Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
File: KqJOWBL8wxBrnrCusA5ie6I10FY.mft (raw, json)
Hash identifier: EV6uLPFtzWr6SCo7hoZlmci7StleY/ddG84wz2sN8II=
Subject key identifier: C3:14:D5:44:56:D5:E7:D0:0E:54:77:FF:7C:07:C8:21:49:20:CB:64
Authority key identifier: 2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
Certificate issuer: /CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Certificate serial: 0194BB6034D52463609A314D0821EB2AD48C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
Manifest number: 06BD
Signing time: Fri 31 Jan 2025 08:00:31 +0000
Manifest this update: Fri 31 Jan 2025 08:00:31 +0000
Manifest next update: Sat 01 Feb 2025 08:00:31 +0000
Files and hashes: 1: KqJOWBL8wxBrnrCusA5ie6I10FY.crl (hash: fb/EZxa+SnmARE5H4tzU5yzmbqVqQljljfyf8V+0YpA=)
2: cNLYAjPMpLbcGOrpCslyUiLMP34.roa (hash: JmHm3+B47TlFvMWFE2W9uNvIfC/wvizwOPaVYVDTxDo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:60:34:d5:24:63:60:9a:31:4d:08:21:eb:2a:d4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Validity
Not Before: Jan 31 08:00:31 2025 GMT
Not After : Feb 1 08:00:31 2025 GMT
Subject: CN=c314d54456d5e7d00e5477ff7c07c8214920cb64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b1:f6:7f:34:a0:c0:75:5b:62:1b:52:ed:2b:
87:9d:3f:9c:e7:ff:4e:bb:19:81:46:2e:e2:68:c8:
47:a2:6c:46:27:27:a1:f8:02:16:f7:2f:96:14:4a:
a8:01:2b:2a:6c:5d:a0:a5:cd:0d:c5:8c:16:ea:87:
5b:b0:17:23:32:c0:3e:a9:37:17:a6:6d:57:a0:29:
f1:98:73:02:7f:82:42:63:a4:fd:98:f2:67:8d:ef:
1b:af:41:9b:e1:c7:58:be:0a:d4:65:43:5b:f8:14:
bf:c1:d3:81:d9:73:60:fb:a4:8d:15:39:51:73:35:
ee:c5:72:a8:f6:bf:73:0c:36:25:88:90:29:a4:6c:
54:a1:0f:a6:0d:49:7f:e5:c6:22:59:a3:de:d0:58:
80:d4:5a:bb:7a:2e:c3:07:c0:6d:1a:9f:69:49:eb:
f4:96:46:8c:0e:9a:6e:fe:21:03:7c:58:9e:a7:20:
64:5b:b7:c5:44:56:04:08:1d:34:ad:53:56:ee:f5:
f6:c4:52:ba:5a:56:5a:76:35:07:29:3b:d2:32:4a:
eb:90:02:45:4a:5c:00:ba:15:b2:22:24:48:47:f8:
8d:6b:6d:2e:1a:88:13:9e:37:f9:cc:7a:07:2f:eb:
55:33:45:c9:ed:4b:7e:23:68:e2:80:f5:16:da:58:
69:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:14:D5:44:56:D5:E7:D0:0E:54:77:FF:7C:07:C8:21:49:20:CB:64
X509v3 Authority Key Identifier:
keyid:2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:ad:b9:1d:c5:05:74:0a:36:ad:70:0f:2d:55:f3:11:10:c2:
15:00:82:5c:fe:af:54:ab:31:43:12:f3:2b:1a:47:13:a5:a6:
e5:c9:ee:ba:16:e3:90:9e:d3:ec:ab:8a:20:0a:cc:13:59:a6:
26:9d:95:ef:cf:ed:3d:95:d3:e7:8c:f0:23:2c:98:86:f2:ea:
59:1c:ed:41:63:00:6f:70:f0:d7:a9:4c:1a:fa:af:89:09:eb:
c4:b6:e2:36:b8:74:cd:46:a6:3a:74:99:44:51:4a:cb:8b:09:
69:47:01:07:f2:53:dd:86:92:f6:bb:51:22:c2:f9:2b:4a:71:
e1:fe:0c:a6:8f:0a:dc:6c:ee:ae:7b:27:1c:68:bf:d9:8c:74:
ac:31:1d:31:d2:8b:e3:be:77:8e:98:01:8d:0c:01:f9:a9:8a:
57:c2:b8:6c:4a:5d:89:f4:ae:02:28:5f:07:48:46:5c:56:8d:
a4:21:a0:95:90:11:df:cc:61:5b:6b:d2:3c:04:e3:2e:a7:07:
19:84:fb:79:e2:0b:d6:db:81:5a:a3:42:24:70:66:3c:85:a5:
15:52:62:4d:69:fb:24:fd:ce:bd:fa:a4:f7:ef:f0:35:14:53:
94:04:31:da:1f:2f:d3:a4:67:f7:e8:1f:12:56:a7:d4:e1:4c:
09:d7:c3:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7YDTVJGNgmjFNCCHrKtSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTI0ZTU4MTJmY2MzMTA2YjllYjBhZWIwMGU2MjdiYTIz
NWQwNTYwHhcNMjUwMTMxMDgwMDMxWhcNMjUwMjAxMDgwMDMxWjAzMTEwLwYDVQQD
EyhjMzE0ZDU0NDU2ZDVlN2QwMGU1NDc3ZmY3YzA3YzgyMTQ5MjBjYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbH2fzSgwHVbYhtS7SuHnT+c5/9O
uxmBRi7iaMhHomxGJyeh+AIW9y+WFEqoASsqbF2gpc0NxYwW6odbsBcjMsA+qTcX
pm1XoCnxmHMCf4JCY6T9mPJnje8br0Gb4cdYvgrUZUNb+BS/wdOB2XNg+6SNFTlR
czXuxXKo9r9zDDYliJAppGxUoQ+mDUl/5cYiWaPe0FiA1Fq7ei7DB8BtGp9pSev0
lkaMDppu/iEDfFiepyBkW7fFRFYECB00rVNW7vX2xFK6WlZadjUHKTvSMkrrkAJF
SlwAuhWyIiRIR/iNa20uGogTnjf5zHoHL+tVM0XJ7Ut+I2jigPUW2lhp3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMU1URW1efQDlR3/3wHyCFJIMtkMB8GA1UdIwQY
MBaAFCqiTlgS/MMQa56wrrAOYnuiNdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgt
NjY4NThiYzhlYjc3LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgtNjY4NThiYzhlYjc3
LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADq25HcUF
dAo2rXAPLVXzERDCFQCCXP6vVKsxQxLzKxpHE6Wm5cnuuhbjkJ7T7KuKIArME1mm
Jp2V78/tPZXT54zwIyyYhvLqWRztQWMAb3Dw16lMGvqviQnrxLbiNrh0zUamOnSZ
RFFKy4sJaUcBB/JT3YaS9rtRIsL5K0px4f4Mpo8K3GzurnsnHGi/2Yx0rDEdMdKL
4753jpgBjQwB+amKV8K4bEpdifSuAihfB0hGXFaNpCGglZAR38xhW2vSPATjLqcH
GYT7eeIL1tuBWqNCJHBmPIWlFVJiTWn7JP3Ovfqk9+/wNRRTlAQx2h8v06Rn9+gf
Elan1OFMCdfDNg==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:35:21 2025 by rpki-client on console-fra.rpki-client.org