Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: hS/8BMo/BDfOrLw1IcvxYfe+jaz2s4XV2s13GIiOeHw=
Subject key identifier: E3:59:7A:D4:C6:2E:AE:C4:47:B3:E9:5B:6F:E9:55:49:E9:A7:D6:6E
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 0194BAF280D0101C9A431FB8C0C501866964
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 1429
Signing time: Fri 31 Jan 2025 06:00:42 +0000
Manifest this update: Fri 31 Jan 2025 06:00:42 +0000
Manifest next update: Sat 01 Feb 2025 06:00:42 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: nquNj77oy5EDkaOJIynXd/ji7D1XUKKU09d6XxAxb68=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:f2:80:d0:10:1c:9a:43:1f:b8:c0:c5:01:86:69:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Jan 31 06:00:42 2025 GMT
Not After : Feb 1 06:00:42 2025 GMT
Subject: CN=e3597ad4c62eaec447b3e95b6fe95549e9a7d66e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:75:93:a8:af:75:f7:19:52:25:de:de:e0:76:
a2:5a:4b:cf:44:a5:7c:01:72:f9:97:92:f2:58:5f:
9d:70:e6:89:c5:8b:12:f8:0b:43:1e:12:a1:26:83:
4e:3d:43:6f:98:18:5f:bf:40:e8:96:3f:14:6e:80:
c1:14:80:43:8e:db:1f:c6:4e:d9:4e:89:75:d4:90:
01:ad:67:b7:70:e1:af:44:91:74:44:32:27:7b:cc:
46:6b:81:61:f9:52:c3:5a:0c:20:99:29:d0:46:c5:
bd:c0:3d:6b:15:5c:b8:c8:52:08:41:23:58:20:2f:
3b:96:53:04:b8:12:df:7e:31:d1:3b:6c:9d:2a:e6:
14:3b:08:09:d4:82:6b:9a:b1:61:11:96:8a:79:bc:
a4:0e:bd:a5:f4:08:55:f9:70:f0:a5:2c:0f:79:0c:
57:af:58:0e:0d:4c:9b:51:f5:ea:46:16:fe:94:5b:
a4:a2:1e:4e:49:b1:78:8a:1c:8e:62:93:89:da:cb:
a2:b7:84:3f:65:37:9a:9a:76:0a:62:66:46:4b:5c:
50:1c:78:00:d9:8d:05:27:63:2a:e4:64:f0:64:b9:
c9:b3:6e:f1:5d:7e:63:92:7a:c2:47:d2:12:0f:af:
d8:e2:a5:af:b7:84:0f:57:38:7a:b6:05:73:80:e6:
10:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:59:7A:D4:C6:2E:AE:C4:47:B3:E9:5B:6F:E9:55:49:E9:A7:D6:6E
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:35:00:b9:64:1d:5c:ff:8b:25:d3:4a:74:f1:bc:d4:41:a8:
f1:99:3e:13:ec:98:12:bd:5a:24:5e:5e:b8:c4:58:7c:d7:44:
37:9c:24:0b:41:c2:af:4a:42:1d:05:d8:2c:e6:e4:87:7e:81:
e3:4b:24:70:5d:39:c6:1f:7c:f5:aa:c5:da:40:c5:6e:8d:37:
64:2b:82:c2:67:74:8f:20:11:ec:2c:62:a1:08:07:40:c0:85:
6b:ef:88:c6:1e:a8:b5:28:84:36:70:4e:b1:86:69:07:bc:92:
b1:43:f4:c1:a9:3c:87:db:c5:88:82:1f:cd:e9:f1:93:ee:5b:
32:0f:0c:88:77:16:02:05:9f:ac:25:d0:7c:81:d1:e7:77:96:
25:a0:51:4d:a6:3d:50:0b:0d:d9:85:8f:a4:35:32:0b:83:43:
1c:8f:10:80:cf:d1:72:c0:2c:ee:66:9a:34:74:2b:b6:d2:d7:
4b:72:2b:28:b5:71:15:eb:3e:5a:6a:d2:a8:b5:32:e9:0c:bd:
64:43:54:e5:7f:98:7b:8a:2e:dd:b8:e4:6c:a3:2f:ea:65:81:
3b:d3:ad:a7:7e:32:cf:b3:f6:bb:39:c0:dd:ad:5e:34:b0:d1:
a9:f2:1a:9b:1c:1f:c0:e3:bb:14:4a:d9:3f:fc:ce:5a:73:4e:
ec:7b:27:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68oDQEByaQx+4wMUBhmlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwMTMxMDYwMDQyWhcNMjUwMjAxMDYwMDQyWjAzMTEwLwYDVQQD
EyhlMzU5N2FkNGM2MmVhZWM0NDdiM2U5NWI2ZmU5NTU0OWU5YTdkNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHWTqK919xlSJd7e4HaiWkvPRKV8
AXL5l5LyWF+dcOaJxYsS+AtDHhKhJoNOPUNvmBhfv0Dolj8UboDBFIBDjtsfxk7Z
Tol11JABrWe3cOGvRJF0RDIne8xGa4Fh+VLDWgwgmSnQRsW9wD1rFVy4yFIIQSNY
IC87llMEuBLffjHRO2ydKuYUOwgJ1IJrmrFhEZaKebykDr2l9AhV+XDwpSwPeQxX
r1gODUybUfXqRhb+lFukoh5OSbF4ihyOYpOJ2suit4Q/ZTeamnYKYmZGS1xQHHgA
2Y0FJ2Mq5GTwZLnJs27xXX5jknrCR9ISD6/Y4qWvt4QPVzh6tgVzgOYQPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONZetTGLq7ER7PpW2/pVUnpp9ZuMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADDUAuWQd
XP+LJdNKdPG81EGo8Zk+E+yYEr1aJF5euMRYfNdEN5wkC0HCr0pCHQXYLObkh36B
40skcF05xh989arF2kDFbo03ZCuCwmd0jyAR7CxioQgHQMCFa++Ixh6otSiENnBO
sYZpB7ySsUP0wak8h9vFiIIfzenxk+5bMg8MiHcWAgWfrCXQfIHR53eWJaBRTaY9
UAsN2YWPpDUyC4NDHI8QgM/RcsAs7maaNHQrttLXS3IrKLVxFes+WmrSqLUy6Qy9
ZENU5X+Ye4ou3bjkbKMv6mWBO9Otp34yz7P2uznA3a1eNLDRqfIamxwfwOO7FErZ
P/zOWnNO7HsnXQ==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:33:37 2025 by rpki-client on console-fra.rpki-client.org