Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
File: ddoOY-skfZoLE7TLNt1nJJkgu8o.mft (raw, json)
Hash identifier: AUILXMTOym06GlGs2hNdS1L4A+lLw4G3eOo2KUAoAUg=
Subject key identifier: A4:77:64:54:29:14:F4:55:DF:C8:35:C4:CE:11:94:8B:AA:8A:D2:A3
Authority key identifier: 75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
Certificate issuer: /CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Certificate serial: 0194BAF255E74A8D4AC4193B630DD7A46CEB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
Manifest number: 142C
Signing time: Fri 31 Jan 2025 06:00:31 +0000
Manifest this update: Fri 31 Jan 2025 06:00:31 +0000
Manifest next update: Sat 01 Feb 2025 06:00:31 +0000
Files and hashes: 1: Qij-xPisZGBBqpNgu1KPeAhYyeA.roa (hash: 0qt3Er+wn2Xj8MdmWfSXDbZ9aYW82PDchwg6o4/NTxg=)
2: ddoOY-skfZoLE7TLNt1nJJkgu8o.crl (hash: a8cCaD5NKxyxBm1Qp8FtT8IM+Cu6H9W2cU9IPSgaPrM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ba:f2:55:e7:4a:8d:4a:c4:19:3b:63:0d:d7:a4:6c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Validity
Not Before: Jan 31 06:00:31 2025 GMT
Not After : Feb 1 06:00:31 2025 GMT
Subject: CN=a47764542914f455dfc835c4ce11948baa8ad2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1c:45:4c:9e:af:b6:8a:5c:75:dd:eb:a1:fd:
fc:3f:63:8c:cd:6f:66:32:16:cf:a9:4a:5b:d6:9a:
8b:80:18:10:fa:a0:d9:0d:fb:83:b1:f0:c7:58:ca:
1c:f9:d8:7f:ad:af:32:b9:d2:64:a2:ec:88:dc:f9:
a6:81:c0:d1:1d:ef:aa:1a:50:a9:8e:86:70:02:22:
47:3e:fa:2b:79:b3:00:98:f1:93:30:dc:1b:60:9c:
f3:4e:c9:41:a9:f9:fd:16:bb:4b:eb:04:1c:4f:5c:
1b:25:f9:3d:9b:32:48:f2:31:83:b4:b4:7b:c8:a9:
fa:b2:b8:a4:a6:48:c3:f9:7c:35:2a:12:0a:ea:0e:
42:0d:0b:01:de:72:96:c9:13:db:80:dc:2d:2a:98:
0a:bc:87:5f:e8:b9:48:ff:af:e4:51:33:c8:f7:0b:
27:b7:53:e1:2b:07:e8:f3:7d:04:13:d3:06:a3:68:
42:34:83:ab:92:5e:1c:75:28:b1:72:ff:d1:a0:aa:
95:86:2c:e1:11:2f:fe:65:44:c0:0c:b8:67:d2:8e:
49:e4:b8:e0:3b:a5:8c:f7:74:37:e2:f9:ad:d7:55:
19:d9:f7:dc:93:7e:82:dc:75:d1:28:08:3e:da:36:
e4:0b:a2:61:4b:24:1f:7c:f5:25:b5:01:cb:05:36:
6e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:77:64:54:29:14:F4:55:DF:C8:35:C4:CE:11:94:8B:AA:8A:D2:A3
X509v3 Authority Key Identifier:
keyid:75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e1:b3:36:e4:7d:aa:c1:6f:14:7a:4d:42:14:01:44:84:bf:4b:
6f:62:0a:7c:86:e7:b7:57:d5:68:5d:39:ce:fe:8a:a3:35:e0:
a6:c2:f7:16:5c:35:ce:de:b6:08:b6:11:c5:2e:91:d5:bd:f2:
e9:3e:1e:4a:fe:ee:22:d7:52:44:28:e3:75:9b:49:11:c8:da:
ca:36:fd:db:a1:74:db:52:b5:9b:70:8b:4a:aa:eb:94:78:85:
ba:db:f8:c1:4a:c0:d1:2d:87:ab:b1:62:22:46:c6:3c:89:d5:
9b:0d:04:53:4e:30:af:25:40:df:7e:41:ba:6d:90:ba:8d:18:
8d:e6:e8:e2:15:d5:16:cc:57:61:86:5a:78:23:15:d8:ae:0c:
bf:0d:33:9b:98:e5:38:d6:d3:25:ad:bf:52:29:ff:16:ff:7f:
ee:c2:f5:d2:8b:e4:d2:b6:f2:c0:2b:cd:ce:a2:38:f2:e8:61:
60:25:11:ee:0e:86:f7:92:c1:43:59:b1:f4:93:cc:a9:76:1a:
a9:33:7e:ff:44:96:a9:dc:cb:61:af:88:ce:df:fd:97:d6:b4:
68:9f:e1:23:b2:8e:d2:fe:4a:88:c2:d7:af:72:4b:50:32:23:
2d:c1:b9:69:d8:39:82:8d:84:8d:46:9d:18:17:6a:32:c0:0d:
03:53:58:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS68lXnSo1KxBk7Yw3XpGzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGEwZTYzZWIyNDdkOWEwYjEzYjRjYjM2ZGQ2NzI0OTky
MGJiY2EwHhcNMjUwMTMxMDYwMDMxWhcNMjUwMjAxMDYwMDMxWjAzMTEwLwYDVQQD
EyhhNDc3NjQ1NDI5MTRmNDU1ZGZjODM1YzRjZTExOTQ4YmFhOGFkMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxxFTJ6vtopcdd3rof38P2OMzW9m
MhbPqUpb1pqLgBgQ+qDZDfuDsfDHWMoc+dh/ra8yudJkouyI3PmmgcDRHe+qGlCp
joZwAiJHPvorebMAmPGTMNwbYJzzTslBqfn9FrtL6wQcT1wbJfk9mzJI8jGDtLR7
yKn6srikpkjD+Xw1KhIK6g5CDQsB3nKWyRPbgNwtKpgKvIdf6LlI/6/kUTPI9wsn
t1PhKwfo830EE9MGo2hCNIOrkl4cdSixcv/RoKqVhizhES/+ZUTADLhn0o5J5Ljg
O6WM93Q34vmt11UZ2ffck36C3HXRKAg+2jbkC6JhSyQffPUltQHLBTZuAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKR3ZFQpFPRV38g1xM4RlIuqitKjMB8GA1UdIwQY
MBaAFHXaDmPrJH2aCxO0yzbdZySZILvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgt
ZGY0YTMxNzM1MjJiLzEvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgtZGY0YTMxNzM1MjJi
LzEvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4bM25H2q
wW8Uek1CFAFEhL9Lb2IKfIbnt1fVaF05zv6KozXgpsL3Flw1zt62CLYRxS6R1b3y
6T4eSv7uItdSRCjjdZtJEcjayjb926F021K1m3CLSqrrlHiFutv4wUrA0S2Hq7Fi
IkbGPInVmw0EU04wryVA335Bum2Quo0Yjebo4hXVFsxXYYZaeCMV2K4Mvw0zm5jl
ONbTJa2/Uin/Fv9/7sL10ovk0rbywCvNzqI48uhhYCUR7g6G95LBQ1mx9JPMqXYa
qTN+/0SWqdzLYa+Izt/9l9a0aJ/hI7KO0v5KiMLXr3JLUDIjLcG5adg5go2EjUad
GBdqMsANA1NYLg==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:44:01 2025 by rpki-client on console-fra.rpki-client.org