Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier: 6/EKHXNvejqK35Yyg+dE6HlVT/8TyxYPC0X1p2V5nD4=
Subject key identifier: 79:84:F7:B0:A4:90:E6:B3:1D:C0:AD:EE:02:F4:18:C8:56:FF:CD:61
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial: 01935877AF8BB609E106F5E361CDF2C8D503
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number: 0FFA
Signing time: Sat 23 Nov 2024 10:00:58 +0000
Manifest this update: Sat 23 Nov 2024 10:00:58 +0000
Manifest next update: Sun 24 Nov 2024 10:00:58 +0000
Files and hashes: 1: Hx3rgeH5wkHruJbrRF7L6RtsSU0.roa (hash: 3tN9NCae+HEMbbgseRLL95nqkRDMgQky9P5w9RSIrBA=)
2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: Qv8CstxSMZUSPBp+mW5KF404xYthnMtQqWS0fYQL79I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:58:77:af:8b:b6:09:e1:06:f5:e3:61:cd:f2:c8:d5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Validity
Not Before: Nov 23 10:00:58 2024 GMT
Not After : Nov 24 10:00:58 2024 GMT
Subject: CN=7984f7b0a490e6b31dc0adee02f418c856ffcd61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:27:ac:8b:cc:c4:68:38:71:82:4b:35:e7:
2b:78:e5:ec:08:40:f0:7a:78:3c:7b:e6:ee:d8:b5:
c2:6a:ba:a5:6a:18:2c:7a:4e:91:0e:f1:01:55:b3:
82:de:f8:24:f1:17:f8:9b:eb:42:72:5c:f7:e5:bf:
ce:ae:f7:e4:4c:48:6c:6b:db:9c:da:41:c8:af:64:
c4:b3:8a:f2:e5:9b:a5:93:ce:fb:ff:2e:a8:8d:84:
ff:59:8c:66:4c:8b:20:33:28:fc:df:4d:aa:2a:79:
5f:ae:d3:c3:2f:2a:9a:cf:2d:71:6b:9f:b8:18:97:
69:ad:5a:01:9a:f0:cb:05:c0:ed:62:6e:45:e6:76:
7c:77:c4:e9:86:1f:ce:a5:e4:8b:2b:99:2b:02:34:
dc:dc:50:da:29:24:f5:f7:07:39:77:1a:ce:4a:20:
ab:84:84:24:1b:ea:0e:b3:55:1d:3c:70:9c:24:b7:
01:23:40:75:ff:43:32:29:a6:ea:66:a0:b7:7a:1c:
1c:9f:3e:06:b2:f5:a1:c2:08:53:1d:fc:51:c2:4f:
e6:56:6e:eb:b2:82:dc:df:eb:58:b0:d6:95:31:ff:
4d:83:e8:fb:ab:08:2b:36:10:f6:ea:17:92:aa:c9:
23:af:03:04:5a:30:5c:d1:2d:2b:f3:20:5c:3a:23:
fa:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:84:F7:B0:A4:90:E6:B3:1D:C0:AD:EE:02:F4:18:C8:56:FF:CD:61
X509v3 Authority Key Identifier:
keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:a6:2e:d8:d9:32:0b:84:68:b2:ef:54:64:a5:c6:e1:16:fa:
5d:c2:55:7a:f7:d3:de:64:94:cb:f1:fb:10:77:17:a1:83:73:
24:a6:7c:e3:e3:09:67:15:f0:8e:6b:3c:8a:23:ec:b8:47:f2:
7b:a3:a1:52:cb:46:15:59:9b:57:f6:58:d7:0a:d2:c2:b1:95:
76:91:6c:f7:12:7f:0a:44:c5:33:63:05:99:44:e1:31:05:85:
9c:cc:be:6b:c1:c5:b2:14:be:d3:91:f5:3e:a7:53:92:bf:ca:
d5:84:d9:d3:9e:a3:59:00:dc:7e:5a:73:8d:30:32:a8:e4:6d:
ac:00:fe:63:f3:b1:0c:7f:87:e5:ce:e7:75:87:80:d9:f8:75:
f6:a8:aa:86:08:a6:84:0c:e9:da:6f:86:45:c3:b3:85:bb:76:
5a:17:92:6e:1f:c1:ed:8a:11:c5:e9:35:64:c0:14:4a:1a:38:
52:fc:42:3c:ef:37:df:8a:12:55:09:00:83:1e:61:52:45:5f:
da:85:4a:ec:bc:aa:b0:5d:46:ce:23:69:ec:d2:bb:bb:97:3b:
5d:ab:09:84:07:71:79:62:9a:83:88:90:c8:a4:f0:25:3a:ad:
56:bd:0e:f8:3d:fc:a7:c5:6a:7a:3f:0b:66:78:aa:f5:96:c6:
76:f7:ca:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYd6+LtgnhBvXjYc3yyNUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjQxMTIzMTAwMDU4WhcNMjQxMTI0MTAwMDU4WjAzMTEwLwYDVQQD
Eyg3OTg0ZjdiMGE0OTBlNmIzMWRjMGFkZWUwMmY0MThjODU2ZmZjZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+MnrIvMxGg4cYJLNecreOXsCEDw
eng8e+bu2LXCarqlahgsek6RDvEBVbOC3vgk8Rf4m+tCclz35b/OrvfkTEhsa9uc
2kHIr2TEs4ry5Zulk877/y6ojYT/WYxmTIsgMyj8302qKnlfrtPDLyqazy1xa5+4
GJdprVoBmvDLBcDtYm5F5nZ8d8Tphh/OpeSLK5krAjTc3FDaKST19wc5dxrOSiCr
hIQkG+oOs1UdPHCcJLcBI0B1/0MyKabqZqC3ehwcnz4GsvWhwghTHfxRwk/mVm7r
soLc3+tYsNaVMf9Ng+j7qwgrNhD26heSqskjrwMEWjBc0S0r8yBcOiP6SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmE97CkkOazHcCt7gL0GMhW/81hMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkKYu2Nky
C4Rosu9UZKXG4Rb6XcJVevfT3mSUy/H7EHcXoYNzJKZ84+MJZxXwjms8iiPsuEfy
e6OhUstGFVmbV/ZY1wrSwrGVdpFs9xJ/CkTFM2MFmUThMQWFnMy+a8HFshS+05H1
PqdTkr/K1YTZ056jWQDcflpzjTAyqORtrAD+Y/OxDH+H5c7ndYeA2fh19qiqhgim
hAzp2m+GRcOzhbt2WheSbh/B7YoRxek1ZMAUSho4UvxCPO8334oSVQkAgx5hUkVf
2oVK7LyqsF1GziNp7NK7u5c7XasJhAdxeWKag4iQyKTwJTqtVr0O+D38p8Vqej8L
Zniq9ZbGdvfKVg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:46 2024 by rpki-client on console-fra.rpki-client.org