Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
File: AFetCa6aGpgBInWFGqvmnk4VovQ.mft (raw, json)
Hash identifier: HxBoyvTYZFWmMm6CtD0ZevnOcm3/38RACZa4hRQ/N8c=
Subject key identifier: D1:BE:1E:63:72:39:2E:09:54:7D:79:48:2C:07:53:D1:93:7A:BC:4D
Authority key identifier: 00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
Certificate issuer: /CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Certificate serial: 019510C7C05D086A85C951DF5536DBB53E3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
Manifest number: 0D3E
Signing time: Sun 16 Feb 2025 22:01:21 +0000
Manifest this update: Sun 16 Feb 2025 22:01:21 +0000
Manifest next update: Mon 17 Feb 2025 22:01:21 +0000
Files and hashes: 1: AFetCa6aGpgBInWFGqvmnk4VovQ.crl (hash: YPwHLKXpzhWdIgFlGD/hIyZrvofFqKsrYLNJyP8SyQc=)
2: uxPm2jgrGB9aUpoVSqtxOrk6oLc.roa (hash: jnz+6TEphg6WeFVMNjeLnKwOXT2+7WslFFXVeACqJbs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 22:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:10:c7:c0:5d:08:6a:85:c9:51:df:55:36:db:b5:3e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Validity
Not Before: Feb 16 22:01:21 2025 GMT
Not After : Feb 17 22:01:21 2025 GMT
Subject: CN=d1be1e6372392e09547d79482c0753d1937abc4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e9:93:e8:d1:84:60:3b:6b:35:85:ad:f8:4e:
e5:ef:a2:ce:01:1e:88:01:ee:98:83:46:24:2e:dd:
82:13:5c:6a:3a:57:5f:37:dc:4b:3e:6d:9f:74:cc:
f8:b5:b1:24:60:9e:c2:a5:ab:56:10:86:e5:78:af:
55:a8:8f:5a:7a:fe:ed:83:64:36:fd:11:3f:1c:f0:
20:e8:b1:71:e7:f1:1c:41:b7:fb:ba:4b:ba:cc:d2:
c4:d8:b0:ff:25:60:34:d9:c0:5f:6a:b6:3a:9a:f5:
80:ff:d5:9e:6c:38:0d:f2:08:5c:8a:dc:d8:2a:f9:
30:2c:99:17:56:2b:ac:ab:1f:75:d9:17:d5:8e:b7:
5b:51:1e:7d:81:90:9e:11:a5:ef:50:1a:73:78:66:
60:1a:42:79:13:70:02:de:27:1d:3a:5f:60:c4:be:
66:77:6e:d5:da:6c:c9:8c:e8:18:45:68:9b:99:93:
85:7f:b4:e7:32:69:4f:fc:ac:18:3e:aa:da:ae:59:
87:4b:24:8b:7d:6a:a8:aa:3c:31:26:4d:28:ea:e6:
ee:a3:a9:1a:1b:27:a5:f9:56:4f:d9:eb:21:29:f7:
f5:7b:14:b9:3e:4f:8e:22:35:51:ed:7c:1c:bb:76:
1b:12:2e:69:c0:1b:b4:62:46:24:c2:20:1c:c9:3c:
49:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BE:1E:63:72:39:2E:09:54:7D:79:48:2C:07:53:D1:93:7A:BC:4D
X509v3 Authority Key Identifier:
keyid:00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:6b:61:86:87:d2:62:36:d6:6e:fe:6b:41:32:d8:c2:21:20:
2e:c4:9e:31:28:e1:46:6e:12:9e:0f:bf:9c:15:66:c1:0f:7c:
03:c6:81:3f:66:ed:66:e7:7d:b9:93:b8:0a:13:92:b7:69:54:
d2:d5:8c:ae:e1:c6:a5:25:fa:75:d3:d8:0e:9a:a3:72:a1:6f:
21:82:4f:ee:7f:9c:06:60:db:ba:4b:a0:c3:c4:24:ce:1c:27:
e2:5e:b9:3e:31:50:1e:cc:19:a5:91:e2:2a:e2:fd:46:7b:14:
88:a8:ef:77:2f:7c:2e:5a:03:00:9b:f9:99:6f:de:b6:37:86:
f3:54:51:12:30:de:c9:08:73:d8:a1:89:3e:20:00:a1:f4:3a:
90:d1:9d:0d:a3:57:0b:7f:0a:18:95:b7:eb:4a:a5:b5:c7:ec:
96:55:c5:bb:6d:14:80:30:e9:55:7e:f1:1f:7e:08:17:3a:9b:
66:42:84:36:7a:b7:5f:51:72:58:51:3f:5e:f4:11:a7:f9:69:
28:4f:09:6d:af:78:d1:31:37:ee:d1:a7:8a:4d:07:75:cc:a9:
c1:4c:1b:e9:f9:37:58:8d:8b:ee:5e:d8:4a:5a:0f:e8:de:fb:
9d:a1:07:f1:c4:76:7d:39:94:7f:07:8a:7f:1f:51:34:58:d5:
37:6e:7d:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx8BdCGqFyVHfVTbbtT4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTdhZDA5YWU5YTFhOTgwMTIyNzU4NTFhYWJlNjllNGUx
NWEyZjQwHhcNMjUwMjE2MjIwMTIxWhcNMjUwMjE3MjIwMTIxWjAzMTEwLwYDVQQD
EyhkMWJlMWU2MzcyMzkyZTA5NTQ3ZDc5NDgyYzA3NTNkMTkzN2FiYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsumT6NGEYDtrNYWt+E7l76LOAR6I
Ae6Yg0YkLt2CE1xqOldfN9xLPm2fdMz4tbEkYJ7CpatWEIbleK9VqI9aev7tg2Q2
/RE/HPAg6LFx5/EcQbf7uku6zNLE2LD/JWA02cBfarY6mvWA/9WebDgN8ghcitzY
KvkwLJkXViusqx912RfVjrdbUR59gZCeEaXvUBpzeGZgGkJ5E3AC3icdOl9gxL5m
d27V2mzJjOgYRWibmZOFf7TnMmlP/KwYPqrarlmHSySLfWqoqjwxJk0o6ubuo6ka
Gyel+VZP2eshKff1exS5Pk+OIjVR7Xwcu3YbEi5pwBu0YkYkwiAcyTxJ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNG+HmNyOS4JVH15SCwHU9GTerxNMB8GA1UdIwQY
MBaAFABXrQmumhqYASJ1hRqr5p5OFaL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2Qt
ZGNhMzhkNTlhMTU4LzEvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2QtZGNhMzhkNTlhMTU4
LzEvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAImthhofS
YjbWbv5rQTLYwiEgLsSeMSjhRm4Sng+/nBVmwQ98A8aBP2btZud9uZO4ChOSt2lU
0tWMruHGpSX6ddPYDpqjcqFvIYJP7n+cBmDbukugw8Qkzhwn4l65PjFQHswZpZHi
KuL9RnsUiKjvdy98LloDAJv5mW/etjeG81RREjDeyQhz2KGJPiAAofQ6kNGdDaNX
C38KGJW360qltcfsllXFu20UgDDpVX7xH34IFzqbZkKENnq3X1FyWFE/XvQRp/lp
KE8Jba940TE37tGnik0HdcypwUwb6fk3WI2L7l7YSloP6N77naEH8cR2fTmUfweK
fx9RNFjVN259gQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:48 2025 by rpki-client