Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
File: 2afNm3hyoceqJis_rRqQdlAlKDI.mft (raw, json)
Hash identifier: M7Lybag5/2FCPCZfjKnsgbFJB02ZTP66ssuWaBq5eks=
Subject key identifier: 3F:BA:5F:4E:6F:E1:43:AF:FA:BF:72:69:95:1A:34:F9:A8:39:CC:95
Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Certificate serial: 0194BA845083DD53F643CBC4907772F4E84B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
Manifest number: 024F
Signing time: Fri 31 Jan 2025 04:00:21 +0000
Manifest this update: Fri 31 Jan 2025 04:00:21 +0000
Manifest next update: Sat 01 Feb 2025 04:00:21 +0000
Files and hashes: 1: 2afNm3hyoceqJis_rRqQdlAlKDI.crl (hash: WoWH3NskPOxaZofdS847jhwSbSYOchGCoBkuppPFlx0=)
2: 8xRb-DPzCzHiHinhBGSiJKFCfq0.roa (hash: A9plqAZ6tW823XWa6YGs85LIMKZtOqJdz/q0S+8zYRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 04:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:84:50:83:dd:53:f6:43:cb:c4:90:77:72:f4:e8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Validity
Not Before: Jan 31 04:00:21 2025 GMT
Not After : Feb 1 04:00:21 2025 GMT
Subject: CN=3fba5f4e6fe143affabf7269951a34f9a839cc95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8f:29:a6:03:23:a1:01:ef:5c:41:95:7e:d0:
3b:a0:67:de:e0:28:88:57:3e:ee:c5:02:d9:42:23:
49:0b:18:2c:3a:69:79:fb:44:fa:71:7c:55:54:ab:
99:ff:0b:1e:e2:29:db:5a:a5:fa:dd:b3:ce:a3:96:
7f:91:fa:c3:38:d0:5a:d6:5a:ef:ab:31:83:d2:e7:
f3:63:6f:8b:69:f1:cc:b7:05:54:c8:ba:dd:42:1b:
fe:15:57:a2:f5:9e:8e:08:79:36:bc:b8:3b:28:28:
6e:83:fd:76:63:90:bf:85:aa:df:ec:6c:29:b2:58:
73:66:f0:67:eb:38:fc:ea:56:06:41:6e:a8:f5:b4:
03:bf:9d:d3:e6:44:ce:c6:84:2d:27:e2:bc:99:28:
26:8f:db:34:2a:71:ec:ff:86:aa:b7:c6:b5:e7:24:
8b:5c:8e:53:c1:2f:4a:7b:cc:3c:0e:29:4a:02:70:
da:ef:eb:70:05:73:4f:1e:f8:66:2f:8f:04:26:ae:
d4:6c:6d:b0:9b:f4:9c:b5:90:da:3d:de:2e:5a:8f:
e7:32:9a:5f:bc:20:7f:af:bb:f8:b1:45:64:e6:76:
fa:fe:21:fa:1a:ab:fe:3f:af:a5:fd:26:c0:da:0d:
9a:46:e2:6d:dd:d9:2e:4d:f7:f9:01:7c:41:5f:78:
92:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BA:5F:4E:6F:E1:43:AF:FA:BF:72:69:95:1A:34:F9:A8:39:CC:95
X509v3 Authority Key Identifier:
keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:b8:ec:49:e9:f2:bd:88:be:7a:96:3a:c0:35:80:f6:c5:5a:
18:4d:4a:5f:94:46:9b:b5:38:9e:6c:f9:ff:c6:6a:87:f4:c1:
62:e5:aa:c2:6b:83:90:b8:35:94:cb:f9:5d:18:5a:81:18:21:
10:72:0f:9e:59:34:da:38:d4:ed:f4:ed:63:a8:a0:99:1f:af:
9c:7a:43:60:88:fb:8a:88:9b:ac:37:62:50:13:04:7a:ad:c2:
d6:a3:d2:e0:66:09:d0:27:12:01:ea:c6:b7:8c:f9:0a:e4:fc:
ee:c1:7f:55:18:23:33:52:fa:f6:ea:4d:88:1b:16:ed:3a:2d:
74:6a:63:a2:67:01:b3:c5:77:9b:84:13:a8:d0:39:5c:dd:75:
a3:6c:60:15:26:a9:4c:55:bd:c1:5e:85:c2:38:f4:7a:60:d5:
d9:41:24:70:3c:12:0c:8a:d7:2f:02:c5:5a:12:a6:59:05:45:
d0:87:b7:ff:57:7a:83:40:d1:b4:98:ca:59:c5:83:35:72:87:
c1:ee:ec:1a:4f:36:ef:a9:30:a7:63:85:9f:7e:e9:0f:0f:9f:
f8:eb:ff:40:f4:7e:1f:cc:54:db:48:1b:e5:0a:49:3a:97:15:
12:da:11:5c:09:42:8c:de:d4:6d:02:b1:17:2f:3a:fd:44:46:
55:de:a1:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6hFCD3VP2Q8vEkHdy9OhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy
NTI4MzIwHhcNMjUwMTMxMDQwMDIxWhcNMjUwMjAxMDQwMDIxWjAzMTEwLwYDVQQD
EygzZmJhNWY0ZTZmZTE0M2FmZmFiZjcyNjk5NTFhMzRmOWE4MzljYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY8ppgMjoQHvXEGVftA7oGfe4CiI
Vz7uxQLZQiNJCxgsOml5+0T6cXxVVKuZ/wse4inbWqX63bPOo5Z/kfrDONBa1lrv
qzGD0ufzY2+LafHMtwVUyLrdQhv+FVei9Z6OCHk2vLg7KChug/12Y5C/harf7Gwp
slhzZvBn6zj86lYGQW6o9bQDv53T5kTOxoQtJ+K8mSgmj9s0KnHs/4aqt8a15ySL
XI5TwS9Ke8w8DilKAnDa7+twBXNPHvhmL48EJq7UbG2wm/SctZDaPd4uWo/nMppf
vCB/r7v4sUVk5nb6/iH6Gqv+P6+l/SbA2g2aRuJt3dkuTff5AXxBX3iSYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+6X05v4UOv+r9yaZUaNPmoOcyVMB8GA1UdIwQY
MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt
ZDA1YmU4YzVhNGIxLzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx
LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAabjsSeny
vYi+epY6wDWA9sVaGE1KX5RGm7U4nmz5/8Zqh/TBYuWqwmuDkLg1lMv5XRhagRgh
EHIPnlk02jjU7fTtY6igmR+vnHpDYIj7ioibrDdiUBMEeq3C1qPS4GYJ0CcSAerG
t4z5CuT87sF/VRgjM1L69upNiBsW7TotdGpjomcBs8V3m4QTqNA5XN11o2xgFSap
TFW9wV6Fwjj0emDV2UEkcDwSDIrXLwLFWhKmWQVF0Ie3/1d6g0DRtJjKWcWDNXKH
we7sGk8276kwp2OFn37pDw+f+Ov/QPR+H8xU20gb5QpJOpcVEtoRXAlCjN7UbQKx
Fy86/URGVd6hZQ==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:37:11 2025 by rpki-client on console-fra.rpki-client.org