Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
File: qvHI3UCIS0nwiAZNPBANKhiahHQ.mft (raw, json)
Hash identifier: 5x4wxx6h+DbmR+GEdyNqJZngndU/axVuMCBZBqK0ixQ=
Subject key identifier: 4F:79:D4:4D:30:65:B2:90:ED:B1:D2:1F:25:EB:CF:90:D4:68:4B:8F
Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
Certificate issuer: /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Certificate serial: 0194C350BBC21A2C92B7A34CFCD12C2CE0CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
Manifest number: 8A
Signing time: Sat 01 Feb 2025 21:00:35 +0000
Manifest this update: Sat 01 Feb 2025 21:00:35 +0000
Manifest next update: Sun 02 Feb 2025 21:00:35 +0000
Files and hashes: 1: UGApytPJPEIPFbzs4L0oU_KIdHM.roa (hash: cf5ZtJTmEf4eW9FhhtNmIkoS04da9/P7WQkJtlas3+0=)
2: qvHI3UCIS0nwiAZNPBANKhiahHQ.crl (hash: AlVKhB0WyHJlAehxK/DxG4JScX5wpa6g5JijYISndTw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:50:bb:c2:1a:2c:92:b7:a3:4c:fc:d1:2c:2c:e0:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Validity
Not Before: Feb 1 21:00:35 2025 GMT
Not After : Feb 2 21:00:35 2025 GMT
Subject: CN=4f79d44d3065b290edb1d21f25ebcf90d4684b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2d:d2:fc:9a:d1:26:7d:a1:9a:e4:f4:8a:fd:
45:2c:d0:26:27:d9:62:94:8b:6a:72:5d:a5:c0:6d:
dc:1b:15:86:dd:f1:4c:fc:7a:33:8f:8e:e8:1d:b0:
ce:b4:b0:41:61:d0:f9:fd:c6:3b:1c:6b:73:75:fc:
38:15:8d:82:55:62:8a:ec:36:b3:62:07:a3:0e:07:
49:4c:5e:54:97:0c:36:9b:39:50:ce:8a:07:02:c8:
74:1b:5a:46:bb:5c:d9:99:a8:8e:b3:b4:59:bf:b5:
c0:c3:81:32:05:c4:c6:de:2f:bc:88:7e:80:c1:9b:
61:f7:aa:c4:f8:44:e3:bc:8a:3d:22:d1:79:64:db:
c6:b4:5e:9e:0c:b3:4a:77:f0:2d:99:58:ef:a0:6f:
a7:85:07:99:df:bf:ea:8a:06:b9:49:cb:23:1a:b4:
13:ee:d5:9b:77:b7:9d:a8:f5:13:f5:c4:f0:a6:2e:
a2:b7:d8:a2:b2:96:75:ac:2a:eb:da:aa:4f:ac:f3:
9e:04:a1:15:cf:c4:83:31:c3:a1:f7:7f:b3:ec:40:
91:0c:d6:12:87:75:9c:d3:e1:05:60:e2:3a:3d:39:
57:cd:b0:1b:5d:2f:53:38:fc:ea:3d:78:27:5e:9c:
86:56:06:7f:ca:96:a5:3f:67:a3:f8:50:0b:18:71:
16:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:79:D4:4D:30:65:B2:90:ED:B1:D2:1F:25:EB:CF:90:D4:68:4B:8F
X509v3 Authority Key Identifier:
keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:7e:a8:d9:b8:9f:f0:4b:d7:0c:25:38:3d:77:67:e2:38:c8:
0d:cc:1b:0e:d7:69:d2:2a:1f:0b:b5:9c:ff:ea:9c:85:99:a4:
ac:ec:ff:d0:7b:cd:74:af:8d:b8:f3:27:d0:1d:38:d5:e2:fc:
3c:51:b9:e0:3a:a2:6c:d7:0c:d8:c9:91:b3:b1:35:bd:dc:64:
d3:eb:7f:f8:3d:74:43:2b:e3:ae:9d:e5:e5:a2:8a:73:32:c4:
21:a6:d5:98:36:44:b7:15:1d:68:b2:b3:16:75:d5:20:dc:41:
f3:33:08:9a:9c:51:99:74:9d:b4:21:1b:7b:d1:e1:5b:b5:b4:
5e:fd:4f:ed:e2:d7:4d:35:af:0c:07:46:b0:2b:24:ce:ca:25:
2a:b3:71:39:79:f9:d2:d7:b3:70:a9:f1:0a:44:3b:0c:97:58:
d6:b9:04:7b:fc:96:d6:69:b6:a6:90:21:f4:19:58:2e:44:6a:
05:d5:df:7f:01:34:64:e0:0a:81:e0:1a:8f:f4:f1:44:f5:5d:
f3:91:2b:4e:e3:74:3b:9d:49:11:f7:8f:be:37:23:3a:82:41:
75:56:eb:f8:8f:f6:33:9a:1b:6f:2b:a9:68:99:ca:67:8c:fd:
48:2f:11:a8:75:54:11:b8:e9:80:07:82:1e:b1:56:d1:f9:d3:
bb:93:b6:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDULvCGiySt6NM/NEsLODPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5
YTg0NzQwHhcNMjUwMjAxMjEwMDM1WhcNMjUwMjAyMjEwMDM1WjAzMTEwLwYDVQQD
Eyg0Zjc5ZDQ0ZDMwNjViMjkwZWRiMWQyMWYyNWViY2Y5MGQ0Njg0YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC3S/JrRJn2hmuT0iv1FLNAmJ9li
lItqcl2lwG3cGxWG3fFM/Hozj47oHbDOtLBBYdD5/cY7HGtzdfw4FY2CVWKK7Daz
YgejDgdJTF5Ulww2mzlQzooHAsh0G1pGu1zZmaiOs7RZv7XAw4EyBcTG3i+8iH6A
wZth96rE+ETjvIo9ItF5ZNvGtF6eDLNKd/AtmVjvoG+nhQeZ37/qiga5ScsjGrQT
7tWbd7edqPUT9cTwpi6it9iispZ1rCrr2qpPrPOeBKEVz8SDMcOh93+z7ECRDNYS
h3Wc0+EFYOI6PTlXzbAbXS9TOPzqPXgnXpyGVgZ/ypalP2ej+FALGHEW4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE951E0wZbKQ7bHSHyXrz5DUaEuPMB8GA1UdIwQY
MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt
M2IzMzlkMDgxZjgzLzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz
LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN36o2bif
8EvXDCU4PXdn4jjIDcwbDtdp0iofC7Wc/+qchZmkrOz/0HvNdK+NuPMn0B041eL8
PFG54DqibNcM2MmRs7E1vdxk0+t/+D10Qyvjrp3l5aKKczLEIabVmDZEtxUdaLKz
FnXVINxB8zMImpxRmXSdtCEbe9HhW7W0Xv1P7eLXTTWvDAdGsCskzsolKrNxOXn5
0tezcKnxCkQ7DJdY1rkEe/yW1mm2ppAh9BlYLkRqBdXffwE0ZOAKgeAaj/TxRPVd
85ErTuN0O51JEfePvjcjOoJBdVbr+I/2M5obbyupaJnKZ4z9SC8RqHVUEbjpgAeC
HrFW0fnTu5O2/A==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:04:08 2025 by rpki-client