Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier: 9w5/vIXGy8s0qhT72pvjbzWOY/phAt2DK4mJLCdqHLE=
Subject key identifier: 78:34:50:F8:CC:6C:B5:16:DB:CF:5B:67:FB:E1:39:AB:3D:2C:97:17
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial: 01962AF2AE4B6997811F7CD4D572B3CCF1EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number: 1171
Signing time: Sat 12 Apr 2025 17:01:09 +0000
Manifest this update: Sat 12 Apr 2025 17:01:09 +0000
Manifest next update: Sun 13 Apr 2025 17:01:09 +0000
Files and hashes: 1: SIndVbkKUXy4BUQozeoniwpZDAY.roa (hash: w+S8wcJNHWfC84514ZDYZ2EFFwmdH9ulSWKDE7QHbmQ=)
2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: LHRPuEK66smrBJZUZZ5piRXt8i4wUa4GZet5jkcU6NQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 17:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2a:f2:ae:4b:69:97:81:1f:7c:d4:d5:72:b3:cc:f1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Validity
Not Before: Apr 12 17:01:09 2025 GMT
Not After : Apr 13 17:01:09 2025 GMT
Subject: CN=783450f8cc6cb516dbcf5b67fbe139ab3d2c9717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:63:11:a4:cb:ed:6f:be:5d:e1:4b:31:ac:
4c:73:cd:ea:75:f1:78:8a:ee:dd:70:90:e8:12:f1:
43:7f:bd:ec:40:6a:12:48:d0:2b:76:a4:5c:f0:0b:
69:0a:1d:eb:bb:8f:7f:bd:43:75:5e:8e:45:d8:83:
f2:c2:e5:e3:f6:4f:f4:f9:f0:02:6d:58:03:41:9a:
da:67:43:d5:78:97:68:b7:20:d9:8a:b0:05:25:bb:
64:5a:36:c5:24:d3:64:e6:97:99:1e:2e:f7:1d:5f:
33:06:03:d1:51:1b:05:f5:77:ab:a1:eb:9e:fa:b9:
a3:56:f5:c4:4f:92:b9:cc:60:d9:a7:e3:11:0e:8d:
6e:eb:84:9d:66:e8:c6:05:78:3a:46:28:b0:d3:16:
22:eb:ce:c2:6b:41:c4:40:f0:3c:f4:0b:60:09:08:
5b:ff:e2:a5:a0:84:0a:7d:b6:09:1c:68:b7:dc:2a:
13:aa:96:d9:95:c4:96:37:42:64:bd:bb:8f:92:0c:
14:1b:64:04:88:54:2b:d5:19:25:70:ea:1d:6f:a3:
b4:af:a8:c7:9a:1d:99:3c:7a:2a:14:e3:38:60:f0:
6c:41:cd:3b:78:e6:17:d5:9f:62:e1:f7:9d:00:a4:
db:bd:77:8b:ee:44:a1:72:d0:e8:50:e6:b9:7f:f9:
82:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:34:50:F8:CC:6C:B5:16:DB:CF:5B:67:FB:E1:39:AB:3D:2C:97:17
X509v3 Authority Key Identifier:
keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:f2:3d:00:60:40:40:6c:7d:87:cd:c6:25:c8:f6:e8:6e:9e:
fe:bf:09:39:c2:6f:5a:5c:54:9a:5b:40:d2:bf:9c:82:39:68:
2c:57:d7:9d:af:c6:2d:60:50:7e:be:74:a1:2c:50:e1:fb:f8:
6b:4c:75:b0:05:35:0f:e0:db:f5:06:e2:ca:34:11:49:eb:de:
a5:fe:ed:b4:23:d4:52:59:a6:da:10:4b:aa:0f:ab:de:31:8b:
cb:44:89:1e:40:28:bd:9d:81:3c:ed:db:5e:fc:98:c9:9c:cd:
e5:f0:09:57:57:19:4a:07:7d:71:ce:e9:d8:94:e5:65:79:5f:
7c:cf:59:cd:0f:44:12:48:a1:41:33:39:6d:79:ab:1e:8d:46:
ab:9c:4b:07:d8:e0:ad:8a:ea:9e:ad:a8:d4:d2:e5:f1:1c:d5:
da:1e:72:26:41:b4:79:d9:2b:a5:fa:75:29:67:44:5f:8b:00:
5b:5e:01:0b:63:aa:84:ae:1c:db:17:ea:73:b2:e1:42:8c:e4:
85:fc:e5:97:da:e1:94:21:55:7d:60:de:6d:ff:9e:ee:68:85:
a0:16:e2:89:d8:91:4e:a9:e4:96:d1:f3:7c:ec:bd:04:60:b7:
2c:87:34:a3:ac:ae:54:4b:cb:09:62:59:9e:e6:74:fe:b6:56:
d1:6c:3e:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYq8q5LaZeBH3zU1XKzzPHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjUwNDEyMTcwMTA5WhcNMjUwNDEzMTcwMTA5WjAzMTEwLwYDVQQD
Eyg3ODM0NTBmOGNjNmNiNTE2ZGJjZjViNjdmYmUxMzlhYjNkMmM5NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7ljEaTL7W++XeFLMaxMc83qdfF4
iu7dcJDoEvFDf73sQGoSSNArdqRc8AtpCh3ru49/vUN1Xo5F2IPywuXj9k/0+fAC
bVgDQZraZ0PVeJdotyDZirAFJbtkWjbFJNNk5peZHi73HV8zBgPRURsF9Xeroeue
+rmjVvXET5K5zGDZp+MRDo1u64SdZujGBXg6Riiw0xYi687Ca0HEQPA89AtgCQhb
/+KloIQKfbYJHGi33CoTqpbZlcSWN0JkvbuPkgwUG2QEiFQr1RklcOodb6O0r6jH
mh2ZPHoqFOM4YPBsQc07eOYX1Z9i4fedAKTbvXeL7kShctDoUOa5f/mCBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHg0UPjMbLUW289bZ/vhOas9LJcXMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjvI9AGBA
QGx9h83GJcj26G6e/r8JOcJvWlxUmltA0r+cgjloLFfXna/GLWBQfr50oSxQ4fv4
a0x1sAU1D+Db9QbiyjQRSevepf7ttCPUUlmm2hBLqg+r3jGLy0SJHkAovZ2BPO3b
XvyYyZzN5fAJV1cZSgd9cc7p2JTlZXlffM9ZzQ9EEkihQTM5bXmrHo1Gq5xLB9jg
rYrqnq2o1NLl8RzV2h5yJkG0edkrpfp1KWdEX4sAW14BC2OqhK4c2xfqc7LhQozk
hfzll9rhlCFVfWDebf+e7miFoBbiidiRTqnkltHzfOy9BGC3LIc0o6yuVEvLCWJZ
nuZ0/rZW0Ww+hQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:49:25 2025 by rpki-client