Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
File: APkIwDKKjpc_pArFL8M359PE_tA.mft (raw, json)
Hash identifier: EjErgHrM9SXy2e0OwHPWl8Z3LjTOWh8y/lhvNZfpiC8=
Subject key identifier: 96:A9:24:21:94:94:25:BF:43:FE:CA:E0:77:6A:EF:A8:4A:E5:BB:68
Authority key identifier: 00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0
Certificate issuer: /CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
Certificate serial: 019510C6DE356B33E7E6A426CB3E0E9873C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
Manifest number: 1452
Signing time: Sun 16 Feb 2025 22:00:23 +0000
Manifest this update: Sun 16 Feb 2025 22:00:23 +0000
Manifest next update: Mon 17 Feb 2025 22:00:23 +0000
Files and hashes: 1: APkIwDKKjpc_pArFL8M359PE_tA.crl (hash: aAISufGy8WX9XvOmjanp8g1yuX1zrEULzP+mQTsF32c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 22:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:c6:de:35:6b:33:e7:e6:a4:26:cb:3e:0e:98:73:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
Validity
Not Before: Feb 16 22:00:23 2025 GMT
Not After : Feb 17 22:00:23 2025 GMT
Subject: CN=96a92421949425bf43fecae0776aefa84ae5bb68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:06:98:3c:71:b7:cf:ac:69:08:41:05:a0:bd:
8e:f2:e7:9c:22:bf:cd:0b:7f:fb:c1:26:76:18:0a:
f5:9f:14:8f:63:52:0a:0b:24:fb:21:89:73:57:13:
0b:dd:2b:7b:97:b9:68:ce:08:42:34:ac:9f:73:12:
24:98:1e:81:f5:10:bd:c5:7e:e4:1f:e1:a8:71:f6:
d8:6a:2b:23:76:71:ef:42:b3:ba:42:72:87:a4:2f:
cf:1f:f9:bc:af:7f:03:47:33:d3:9e:a5:be:f3:0f:
e4:52:a6:ae:fb:04:5b:4f:d6:7c:c2:42:14:62:1b:
31:da:7d:72:df:cc:ce:5e:ef:36:5a:af:4a:f0:be:
d8:69:7e:e9:b7:54:c9:f0:f7:72:07:09:4a:73:e1:
9d:65:43:2c:cc:ac:4d:d8:a7:82:f1:58:04:15:17:
b2:2e:4f:81:aa:90:2a:c2:a6:bf:c2:73:88:51:5d:
40:a0:aa:04:f1:b1:75:af:af:9d:ed:88:f1:f8:29:
14:37:bb:4b:1a:ad:95:7b:83:0a:13:26:9e:1c:95:
53:2b:27:6b:71:86:4f:8c:40:2a:33:db:eb:2a:48:
4e:d1:42:86:24:6b:6e:2c:df:a3:42:f3:1d:77:52:
63:dc:64:a8:a0:da:53:69:f0:10:30:2e:6f:f8:83:
f2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A9:24:21:94:94:25:BF:43:FE:CA:E0:77:6A:EF:A8:4A:E5:BB:68
X509v3 Authority Key Identifier:
keyid:00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:0d:e1:98:c5:4f:1e:dc:be:a3:37:92:17:44:48:6b:89:4f:
b9:fd:23:6a:24:6a:7d:75:c9:08:1d:cf:80:be:c0:d6:bb:c7:
d8:ac:1d:a9:d9:aa:28:74:df:08:ce:52:a2:c8:69:7f:7e:4d:
e9:e7:54:2a:63:b7:24:06:42:0c:65:7c:cf:b3:19:8d:45:42:
56:9e:b1:17:62:e6:e2:c1:3d:a0:f3:f1:97:6a:7d:7b:e9:9a:
72:26:3e:ae:04:40:28:8e:41:9b:1f:e8:05:a3:67:bc:cd:2c:
a9:5b:f0:12:5f:59:22:e6:a0:bc:76:d2:c4:d4:3b:bf:58:05:
8a:b4:00:39:3b:e0:a8:bf:8c:d0:8c:73:f7:84:7a:a0:95:49:
4f:76:63:ed:5c:ae:76:70:f4:da:74:d4:3e:81:06:21:eb:29:
e6:f1:02:c6:a7:b3:a1:a1:95:91:ad:1a:30:65:b0:36:87:b5:
9f:05:e1:ac:4b:d8:9e:71:6c:9b:ed:d1:4b:75:bf:db:6c:c5:
a0:88:0e:54:f0:c4:fa:7c:73:e1:6e:c9:29:36:ad:e5:8b:e9:
40:07:a9:14:79:0b:d3:46:2a:15:1d:a6:ca:4f:ef:9b:5b:56:
a7:98:bf:cd:71:54:c8:2b:ff:e0:86:c2:07:8b:4e:db:5a:eb:
4c:3a:13:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxt41azPn5qQmyz4OmHPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjkwOGMwMzI4YThlOTczZmE0MGFjNTJmYzMzN2U3ZDNj
NGZlZDAwHhcNMjUwMjE2MjIwMDIzWhcNMjUwMjE3MjIwMDIzWjAzMTEwLwYDVQQD
Eyg5NmE5MjQyMTk0OTQyNWJmNDNmZWNhZTA3NzZhZWZhODRhZTViYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwaYPHG3z6xpCEEFoL2O8uecIr/N
C3/7wSZ2GAr1nxSPY1IKCyT7IYlzVxML3St7l7lozghCNKyfcxIkmB6B9RC9xX7k
H+GocfbYaisjdnHvQrO6QnKHpC/PH/m8r38DRzPTnqW+8w/kUqau+wRbT9Z8wkIU
Yhsx2n1y38zOXu82Wq9K8L7YaX7pt1TJ8PdyBwlKc+GdZUMszKxN2KeC8VgEFRey
Lk+BqpAqwqa/wnOIUV1AoKoE8bF1r6+d7Yjx+CkUN7tLGq2Ve4MKEyaeHJVTKydr
cYZPjEAqM9vrKkhO0UKGJGtuLN+jQvMdd1Jj3GSooNpTafAQMC5v+IPyPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJapJCGUlCW/Q/7K4Hdq76hK5btoMB8GA1UdIwQY
MBaAFAD5CMAyio6XP6QKxS/DN+fTxP7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEt
N2RlY2YxZTQ3ODY1LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEtN2RlY2YxZTQ3ODY1
LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbw3hmMVP
Hty+ozeSF0RIa4lPuf0jaiRqfXXJCB3PgL7A1rvH2KwdqdmqKHTfCM5Soshpf35N
6edUKmO3JAZCDGV8z7MZjUVCVp6xF2Lm4sE9oPPxl2p9e+maciY+rgRAKI5Bmx/o
BaNnvM0sqVvwEl9ZIuagvHbSxNQ7v1gFirQAOTvgqL+M0Ixz94R6oJVJT3Zj7Vyu
dnD02nTUPoEGIesp5vECxqezoaGVka0aMGWwNoe1nwXhrEvYnnFsm+3RS3W/22zF
oIgOVPDE+nxz4W7JKTat5YvpQAepFHkL00YqFR2myk/vm1tWp5i/zXFUyCv/4IbC
B4tO21rrTDoTuQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:56 2025 by rpki-client