Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier: P4H9BfidRRDyC0Y4XAfeObpaBdjX+b9xPFvE3CXEnpA=
Subject key identifier: BD:87:DB:98:AC:01:76:70:BE:20:EE:6C:DF:00:27:75:7F:D0:EB:16
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 0194BA8425E27C036903C341B77307373540
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number: 142C
Signing time: Fri 31 Jan 2025 04:00:10 +0000
Manifest this update: Fri 31 Jan 2025 04:00:10 +0000
Manifest next update: Sat 01 Feb 2025 04:00:10 +0000
Files and hashes: 1: K1XShXZQLJQkxEcU15OA0HwtuE4.roa (hash: lR9HlOiSyGj9vLqR1w7rZBLyMLCqRl1ljU4Fo8PjkAs=)
2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: ENQWcyC3xHxsPnGvX/UWMLUBp7t42btv8XQIKemVknk=)
3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:84:25:e2:7c:03:69:03:c3:41:b7:73:07:37:35:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Jan 31 04:00:10 2025 GMT
Not After : Feb 1 04:00:10 2025 GMT
Subject: CN=bd87db98ac017670be20ee6cdf0027757fd0eb16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:04:4c:bc:ff:00:13:b0:dc:2b:f2:26:74:49:
42:64:32:42:f0:7c:a7:dd:a9:14:11:e0:cc:81:f6:
08:8f:8c:22:3a:08:7e:c6:d5:e5:6f:3f:d3:e8:25:
94:3d:ea:fa:07:e2:3a:30:45:d7:fe:a6:d1:ad:d1:
57:ab:d2:b3:24:c4:69:35:04:6f:12:9c:19:a9:30:
ec:62:dd:c8:2a:99:f9:c8:7d:9f:f8:b1:73:b6:ec:
11:89:8f:69:5d:df:4c:6b:8a:35:52:ac:df:3b:a5:
8f:bf:d9:8a:d2:5a:96:03:39:aa:be:aa:15:fe:ab:
cc:68:5a:25:53:82:78:cc:13:0f:41:aa:51:55:5e:
9c:cd:9b:8d:e1:fe:c7:19:e3:39:21:cc:bf:68:ff:
86:0f:64:4e:aa:fb:12:7a:c6:e5:82:3a:69:82:4c:
e5:0b:a1:18:82:b8:5f:8d:f7:39:fe:06:11:3b:16:
92:76:01:0d:05:28:9b:74:4f:03:ab:f1:68:a0:f8:
cf:89:32:b6:f9:f3:34:59:2e:df:16:80:b9:c8:5c:
b6:b1:de:15:2e:7f:4c:e1:d7:20:51:68:48:5d:05:
6a:30:d9:50:5b:cd:e4:aa:02:33:46:e2:24:4e:01:
9f:2d:94:ea:54:68:4b:9a:b8:54:da:d3:24:ce:f6:
56:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:87:DB:98:AC:01:76:70:BE:20:EE:6C:DF:00:27:75:7F:D0:EB:16
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:22:25:7a:d1:aa:3f:95:fa:ed:f8:fa:65:e8:3b:d3:80:4f:
2e:78:de:a2:db:28:43:65:4c:16:b9:53:ea:c0:62:16:2b:e2:
8b:ba:ff:9f:fa:b8:6a:cc:cd:d3:12:45:f3:62:11:e2:a1:55:
77:c7:50:81:45:ca:74:50:3a:ec:83:6a:68:e8:d7:27:e8:dd:
6d:af:13:ee:84:24:e7:e5:fb:01:05:6a:4f:6e:9b:9b:e1:12:
a8:e0:03:a3:d6:64:55:fc:1d:1b:f9:ba:bb:a5:81:f5:f7:fa:
fa:a0:f5:2d:81:dd:ee:e0:ca:1f:38:91:a3:3a:04:fd:53:af:
37:01:0b:b8:d9:9f:01:ee:0a:ac:53:c6:f3:29:e0:8d:26:7f:
67:c4:1a:91:ff:77:f3:e8:d3:66:23:b2:93:9e:05:2f:3d:4f:
0e:e6:22:0c:c1:0e:36:4d:2c:c5:4e:ba:db:ee:1d:fe:7c:0e:
48:f0:16:c2:2f:57:1d:5c:96:ee:5c:d1:1e:1b:01:ba:a5:74:
8b:f1:6e:86:49:e6:0e:c4:9b:61:bf:6d:bb:37:77:00:86:39:
c9:df:19:ae:9b:fe:15:95:a5:0a:f7:96:c9:d0:e8:5f:fe:20:
0a:7c:ec:a8:97:7c:23:2d:02:f2:13:81:65:39:8e:a2:6a:da:
76:f0:b8:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hCXifANpA8NBt3MHNzVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjUwMTMxMDQwMDEwWhcNMjUwMjAxMDQwMDEwWjAzMTEwLwYDVQQD
EyhiZDg3ZGI5OGFjMDE3NjcwYmUyMGVlNmNkZjAwMjc3NTdmZDBlYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gRMvP8AE7DcK/ImdElCZDJC8Hyn
3akUEeDMgfYIj4wiOgh+xtXlbz/T6CWUPer6B+I6MEXX/qbRrdFXq9KzJMRpNQRv
EpwZqTDsYt3IKpn5yH2f+LFztuwRiY9pXd9Ma4o1UqzfO6WPv9mK0lqWAzmqvqoV
/qvMaFolU4J4zBMPQapRVV6czZuN4f7HGeM5Icy/aP+GD2ROqvsSesblgjppgkzl
C6EYgrhfjfc5/gYROxaSdgENBSibdE8Dq/FooPjPiTK2+fM0WS7fFoC5yFy2sd4V
Ln9M4dcgUWhIXQVqMNlQW83kqgIzRuIkTgGfLZTqVGhLmrhU2tMkzvZWfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2H25isAXZwviDubN8AJ3V/0OsWMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArCIletGq
P5X67fj6Zeg704BPLnjeotsoQ2VMFrlT6sBiFivii7r/n/q4aszN0xJF82IR4qFV
d8dQgUXKdFA67INqaOjXJ+jdba8T7oQk5+X7AQVqT26bm+ESqOADo9ZkVfwdG/m6
u6WB9ff6+qD1LYHd7uDKHziRozoE/VOvNwELuNmfAe4KrFPG8yngjSZ/Z8Qakf93
8+jTZiOyk54FLz1PDuYiDMEONk0sxU662+4d/nwOSPAWwi9XHVyW7lzRHhsBuqV0
i/FuhknmDsSbYb9tuzd3AIY5yd8Zrpv+FZWlCveWydDoX/4gCnzsqJd8Iy0C8hOB
ZTmOomradvC49A==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:33:56 2025 by rpki-client on console-fra.rpki-client.org