
b5:4a:56:5d:56:7d:04:a0:25:0b:44:b8:f8:28:3e:99:2f:56:
9e:11:55:24:05:f1:e7:bb:23:80:bd:da:9c:7f:94:6c:8e:cb:
c5:77:1d:79:8b:2d:41:22:dc:57:26:bb:e6:c9:44:fc:a0:52:
86:c0:4c:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZDnx8JXI4CGhkcS6ri5R89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDM2OWEzNTg5NjFmNzI4NGZiZDU5MWU5Mjc3MzdjZGIw
NWMzNWQwHhcNMjUwNDE3MTIwMDIzWhcNMjUwNDE4MTIwMDIzWjAzMTEwLwYDVQQD
Eyg2YjZhMzVmZGEzYzY5OTg1ODZkMjA2NTJlOWVjY2M4NDA4NmJhMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DxYHX6AwRT9NNI9pVI8Ns40zDep
iQCRbQ+u0Eg52CRX7DAs/VdOmLxJF3ANYmahlwT6sqWDG61wOp4YHnnxpwh3tCh4
xptHlqg8XvKw+PT5DRgYlhDpCvvPdvkP+3smuGwUquRfyKQFc8untBtMYIU0Ql5G
6aMXWehXPUyWj9tFWnfD41eQovU/Lj0Fb6KJhAPteiei4sNL9v9OsjLGaYKs4/8u
fewWS1qNv14cL50l/FZQawbGl1xAKyFC0VKircWPAjuMBeJUuoadcPtK9+9gVfxj
Eu1T2Dk04VdUfxl7hVgctXf2cpjzxwxTqwGc598ZTtZ2G1SsokYBSR8qbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtqNf2jxpmFhtIGUunszIQIa6ArMB8GA1UdIwQY
MBaAFAgDaaNYlh9yhPvVkeknc3zbBcNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMt
M2YxYjE2YzZjZDYzLzEvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMtM2YxYjE2YzZjZDYz
LzEvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL/CSCbX8
frcFjJ4HQzaG3jXcr3snetny6eEJCkwNdQSJbWRK4iyvPmZtg3A/JCRpP8/Txwbm
7EYTz6M1cfBkgXofMdtbkj0wuZb5eRqfRPaSNywKC/LYNqkJBZRriIP34vwhSgm7
5+BOJJrOFUnvQjjD9pWYJanzmNoiVCFNNT9UIEFeNSBCL3PNeuTzzbuO9xpJTWCf
ViDVCxfKV4lAQgSOsTTnVG2LfftE6ufZP98AhajEPNI47S75G5i7x82k3ES3mnv7
tUpWXVZ9BKAlC0S4+Cg+mS9WnhFVJAXx57sjgL3anH+UbI7LxXcdeYstQSLcVya7
5slE/KBShsBMrw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:13:40 2025 by rpki-client