Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
File: CEGOlpDQ-3Eavzh04cUApidpPAo.mft (raw, json)
Hash identifier: h4aVloVXT9kIZr2pkcPtezLn/bnxK441a5IQQPwZFGU=
Subject key identifier: 5B:99:8E:22:96:5B:35:92:9F:46:2B:EE:C4:08:9E:43:39:88:3C:A8
Authority key identifier: 08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
Certificate issuer: /CN=08418e9690d0fb711abf3874e1c500a627693c0a
Certificate serial: 0194BAF25FD77DB5DCDB78E057B812A0EA34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
Manifest number: 0D3D
Signing time: Fri 31 Jan 2025 06:00:33 +0000
Manifest this update: Fri 31 Jan 2025 06:00:33 +0000
Manifest next update: Sat 01 Feb 2025 06:00:33 +0000
Files and hashes: 1: CEGOlpDQ-3Eavzh04cUApidpPAo.crl (hash: B0sE/wTT9d1122ZBuvpCSugDozTozHcq6NDJJsaPeIk=)
2: WXokG7cKriDfqWoaHraaATikOZM.roa (hash: l03IsJpcA1hZ2SxrPxTFFWqboVv9JIckV/GXuLQrkcI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:f2:5f:d7:7d:b5:dc:db:78:e0:57:b8:12:a0:ea:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08418e9690d0fb711abf3874e1c500a627693c0a
Validity
Not Before: Jan 31 06:00:33 2025 GMT
Not After : Feb 1 06:00:33 2025 GMT
Subject: CN=5b998e22965b35929f462beec4089e4339883ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:83:55:ea:a7:77:4f:09:f2:06:0a:07:1e:27:
c1:ca:2c:ec:5a:87:ca:ea:5b:8c:7c:a2:8d:e1:cc:
20:15:03:03:a8:d5:40:bd:e2:e5:3b:e6:b2:e1:60:
0a:9b:2d:aa:50:aa:f2:fe:17:d5:57:9c:d7:43:23:
aa:63:a5:b6:e3:da:9c:7e:6f:d8:3b:64:f3:5f:01:
6c:c1:fb:a4:0d:28:cc:3a:d3:7d:a3:69:b5:98:0e:
a7:a0:6a:0c:df:10:70:d7:1d:68:90:94:22:a5:76:
70:ef:98:89:9c:ae:09:35:17:1e:84:fe:6c:61:4d:
a6:37:b2:bf:27:e5:25:4e:34:a8:b6:dd:db:90:aa:
2c:d0:d1:7b:4f:17:43:c7:a8:1a:0a:9a:3d:cb:f8:
89:05:8c:64:1a:41:3c:ae:c5:75:d4:c5:a4:87:2c:
1e:91:5d:be:3b:69:1a:f7:d8:2f:6d:74:dd:20:24:
4b:75:d8:ed:90:d6:73:7c:d5:97:98:77:56:ce:6e:
12:27:05:91:df:32:72:36:fd:e7:ce:2d:6e:ad:f7:
1c:3f:b5:c4:a3:38:f1:7b:60:c6:0c:26:4b:76:4b:
03:59:9c:c1:86:99:88:3d:c1:a8:8d:41:ae:55:b8:
62:93:83:36:3c:d5:79:c6:c2:48:6a:5d:2e:ab:60:
16:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:99:8E:22:96:5B:35:92:9F:46:2B:EE:C4:08:9E:43:39:88:3C:A8
X509v3 Authority Key Identifier:
keyid:08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d7:6f:37:e8:ab:a0:0b:36:0d:55:25:d2:ef:49:c3:a7:5a:c9:
f6:3d:89:0e:79:04:32:87:2d:8c:3e:7d:bc:94:31:be:df:95:
6d:43:c7:96:c3:5e:65:1e:a0:3f:f3:26:f5:18:5a:f4:ea:39:
18:7f:a5:5b:72:4d:65:7b:16:7a:fe:0e:d7:43:9c:ac:f2:b3:
76:f0:27:a0:e9:ac:ff:87:9f:e6:ef:83:3d:9e:76:93:0e:58:
b3:da:76:3f:30:ee:82:3e:c3:72:d7:a1:11:08:1e:05:43:76:
da:1f:05:8f:46:84:c1:27:dc:fe:17:3d:cc:8e:62:28:b2:63:
f4:38:e5:b1:a3:3e:3e:6d:09:6a:1e:fa:cd:72:87:fd:2c:59:
f3:7b:0a:00:52:59:3a:5f:8c:42:d0:ad:74:65:19:1b:c7:36:
00:81:9d:3d:6e:76:6e:de:8b:45:f9:7a:d1:78:55:ec:09:69:
0e:3c:29:6c:b0:f3:53:3c:4b:c2:ad:6a:4d:ec:60:7a:6b:af:
f0:29:f5:1b:5e:30:cc:1c:5b:f1:64:40:5b:5b:ee:d8:5f:94:
f1:79:6b:b7:3b:1f:42:8e:8c:d2:55:69:78:a1:fd:d4:68:34:
1f:0b:ea:d1:cb:4e:9a:19:17:6c:c2:4b:26:32:21:ed:3d:9a:
73:e9:28:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68l/XfbXc23jgV7gSoOo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDE4ZTk2OTBkMGZiNzExYWJmMzg3NGUxYzUwMGE2Mjc2
OTNjMGEwHhcNMjUwMTMxMDYwMDMzWhcNMjUwMjAxMDYwMDMzWjAzMTEwLwYDVQQD
Eyg1Yjk5OGUyMjk2NWIzNTkyOWY0NjJiZWVjNDA4OWU0MzM5ODgzY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtINV6qd3TwnyBgoHHifByizsWofK
6luMfKKN4cwgFQMDqNVAveLlO+ay4WAKmy2qUKry/hfVV5zXQyOqY6W249qcfm/Y
O2TzXwFswfukDSjMOtN9o2m1mA6noGoM3xBw1x1okJQipXZw75iJnK4JNRcehP5s
YU2mN7K/J+UlTjSott3bkKos0NF7TxdDx6gaCpo9y/iJBYxkGkE8rsV11MWkhywe
kV2+O2ka99gvbXTdICRLddjtkNZzfNWXmHdWzm4SJwWR3zJyNv3nzi1urfccP7XE
ozjxe2DGDCZLdksDWZzBhpmIPcGojUGuVbhik4M2PNV5xsJIal0uq2AW6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuZjiKWWzWSn0Yr7sQInkM5iDyoMB8GA1UdIwQY
MBaAFAhBjpaQ0PtxGr84dOHFAKYnaTwKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYt
MjJjMGNhMjEzMzgwLzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYtMjJjMGNhMjEzMzgw
LzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA12836Kug
CzYNVSXS70nDp1rJ9j2JDnkEMoctjD59vJQxvt+VbUPHlsNeZR6gP/Mm9Rha9Oo5
GH+lW3JNZXsWev4O10OcrPKzdvAnoOms/4ef5u+DPZ52kw5Ys9p2PzDugj7Dcteh
EQgeBUN22h8Fj0aEwSfc/hc9zI5iKLJj9DjlsaM+Pm0Jah76zXKH/SxZ83sKAFJZ
Ol+MQtCtdGUZG8c2AIGdPW52bt6LRfl60XhV7AlpDjwpbLDzUzxLwq1qTexgemuv
8Cn1G14wzBxb8WRAW1vu2F+U8XlrtzsfQo6M0lVpeKH91Gg0Hwvq0ctOmhkXbMJL
JjIh7T2ac+koJw==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:34:45 2025 by rpki-client on console-fra.rpki-client.org