Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File: NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier: HHm3l1AmuEB9X51ut4DNSISIliciDhjZJlodBSjiXo4=
Subject key identifier: 95:A1:F1:6B:1C:81:14:9E:60:82:CF:A2:6C:03:AC:83:6A:1D:13:AA
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer: /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial: 0194BA8456F833BE54DF36F5B8145212FFDC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number: 0CC2
Signing time: Fri 31 Jan 2025 04:00:22 +0000
Manifest this update: Fri 31 Jan 2025 04:00:22 +0000
Manifest next update: Sat 01 Feb 2025 04:00:22 +0000
Files and hashes: 1: 5KKpk9qEveM_ucLAOYR8lDjQsvs.roa (hash: FsEABHDgSk6DaTySsepeca9yMLpdy1J0E11YMBOaZ9k=)
2: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: dw0tdwiF/Ik8myKeNnJiSDtHx2CCZEAcxaOVIUilotU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 04:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:84:56:f8:33:be:54:df:36:f5:b8:14:52:12:ff:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Validity
Not Before: Jan 31 04:00:22 2025 GMT
Not After : Feb 1 04:00:22 2025 GMT
Subject: CN=95a1f16b1c81149e6082cfa26c03ac836a1d13aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:63:bd:81:df:a4:ab:c5:46:a1:b4:f3:bc:06:
a6:46:69:27:85:be:0d:1e:56:3e:77:9a:3a:9d:1e:
95:3d:52:8e:4e:32:e5:dc:c2:42:93:6c:0c:0b:8a:
37:00:0d:f0:66:fb:6f:e1:bf:30:21:0e:f6:cc:18:
ea:6e:85:61:92:39:75:3d:d4:2c:ba:73:66:ba:11:
7f:44:18:76:04:ab:2e:b3:0b:9b:a9:5b:94:e5:28:
1e:fa:d2:5d:73:70:60:52:d2:f8:17:d9:05:02:4d:
e0:66:f0:7a:25:92:39:e7:a5:f0:1e:1f:b7:02:85:
a0:94:3c:12:5f:1a:27:ff:94:cb:7d:ea:61:0b:59:
ec:b9:2b:f0:54:6f:0d:70:24:ab:a4:94:5f:dc:a4:
de:a1:a0:25:65:02:a5:a6:0b:dc:8a:8d:3d:31:64:
37:cd:83:18:68:2b:ea:19:fe:dc:0e:aa:8c:72:3f:
0a:0b:34:27:9b:7f:0b:78:3e:e6:32:f1:f7:a2:a2:
d2:82:7b:b9:ed:7d:bf:9f:9d:f0:b9:44:0a:fc:e8:
41:6d:97:1c:1e:f9:47:bc:9f:88:31:3e:1a:6c:02:
af:68:1f:c5:72:c9:3f:c0:1d:6b:a9:0d:59:18:e0:
7b:6b:3e:46:56:a0:2b:e2:64:cb:7a:c9:3e:e8:84:
9e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A1:F1:6B:1C:81:14:9E:60:82:CF:A2:6C:03:AC:83:6A:1D:13:AA
X509v3 Authority Key Identifier:
keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:c2:db:99:b4:4c:84:89:a7:11:79:2f:9d:8e:5d:75:c3:dc:
aa:b6:a5:2b:06:33:f6:8f:1e:d5:90:04:a7:be:7b:0e:00:04:
00:98:20:c9:e1:3b:ec:b8:6a:15:6c:47:c6:c5:fa:23:42:7e:
a4:84:f5:2b:11:9a:1f:b2:62:ca:36:89:8e:ee:e2:48:4f:40:
d3:5a:2d:71:94:eb:78:56:27:6f:51:08:a4:6c:55:8e:f5:9f:
61:15:3f:47:eb:d9:6c:6f:a3:53:2d:19:7b:21:ac:12:c9:8b:
1f:f7:64:85:30:f9:49:6a:08:f0:3b:3c:d4:4d:76:8d:2a:a4:
00:99:a8:c5:cb:03:6b:f7:25:af:2c:3d:46:37:c9:d4:c7:d4:
33:b7:d6:2a:20:8c:4a:5a:ba:4f:1e:a4:e8:5e:51:a0:eb:77:
c4:8e:15:d4:d5:76:93:22:a6:ce:06:50:52:73:74:ff:1a:b1:
f9:c1:a3:16:6e:6f:84:69:c3:10:7b:53:d3:10:60:a5:94:7b:
ba:92:55:74:f5:c2:3f:b5:b8:de:f0:5b:ea:c5:f1:90:46:78:
30:12:f6:4c:16:7d:7c:3d:c8:3d:95:54:36:63:3c:6e:1d:34:
3b:f5:0c:e5:f1:a3:9a:f0:16:e2:57:26:ee:1d:fc:cb:b7:c5:
b2:cd:5b:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hFb4M75U3zb1uBRSEv/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjUwMTMxMDQwMDIyWhcNMjUwMjAxMDQwMDIyWjAzMTEwLwYDVQQD
Eyg5NWExZjE2YjFjODExNDllNjA4MmNmYTI2YzAzYWM4MzZhMWQxM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GO9gd+kq8VGobTzvAamRmknhb4N
HlY+d5o6nR6VPVKOTjLl3MJCk2wMC4o3AA3wZvtv4b8wIQ72zBjqboVhkjl1PdQs
unNmuhF/RBh2BKsuswubqVuU5Sge+tJdc3BgUtL4F9kFAk3gZvB6JZI556XwHh+3
AoWglDwSXxon/5TLfephC1nsuSvwVG8NcCSrpJRf3KTeoaAlZQKlpgvcio09MWQ3
zYMYaCvqGf7cDqqMcj8KCzQnm38LeD7mMvH3oqLSgnu57X2/n53wuUQK/OhBbZcc
HvlHvJ+IMT4abAKvaB/Fcsk/wB1rqQ1ZGOB7az5GVqAr4mTLesk+6ISekQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWh8WscgRSeYILPomwDrINqHROqMB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcLbmbRM
hImnEXkvnY5ddcPcqralKwYz9o8e1ZAEp757DgAEAJggyeE77LhqFWxHxsX6I0J+
pIT1KxGaH7JiyjaJju7iSE9A01otcZTreFYnb1EIpGxVjvWfYRU/R+vZbG+jUy0Z
eyGsEsmLH/dkhTD5SWoI8Ds81E12jSqkAJmoxcsDa/clryw9RjfJ1MfUM7fWKiCM
Slq6Tx6k6F5RoOt3xI4V1NV2kyKmzgZQUnN0/xqx+cGjFm5vhGnDEHtT0xBgpZR7
upJVdPXCP7W43vBb6sXxkEZ4MBL2TBZ9fD3IPZVUNmM8bh00O/UM5fGjmvAW4lcm
7h38y7fFss1bLA==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:28:11 2025 by rpki-client on console-fra.rpki-client.org