Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
File: vSpaBrm0P86hiFQdMMbcNDCq85I.mft (raw, json)
Hash identifier: rynM7zx5I3A0C6XH0co6N6uvxoEmnNAtDyyjVD33EfA=
Subject key identifier: 33:38:A8:03:2A:6D:97:3B:0D:23:B0:A6:38:75:6E:FF:0A:B7:16:B2
Authority key identifier: BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
Certificate issuer: /CN=bd2a5a06b9b43fcea188541d30c6dc3430aaf392
Certificate serial: 0194BABB2E0D3794F92A59752DEF898438E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
Manifest number: 0EFE
Signing time: Fri 31 Jan 2025 05:00:16 +0000
Manifest this update: Fri 31 Jan 2025 05:00:16 +0000
Manifest next update: Sat 01 Feb 2025 05:00:16 +0000
Files and hashes: 1: dNOXWcyjBwUcXV5oIaNhLVVvSEU.roa (hash: 4Fft0psn/kwpjVEKZgVhKcfKwufV2SXuxRSuxxvAa+k=)
2: vSpaBrm0P86hiFQdMMbcNDCq85I.crl (hash: icDwt49r1vHVPx9DLarO0fdDHjAvbG8YbqKurN86Iug=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 05:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:bb:2e:0d:37:94:f9:2a:59:75:2d:ef:89:84:38:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd2a5a06b9b43fcea188541d30c6dc3430aaf392
Validity
Not Before: Jan 31 05:00:16 2025 GMT
Not After : Feb 1 05:00:16 2025 GMT
Subject: CN=3338a8032a6d973b0d23b0a638756eff0ab716b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:d4:41:04:7b:a5:95:6e:9d:c3:a4:9d:8a:
88:e3:5e:79:45:ea:c0:09:c3:a8:56:fb:fd:78:9d:
ac:99:3e:15:31:f5:bd:60:42:dc:4a:80:24:5d:35:
05:7c:62:9a:5e:a8:2a:c4:f3:85:cb:83:7b:4d:64:
f7:58:87:cf:50:9b:93:f0:5b:19:8f:ac:8e:3a:ea:
b5:96:66:58:b6:9b:84:87:40:3b:b7:7a:12:62:9f:
a2:f7:ae:78:9f:70:ac:ce:b4:f5:7b:38:fa:61:1f:
49:c5:41:d2:f9:f1:b9:de:34:2a:9d:bf:46:ee:df:
b5:d6:86:69:e2:ad:9d:fc:fd:94:ad:d3:29:8b:65:
27:70:f4:aa:96:b4:62:21:95:87:65:08:ce:1b:4a:
50:87:40:69:05:7a:ed:b6:d9:e8:0f:c1:e4:de:3f:
5b:fb:c7:6e:4b:18:b0:22:97:67:5c:75:9b:c7:aa:
36:3b:81:ec:45:12:1e:08:84:c0:af:f5:6f:a3:91:
70:1a:6b:7c:d7:59:3d:6b:19:8f:c3:47:d6:07:2c:
e9:fe:64:31:65:2b:ca:10:fb:8c:a5:14:f9:2b:e4:
b2:57:5a:ad:59:68:1d:95:22:43:1c:0c:3b:b6:ba:
cf:e4:c2:a3:5c:7a:8b:07:ce:08:05:34:3f:16:75:
5c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:38:A8:03:2A:6D:97:3B:0D:23:B0:A6:38:75:6E:FF:0A:B7:16:B2
X509v3 Authority Key Identifier:
keyid:BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:1e:47:dd:24:84:99:09:71:39:c5:5c:61:09:8c:0d:2b:44:
9d:fb:38:8a:3b:f0:0e:40:e7:e0:bb:3b:c1:a6:1b:de:ef:22:
56:1d:21:2b:84:2f:7b:ef:0b:15:f4:32:b0:94:57:40:e2:40:
bc:fb:26:4b:f5:e8:13:c1:05:1a:ab:93:aa:ec:8e:2a:34:cc:
a3:92:c8:b7:66:ca:5a:6b:91:99:fd:f8:dc:f1:03:fb:44:42:
73:50:b2:b5:01:1d:d7:c0:84:18:d3:2d:7e:01:ee:68:18:22:
26:80:c2:85:05:3d:37:57:82:37:b9:9e:4f:50:48:6b:bd:69:
32:40:c1:23:10:bd:75:1a:fb:49:b3:29:9f:b1:3b:42:5a:34:
ad:c4:ae:46:6c:8f:ba:6e:80:22:74:a8:33:8d:eb:03:28:6b:
9e:7c:66:f4:36:f5:d5:87:99:70:5d:1f:85:91:26:cf:90:30:
44:d5:92:2d:b7:d3:61:78:f5:9f:ee:e8:c2:30:0c:8e:94:2a:
22:33:cd:47:97:22:4a:1d:91:0e:43:f8:7f:dd:5a:31:e5:09:
1f:47:67:5b:5f:93:87:38:9a:1f:47:64:13:c3:69:fb:ec:4a:
be:51:ee:86:63:af:d0:1d:7e:45:10:c5:b0:7a:8d:22:8e:c6:
09:dd:e6:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6uy4NN5T5Kll1Le+JhDjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMmE1YTA2YjliNDNmY2VhMTg4NTQxZDMwYzZkYzM0MzBh
YWYzOTIwHhcNMjUwMTMxMDUwMDE2WhcNMjUwMjAxMDUwMDE2WjAzMTEwLwYDVQQD
EygzMzM4YTgwMzJhNmQ5NzNiMGQyM2IwYTYzODc1NmVmZjBhYjcxNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3DUQQR7pZVuncOknYqI4155RerA
CcOoVvv9eJ2smT4VMfW9YELcSoAkXTUFfGKaXqgqxPOFy4N7TWT3WIfPUJuT8FsZ
j6yOOuq1lmZYtpuEh0A7t3oSYp+i9654n3CszrT1ezj6YR9JxUHS+fG53jQqnb9G
7t+11oZp4q2d/P2UrdMpi2UncPSqlrRiIZWHZQjOG0pQh0BpBXrtttnoD8Hk3j9b
+8duSxiwIpdnXHWbx6o2O4HsRRIeCITAr/Vvo5FwGmt811k9axmPw0fWByzp/mQx
ZSvKEPuMpRT5K+SyV1qtWWgdlSJDHAw7trrP5MKjXHqLB84IBTQ/FnVcYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDM4qAMqbZc7DSOwpjh1bv8KtxayMB8GA1UdIwQY
MBaAFL0qWga5tD/OoYhUHTDG3DQwqvOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jYWYwMzQtY2JlMi00ZDJkLWEwMmIt
NWQzNDcwNGI3Yzg4LzEvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jYWYwMzQtY2JlMi00ZDJkLWEwMmItNWQzNDcwNGI3Yzg4
LzEvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdR5H3SSE
mQlxOcVcYQmMDStEnfs4ijvwDkDn4Ls7waYb3u8iVh0hK4Qve+8LFfQysJRXQOJA
vPsmS/XoE8EFGquTquyOKjTMo5LIt2bKWmuRmf343PED+0RCc1CytQEd18CEGNMt
fgHuaBgiJoDChQU9N1eCN7meT1BIa71pMkDBIxC9dRr7SbMpn7E7Qlo0rcSuRmyP
um6AInSoM43rAyhrnnxm9Db11YeZcF0fhZEmz5AwRNWSLbfTYXj1n+7owjAMjpQq
IjPNR5ciSh2RDkP4f91aMeUJH0dnW1+ThziaH0dkE8Np++xKvlHuhmOv0B1+RRDF
sHqNIo7GCd3mSg==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:35:17 2025 by rpki-client on console-fra.rpki-client.org