Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
File: vSpaBrm0P86hiFQdMMbcNDCq85I.mft (raw, json)
Hash identifier: iPb62UWeI/kUvGDOtaFXhnJWdzz/DwxvitSnerzmRAc=
Subject key identifier: ED:B1:A9:BF:C1:BF:53:6D:66:88:9D:C9:4B:1A:FF:57:0D:4A:10:2A
Authority key identifier: BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
Certificate issuer: /CN=bd2a5a06b9b43fcea188541d30c6dc3430aaf392
Certificate serial: 01967CB2E6267431E7ED279342AE5A6C44F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
Manifest number: 0FE7
Signing time: Mon 28 Apr 2025 14:00:21 +0000
Manifest this update: Mon 28 Apr 2025 14:00:21 +0000
Manifest next update: Tue 29 Apr 2025 14:00:21 +0000
Files and hashes: 1: dNOXWcyjBwUcXV5oIaNhLVVvSEU.roa (hash: 4Fft0psn/kwpjVEKZgVhKcfKwufV2SXuxRSuxxvAa+k=)
2: vSpaBrm0P86hiFQdMMbcNDCq85I.crl (hash: pJx6R7DosDLrrkLOWCM8QQln9fOskhYrC3JAg4VWBH8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 14:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:b2:e6:26:74:31:e7:ed:27:93:42:ae:5a:6c:44:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd2a5a06b9b43fcea188541d30c6dc3430aaf392
Validity
Not Before: Apr 28 14:00:21 2025 GMT
Not After : Apr 29 14:00:21 2025 GMT
Subject: CN=edb1a9bfc1bf536d66889dc94b1aff570d4a102a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:86:ce:ce:52:f2:28:4d:ae:7e:be:7c:c8:a2:
59:34:6b:29:04:50:b8:8c:36:4e:0c:e3:3b:38:5a:
65:37:18:fd:c2:11:54:84:1e:ef:f8:60:da:56:5a:
eb:c4:87:a4:63:b8:05:2a:73:72:d6:f5:ab:ca:d3:
a4:84:4a:f1:09:ec:86:0c:6d:d1:46:ef:92:85:0f:
14:38:c0:5e:ef:00:15:a8:2c:d0:79:80:72:5c:bf:
f3:82:30:81:f8:22:2f:54:70:85:0d:7f:b8:75:ef:
15:78:55:00:3d:53:c8:d6:83:4f:b8:aa:37:93:d9:
90:1f:52:cf:fe:59:21:37:c8:30:cd:14:99:0e:15:
70:91:95:4e:2f:86:0d:08:92:6a:3a:a0:0b:4a:91:
a7:86:98:64:8b:16:7c:c5:23:86:8f:5e:9b:cd:5e:
5c:80:9a:c0:a5:a2:0f:a8:dc:78:89:9a:19:0b:6c:
66:30:47:c6:37:e0:c1:07:d9:17:11:40:88:de:86:
52:d0:b7:cd:6f:f3:56:9f:35:e0:e0:ff:25:10:d0:
20:8e:31:d2:f1:67:b2:38:d7:e0:07:8a:b8:86:54:
00:a0:63:c6:94:48:d6:a4:1f:f2:48:fe:ed:cd:b6:
6b:e0:76:e9:88:a0:31:c8:2a:ad:6f:6d:43:9c:cb:
bc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B1:A9:BF:C1:BF:53:6D:66:88:9D:C9:4B:1A:FF:57:0D:4A:10:2A
X509v3 Authority Key Identifier:
keyid:BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:61:1c:ed:30:7f:1c:e6:e5:e1:aa:e4:de:cb:08:03:1b:5a:
17:0b:d1:63:ec:8e:7a:ab:ed:ab:46:4f:4b:45:85:70:27:5f:
59:0e:77:79:11:b3:e4:4f:ea:0d:0b:ae:14:f1:73:c9:ff:dc:
cc:18:bd:34:46:84:98:b8:c1:9a:a7:64:dd:dc:50:01:d8:b3:
aa:8c:d8:83:25:09:22:54:5d:e9:4a:17:47:76:f3:bd:0d:fc:
8d:eb:00:90:3a:f9:5b:4d:2e:7d:f7:1e:6f:10:41:86:c1:4c:
cb:3d:44:4e:5e:c8:2f:71:e3:f3:b6:80:d0:64:4f:c0:7a:17:
e6:48:8c:73:48:3d:99:7a:59:4a:49:be:fa:1c:58:b8:49:db:
17:5c:cf:26:8f:5e:98:42:34:08:73:44:d1:75:a1:4f:0c:6a:
5c:3c:e5:d7:2f:5c:24:87:93:40:e5:8e:2f:d7:10:56:63:ca:
d5:1e:c4:5a:98:5d:a6:72:2c:d8:80:d5:a4:a3:cb:c6:a4:00:
ae:34:f1:e0:d0:11:3e:1d:3c:a6:2b:a8:bd:8b:b5:43:cf:b3:
0e:e6:37:0c:cb:65:bc:9f:9f:3e:39:33:21:09:04:2c:e7:d0:
de:8b:00:95:b2:da:1d:59:32:3e:6e:c3:e6:f5:8b:2d:c2:f6:
eb:21:8c:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8suYmdDHn7SeTQq5abETyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMmE1YTA2YjliNDNmY2VhMTg4NTQxZDMwYzZkYzM0MzBh
YWYzOTIwHhcNMjUwNDI4MTQwMDIxWhcNMjUwNDI5MTQwMDIxWjAzMTEwLwYDVQQD
EyhlZGIxYTliZmMxYmY1MzZkNjY4ODlkYzk0YjFhZmY1NzBkNGExMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4bOzlLyKE2ufr58yKJZNGspBFC4
jDZODOM7OFplNxj9whFUhB7v+GDaVlrrxIekY7gFKnNy1vWrytOkhErxCeyGDG3R
Ru+ShQ8UOMBe7wAVqCzQeYByXL/zgjCB+CIvVHCFDX+4de8VeFUAPVPI1oNPuKo3
k9mQH1LP/lkhN8gwzRSZDhVwkZVOL4YNCJJqOqALSpGnhphkixZ8xSOGj16bzV5c
gJrApaIPqNx4iZoZC2xmMEfGN+DBB9kXEUCI3oZS0LfNb/NWnzXg4P8lENAgjjHS
8WeyONfgB4q4hlQAoGPGlEjWpB/ySP7tzbZr4HbpiKAxyCqtb21DnMu8hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2xqb/Bv1NtZoidyUsa/1cNShAqMB8GA1UdIwQY
MBaAFL0qWga5tD/OoYhUHTDG3DQwqvOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jYWYwMzQtY2JlMi00ZDJkLWEwMmIt
NWQzNDcwNGI3Yzg4LzEvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jYWYwMzQtY2JlMi00ZDJkLWEwMmItNWQzNDcwNGI3Yzg4
LzEvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWEc7TB/
HObl4ark3ssIAxtaFwvRY+yOeqvtq0ZPS0WFcCdfWQ53eRGz5E/qDQuuFPFzyf/c
zBi9NEaEmLjBmqdk3dxQAdizqozYgyUJIlRd6UoXR3bzvQ38jesAkDr5W00uffce
bxBBhsFMyz1ETl7IL3Hj87aA0GRPwHoX5kiMc0g9mXpZSkm++hxYuEnbF1zPJo9e
mEI0CHNE0XWhTwxqXDzl1y9cJIeTQOWOL9cQVmPK1R7EWphdpnIs2IDVpKPLxqQA
rjTx4NARPh08piuovYu1Q8+zDuY3DMtlvJ+fPjkzIQkELOfQ3osAlbLaHVkyPm7D
5vWLLcL26yGMCA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:42:51 2025 by rpki-client