Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: bcHFG0j7TMKCRy+1NnRYg4Rzqwzm2ggP/iQm8jiopCk=
Subject key identifier: 68:EE:1D:23:9D:99:02:C5:6E:9A:24:9A:99:D8:94:37:4B:E7:34:06
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 0194BB605783474DA5E06444657D3BD9BAB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 142A
Signing time: Fri 31 Jan 2025 08:00:40 +0000
Manifest this update: Fri 31 Jan 2025 08:00:40 +0000
Manifest next update: Sat 01 Feb 2025 08:00:40 +0000
Files and hashes: 1: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: xCYvXbuxcNB/5DV0YsSqgks/R9afzk58ok3Q+HwuAoA=)
2: _qAUmpmDNefd9UH0oGsDdu0Dm10.roa (hash: dhnP4xuQumbVUsoW5XRDL/9RukaAPXCZivf9aCXaQyU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 08:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:60:57:83:47:4d:a5:e0:64:44:65:7d:3b:d9:ba:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: Jan 31 08:00:40 2025 GMT
Not After : Feb 1 08:00:40 2025 GMT
Subject: CN=68ee1d239d9902c56e9a249a99d894374be73406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fb:ad:2b:a0:de:cd:26:81:73:04:20:0a:2a:
b3:12:cd:45:93:fc:12:b9:c4:77:ab:19:b8:7a:54:
5d:c5:22:aa:fb:62:68:4f:38:be:d3:83:ef:1d:c6:
ed:52:73:08:cc:93:22:3a:57:bc:cf:ff:56:ca:8d:
f9:4c:ba:d3:9c:0a:06:4c:00:0e:91:89:ea:b6:f1:
65:8c:c7:b4:e4:b3:d4:18:78:26:26:98:0f:9b:38:
64:bc:54:6b:1e:25:be:f0:e3:6a:36:7f:49:47:df:
c3:ed:34:77:c2:47:7d:0e:e0:3a:d0:83:ff:96:c6:
1f:9a:d9:bf:5e:c9:7d:24:97:3f:a3:35:4d:f6:b6:
73:76:7b:f0:30:ff:c3:e9:63:8d:87:fb:a1:fa:15:
c5:cb:32:ea:50:d2:4f:78:58:3e:dc:8e:d5:6b:fe:
55:7a:7b:79:19:86:c0:f7:6d:bb:23:1e:2d:a0:21:
88:7e:c7:dc:99:d6:c7:c5:b5:99:a6:99:48:75:1a:
d2:96:5f:6f:fb:08:48:2c:1b:8c:19:d6:6b:6d:ae:
45:1f:b9:d1:e5:ab:ae:20:b5:a5:2d:8d:30:25:1a:
ab:77:07:44:50:ab:41:6c:e9:9b:3a:73:b5:8f:23:
2a:e4:82:a6:3a:dc:4d:46:b8:f3:4c:99:33:1a:2d:
32:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EE:1D:23:9D:99:02:C5:6E:9A:24:9A:99:D8:94:37:4B:E7:34:06
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:5e:06:5d:f9:16:c4:7c:0d:16:6c:de:95:df:62:be:27:d4:
a9:8b:83:9a:ab:5d:25:82:30:0e:6d:c0:15:a1:f4:fb:f2:f6:
f1:04:32:d5:5e:9e:ce:b7:b8:68:04:cb:61:b2:e1:62:55:e4:
02:18:ea:2e:93:15:6a:6d:8b:3a:a1:2b:22:c8:5b:71:6a:f3:
86:89:bd:0a:71:b7:6d:b5:1b:d4:57:15:bb:0b:46:bc:d2:ba:
38:87:8c:19:c4:fb:20:a8:c8:03:ed:d9:e6:22:b8:93:23:f4:
05:75:d8:a9:07:cd:88:43:2a:2c:ee:e7:30:55:33:6f:4d:25:
6a:8e:b0:76:a3:67:91:cd:a2:51:17:a7:ef:f4:27:f4:1d:0b:
84:f4:80:86:4f:e8:61:d4:89:14:f6:98:e7:8f:a4:d9:2b:fd:
d7:c8:e3:19:9f:23:06:1f:4a:f4:26:d8:a6:1f:4b:62:03:1c:
40:0e:31:da:f6:a7:58:56:1f:e3:a4:06:e6:41:ac:41:ef:dd:
c8:a5:23:db:dc:e7:56:1f:2c:27:c7:52:82:1f:45:53:e4:ce:
6d:c5:36:1b:3e:3b:82:de:a7:33:de:e1:16:15:93:96:3c:b2:
7e:20:64:94:29:51:90:4c:87:b7:14:7e:e3:d1:1c:a6:e5:d1:
e0:73:96:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7YFeDR02l4GREZX072bqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjUwMTMxMDgwMDQwWhcNMjUwMjAxMDgwMDQwWjAzMTEwLwYDVQQD
Eyg2OGVlMWQyMzlkOTkwMmM1NmU5YTI0OWE5OWQ4OTQzNzRiZTczNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0futK6DezSaBcwQgCiqzEs1Fk/wS
ucR3qxm4elRdxSKq+2JoTzi+04PvHcbtUnMIzJMiOle8z/9Wyo35TLrTnAoGTAAO
kYnqtvFljMe05LPUGHgmJpgPmzhkvFRrHiW+8ONqNn9JR9/D7TR3wkd9DuA60IP/
lsYfmtm/Xsl9JJc/ozVN9rZzdnvwMP/D6WONh/uh+hXFyzLqUNJPeFg+3I7Va/5V
ent5GYbA9227Ix4toCGIfsfcmdbHxbWZpplIdRrSll9v+whILBuMGdZrba5FH7nR
5auuILWlLY0wJRqrdwdEUKtBbOmbOnO1jyMq5IKmOtxNRrjzTJkzGi0yCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGjuHSOdmQLFbpokmpnYlDdL5zQGMB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS14GXfkW
xHwNFmzeld9ivifUqYuDmqtdJYIwDm3AFaH0+/L28QQy1V6ezre4aATLYbLhYlXk
AhjqLpMVam2LOqErIshbcWrzhom9CnG3bbUb1FcVuwtGvNK6OIeMGcT7IKjIA+3Z
5iK4kyP0BXXYqQfNiEMqLO7nMFUzb00lao6wdqNnkc2iURen7/Qn9B0LhPSAhk/o
YdSJFPaY54+k2Sv918jjGZ8jBh9K9CbYph9LYgMcQA4x2vanWFYf46QG5kGsQe/d
yKUj29znVh8sJ8dSgh9FU+TObcU2Gz47gt6nM97hFhWTljyyfiBklClRkEyHtxR+
49EcpuXR4HOWzA==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:29:25 2025 by rpki-client on console-fra.rpki-client.org