Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
File: CANpo1iWH3KE-9WR6SdzfNsFw10.mft (raw, json)
Hash identifier: mGbtkRE7TUqfaEEPdaEM5/xn6DqHXRHDtI1nW/IyyQg=
Subject key identifier: 98:37:6C:85:3D:FC:7D:92:9E:4C:4E:2B:EF:9D:4F:A5:A7:16:17:4C
Authority key identifier: 08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
Certificate issuer: /CN=080369a358961f7284fbd591e927737cdb05c35d
Certificate serial: 019355AD7DF29B947DCB2DD2FE81E088AF6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
Manifest number: 1372
Signing time: Fri 22 Nov 2024 21:00:53 +0000
Manifest this update: Fri 22 Nov 2024 21:00:53 +0000
Manifest next update: Sat 23 Nov 2024 21:00:53 +0000
Files and hashes: 1: CANpo1iWH3KE-9WR6SdzfNsFw10.crl (hash: GCwcuL22+7Q1KuNsDbYiA2JJ3uYeZq+NGPTPlmT6p3o=)
2: TSDT-ft-OdD2QWk0fWRe4-R3yL0.roa (hash: x0eqQ/39ulq7NV0BUaCIVjYZMlvSe9jAUoQmKidG9W4=)
3: s3_b2FtNp_Xov0w8vOK3kpMzIJo.roa (hash: PaZTnhY5+lG7YbdEL6bGma8/SiooFnpR5m/5VAYlKdY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:ad:7d:f2:9b:94:7d:cb:2d:d2:fe:81:e0:88:af:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=080369a358961f7284fbd591e927737cdb05c35d
Validity
Not Before: Nov 22 21:00:53 2024 GMT
Not After : Nov 23 21:00:53 2024 GMT
Subject: CN=98376c853dfc7d929e4c4e2bef9d4fa5a716174c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5e:85:94:73:57:66:39:ba:a4:18:5d:d3:93:
5f:c5:91:33:01:b9:56:b2:1b:10:a4:1b:2c:77:ed:
73:34:f7:77:a8:ac:ab:e9:88:52:3b:17:70:0a:10:
53:45:3f:38:ce:52:58:59:03:8f:f9:75:c0:8f:03:
8f:cb:37:29:47:ac:be:e1:be:a4:85:ed:77:90:78:
b3:1e:e3:04:14:77:12:54:14:9e:d6:db:bc:2d:18:
47:4b:18:bd:66:c7:3e:d9:aa:67:9e:f0:fc:c0:3c:
72:13:e2:82:3a:48:27:c9:ab:59:7b:1b:fe:c8:75:
a5:d0:8b:37:ac:83:dc:3e:50:4c:f5:18:3f:59:90:
83:29:f8:cd:5e:00:6c:1a:60:95:f8:18:b7:f0:ff:
57:1e:aa:b9:e6:be:cf:63:53:cd:4a:de:c8:43:c3:
7e:4b:78:14:ed:db:9a:d2:30:75:ec:99:ed:55:0b:
e8:0d:ff:71:84:31:bc:29:0d:30:d2:f0:8c:3f:cb:
4e:60:51:da:cc:77:c8:c7:18:5a:4f:ef:ff:ca:6e:
7d:47:8f:90:5f:17:2c:61:cd:40:28:63:c4:ef:22:
a8:ad:37:32:39:72:be:3f:50:92:1f:d6:d4:fe:ce:
9a:68:e9:5a:f4:92:ef:db:b7:30:06:3f:77:2c:42:
55:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:37:6C:85:3D:FC:7D:92:9E:4C:4E:2B:EF:9D:4F:A5:A7:16:17:4C
X509v3 Authority Key Identifier:
keyid:08:03:69:A3:58:96:1F:72:84:FB:D5:91:E9:27:73:7C:DB:05:C3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CANpo1iWH3KE-9WR6SdzfNsFw10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01aac3-bce9-4d7e-a5fc-3f1b16c6cd63/1/CANpo1iWH3KE-9WR6SdzfNsFw10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:d8:42:f8:8d:97:02:3c:58:89:a4:f7:1c:2d:3f:a5:18:45:
e7:f7:e2:26:05:7d:8b:98:48:a1:ca:be:ab:2c:71:dc:02:a1:
f0:6c:7d:b7:73:b7:52:10:a2:eb:fc:db:1b:74:24:c1:0b:33:
3e:d5:6f:e5:95:48:e8:0b:95:5d:79:1b:47:bb:17:b1:59:84:
7b:d5:26:fa:9d:20:aa:3b:a8:4c:8f:21:97:ec:4c:c3:10:c1:
10:8e:60:b9:17:7f:b7:71:78:d5:df:0a:1f:a5:04:82:7a:c0:
d1:16:2a:f4:83:09:68:a5:86:cc:68:fa:96:a1:e6:96:10:fa:
1b:a4:3a:78:4c:0f:34:fd:e4:49:b6:01:51:80:79:6e:68:9b:
2c:86:28:f7:81:99:03:f3:41:68:a8:7f:2d:fe:df:80:de:42:
95:7c:8f:09:20:d3:a4:c7:dd:67:c6:34:d5:5a:ae:e3:9a:81:
fa:86:5a:d9:9d:7a:f2:f3:7c:e8:6a:5a:bd:33:31:6a:f9:f0:
26:03:76:f5:2d:cf:08:64:c8:7f:11:1e:73:af:ce:a0:90:bd:
77:86:d6:fe:47:f6:30:dd:95:51:3a:0f:f3:d6:24:35:91:07:
6d:10:ef:93:6e:7e:01:e6:ab:60:90:c9:8c:24:6c:98:a7:af:
aa:d0:ac:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNVrX3ym5R9yy3S/oHgiK9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDM2OWEzNTg5NjFmNzI4NGZiZDU5MWU5Mjc3MzdjZGIw
NWMzNWQwHhcNMjQxMTIyMjEwMDUzWhcNMjQxMTIzMjEwMDUzWjAzMTEwLwYDVQQD
Eyg5ODM3NmM4NTNkZmM3ZDkyOWU0YzRlMmJlZjlkNGZhNWE3MTYxNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF6FlHNXZjm6pBhd05NfxZEzAblW
shsQpBssd+1zNPd3qKyr6YhSOxdwChBTRT84zlJYWQOP+XXAjwOPyzcpR6y+4b6k
he13kHizHuMEFHcSVBSe1tu8LRhHSxi9Zsc+2apnnvD8wDxyE+KCOkgnyatZexv+
yHWl0Is3rIPcPlBM9Rg/WZCDKfjNXgBsGmCV+Bi38P9XHqq55r7PY1PNSt7IQ8N+
S3gU7dua0jB17JntVQvoDf9xhDG8KQ0w0vCMP8tOYFHazHfIxxhaT+//ym59R4+Q
XxcsYc1AKGPE7yKorTcyOXK+P1CSH9bU/s6aaOla9JLv27cwBj93LEJV1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJg3bIU9/H2SnkxOK++dT6WnFhdMMB8GA1UdIwQY
MBaAFAgDaaNYlh9yhPvVkeknc3zbBcNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMt
M2YxYjE2YzZjZDYzLzEvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMWFhYzMtYmNlOS00ZDdlLWE1ZmMtM2YxYjE2YzZjZDYz
LzEvQ0FOcG8xaVdIM0tFLTlXUjZTZHpmTnNGdzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPNhC+I2X
AjxYiaT3HC0/pRhF5/fiJgV9i5hIocq+qyxx3AKh8Gx9t3O3UhCi6/zbG3QkwQsz
PtVv5ZVI6AuVXXkbR7sXsVmEe9Um+p0gqjuoTI8hl+xMwxDBEI5guRd/t3F41d8K
H6UEgnrA0RYq9IMJaKWGzGj6lqHmlhD6G6Q6eEwPNP3kSbYBUYB5bmibLIYo94GZ
A/NBaKh/Lf7fgN5ClXyPCSDTpMfdZ8Y01Vqu45qB+oZa2Z168vN86GpavTMxavnw
JgN29S3PCGTIfxEec6/OoJC9d4bW/kf2MN2VUToP89YkNZEHbRDvk25+AearYJDJ
jCRsmKevqtCsrg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:56:02 2024 by rpki-client on console-ams.rpki-client.org