Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
File: QYHCLrezLZAdElcA4UDrYAncxto.mft (raw, json)
Hash identifier: tHZucBs8lK8QZaiMademj2QFEwDivh2bWu64Ta7jtSw=
Subject key identifier: 74:44:35:37:37:72:40:54:6C:B9:C0:70:41:11:96:57:2A:25:C7:01
Authority key identifier: 41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
Certificate issuer: /CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Certificate serial: 0194BABBC063A12B89A6E3ACFE0F81649EE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
Manifest number: 142E
Signing time: Fri 31 Jan 2025 05:00:54 +0000
Manifest this update: Fri 31 Jan 2025 05:00:54 +0000
Manifest next update: Sat 01 Feb 2025 05:00:54 +0000
Files and hashes: 1: HitPQyHhpEoVidVOwqr2ddK23LE.roa (hash: UNtTyCfc7GR1gxgfjG0Y/XLw7gBd/DnSW8H0cz2SvrM=)
2: QYHCLrezLZAdElcA4UDrYAncxto.crl (hash: nisekJZ9CMA62K/UwKT3vj2UHIPGKHBUZmHGXedgZDE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 05:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:bb:c0:63:a1:2b:89:a6:e3:ac:fe:0f:81:64:9e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Validity
Not Before: Jan 31 05:00:54 2025 GMT
Not After : Feb 1 05:00:54 2025 GMT
Subject: CN=74443537377240546cb9c070411196572a25c701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:f7:ed:af:2f:6e:e9:a0:7b:8f:ca:bf:60:
26:a0:f3:47:48:84:80:cd:df:8d:94:ec:04:de:bd:
33:c8:1e:a1:b7:52:a6:a8:43:59:f7:8f:0e:98:8d:
e0:17:6c:17:fa:d0:36:59:95:11:27:36:25:e4:f0:
cd:ab:91:4b:42:f3:bb:8d:94:a9:b9:77:3b:bb:50:
70:4b:cc:ff:77:df:65:26:da:05:fb:b9:3f:b3:52:
63:a2:00:ac:e2:21:0b:4e:92:d7:48:39:cc:3b:41:
1a:ab:e4:8f:41:1c:56:f4:3e:de:10:8e:06:f5:f4:
5e:ad:70:c3:43:8e:cd:df:2d:d9:50:d1:82:5d:40:
d4:4c:e5:f8:9d:01:fe:d2:30:ff:84:a1:08:aa:c9:
bb:07:95:44:b6:e0:5d:3f:c8:68:e1:eb:45:2d:3c:
02:e6:98:0f:25:df:6a:6a:e4:c1:b3:7e:5d:83:d5:
fc:1f:32:d9:69:67:07:41:9a:21:82:78:08:53:91:
ff:76:7a:a7:59:33:49:fa:94:47:79:eb:b2:7a:68:
e1:27:ab:77:be:c8:49:09:f5:d2:1e:36:6e:6a:5a:
52:f2:73:a4:d2:6f:13:39:7d:c5:95:4b:ba:25:0f:
af:8e:5e:e5:c4:2c:c1:aa:e3:8a:07:d8:7b:0d:25:
ac:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:44:35:37:37:72:40:54:6C:B9:C0:70:41:11:96:57:2A:25:C7:01
X509v3 Authority Key Identifier:
keyid:41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:84:72:f6:c1:bd:10:30:97:86:9f:2e:ae:79:d7:61:22:fb:
8d:ea:3c:07:d5:49:66:8e:7d:d6:3c:86:23:35:4b:b6:e8:97:
5e:9e:7d:7c:f6:91:ff:78:dc:67:81:92:c8:a8:37:fd:93:2e:
71:59:e5:44:b1:88:f0:3a:92:0f:c2:b6:5b:a7:b5:04:32:13:
dd:ea:25:ef:22:4d:ff:f4:75:f7:e0:bd:02:67:50:5f:14:22:
fb:65:2b:f2:19:b9:b2:d1:5d:8d:8b:87:77:43:e6:fa:d1:80:
cf:30:5a:30:32:60:f4:ab:6b:55:25:ad:19:e3:ae:31:76:5e:
ce:bb:05:4f:5f:e7:5b:3f:3b:28:5c:1b:94:a9:3e:8d:b6:28:
89:bf:98:65:6c:b2:c3:e9:a7:e8:f8:73:2f:a8:99:7e:aa:23:
3b:0f:fe:ec:8c:44:5d:19:67:e4:38:bb:69:90:22:02:cc:d1:
25:0d:0b:ce:9a:23:f8:76:f5:86:a9:90:d3:76:f0:4f:ce:61:
47:9d:65:9b:51:c4:92:b3:47:de:a8:c7:67:2b:9c:87:45:5d:
40:25:bb:ca:3a:35:77:a9:fa:88:3c:42:1d:6f:a4:40:9b:e1:
24:6c:a0:9a:75:e9:f5:86:28:d4:8e:b8:c5:e6:e7:81:9d:95:
41:8a:3d:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6u8BjoSuJpuOs/g+BZJ7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxODFjMjJlYjdiMzJkOTAxZDEyNTcwMGUxNDBlYjYwMDlk
Y2M2ZGEwHhcNMjUwMTMxMDUwMDU0WhcNMjUwMjAxMDUwMDU0WjAzMTEwLwYDVQQD
Eyg3NDQ0MzUzNzM3NzI0MDU0NmNiOWMwNzA0MTExOTY1NzJhMjVjNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+v37a8vbumge4/Kv2AmoPNHSISA
zd+NlOwE3r0zyB6ht1KmqENZ948OmI3gF2wX+tA2WZURJzYl5PDNq5FLQvO7jZSp
uXc7u1BwS8z/d99lJtoF+7k/s1JjogCs4iELTpLXSDnMO0Eaq+SPQRxW9D7eEI4G
9fRerXDDQ47N3y3ZUNGCXUDUTOX4nQH+0jD/hKEIqsm7B5VEtuBdP8ho4etFLTwC
5pgPJd9qauTBs35dg9X8HzLZaWcHQZohgngIU5H/dnqnWTNJ+pRHeeuyemjhJ6t3
vshJCfXSHjZualpS8nOk0m8TOX3FlUu6JQ+vjl7lxCzBquOKB9h7DSWsQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRENTc3ckBUbLnAcEERllcqJccBMB8GA1UdIwQY
MBaAFEGBwi63sy2QHRJXAOFA62AJ3MbaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMt
YzIxNDA5NDQyZmFjLzEvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMtYzIxNDA5NDQyZmFj
LzEvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZIRy9sG9
EDCXhp8urnnXYSL7jeo8B9VJZo591jyGIzVLtuiXXp59fPaR/3jcZ4GSyKg3/ZMu
cVnlRLGI8DqSD8K2W6e1BDIT3eol7yJN//R19+C9AmdQXxQi+2Ur8hm5stFdjYuH
d0Pm+tGAzzBaMDJg9KtrVSWtGeOuMXZezrsFT1/nWz87KFwblKk+jbYoib+YZWyy
w+mn6PhzL6iZfqojOw/+7IxEXRln5Di7aZAiAszRJQ0Lzpoj+Hb1hqmQ03bwT85h
R51lm1HEkrNH3qjHZyuch0VdQCW7yjo1d6n6iDxCHW+kQJvhJGygmnXp9YYo1I64
xebngZ2VQYo96A==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:33:52 2025 by rpki-client on console-fra.rpki-client.org