Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
File: qvHI3UCIS0nwiAZNPBANKhiahHQ.mft (raw, json)
Hash identifier: rM7XD51dOqPXJlVIcB3y46v+ha6qkwDX3MId9UXspHw=
Subject key identifier: 95:53:8C:E9:8C:10:A2:0E:D3:03:F2:E1:8F:0B:41:EA:9D:90:F9:19
Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
Certificate issuer: /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Certificate serial: 0194BB9700EF0963583A6A2E83C145FD2AD0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
Manifest number: 86
Signing time: Fri 31 Jan 2025 09:00:22 +0000
Manifest this update: Fri 31 Jan 2025 09:00:22 +0000
Manifest next update: Sat 01 Feb 2025 09:00:22 +0000
Files and hashes: 1: UGApytPJPEIPFbzs4L0oU_KIdHM.roa (hash: cf5ZtJTmEf4eW9FhhtNmIkoS04da9/P7WQkJtlas3+0=)
2: qvHI3UCIS0nwiAZNPBANKhiahHQ.crl (hash: d64QPFpO8G+mqy5M84RHhuxmMOO+6RfKCCfVPY9Wyqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 09:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:97:00:ef:09:63:58:3a:6a:2e:83:c1:45:fd:2a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Validity
Not Before: Jan 31 09:00:22 2025 GMT
Not After : Feb 1 09:00:22 2025 GMT
Subject: CN=95538ce98c10a20ed303f2e18f0b41ea9d90f919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2c:6f:c6:f1:9b:e8:cb:bb:1f:31:da:15:91:
32:ef:89:93:be:26:df:15:c3:93:d4:f1:8b:c0:c3:
98:24:14:32:90:a3:d6:e5:21:bd:f6:76:b0:c6:70:
ba:11:e5:52:11:2b:1c:fe:23:6c:1f:e0:f6:f2:a6:
2d:55:9e:f0:49:ad:cc:0f:ed:eb:75:c3:cd:5b:68:
07:14:df:e3:30:80:64:02:11:2e:9b:35:18:90:8e:
62:ad:16:8e:15:93:04:c8:f4:bc:a2:4b:de:d0:58:
22:70:1a:35:f2:7b:ad:db:52:bb:83:8b:02:29:11:
2d:0f:b7:50:30:66:18:fd:e6:5f:c4:2a:58:73:7b:
2b:aa:1a:ad:c5:f8:f3:41:6b:46:ab:86:ce:bc:09:
3b:9f:79:53:b8:79:1d:5f:a6:fc:fc:b6:08:a9:15:
0d:b0:7b:31:a7:68:ec:fb:ec:ee:ac:23:33:be:1a:
ea:ac:92:ac:e3:27:79:d1:3a:e7:3c:86:69:d6:fc:
d7:d4:70:eb:50:d1:5c:41:19:75:2b:1a:32:2b:35:
2f:03:79:53:2d:58:fd:c1:41:d3:00:31:4c:19:40:
a8:db:8a:1d:a0:a2:0d:d5:e8:ef:f0:60:65:28:07:
4a:15:03:5f:3e:42:d6:ad:ef:89:2f:28:1d:b1:3f:
cf:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:53:8C:E9:8C:10:A2:0E:D3:03:F2:E1:8F:0B:41:EA:9D:90:F9:19
X509v3 Authority Key Identifier:
keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:91:e4:a6:9e:3c:6a:25:82:96:44:1e:67:fb:66:ab:aa:c9:
8e:18:1a:7c:0f:1d:76:58:2a:92:24:d7:2c:66:cd:50:8d:d8:
3b:be:9a:19:0b:1b:80:5f:7a:18:ca:47:c3:ba:78:ae:15:09:
09:2f:8d:63:ad:c1:f2:10:ff:e1:9a:3f:f5:85:67:18:9a:a2:
c8:5d:90:1b:93:a9:c8:2a:b7:7a:b0:1a:d7:8b:6b:33:5e:72:
49:a3:dd:49:e2:89:08:fc:38:f7:e2:22:53:3b:92:4d:d2:59:
08:2d:d0:1a:6b:51:9e:6d:81:86:10:0b:38:2a:11:38:ca:ee:
49:80:bb:bb:4e:fe:cb:2e:e3:37:83:0c:74:7d:88:6e:fb:8d:
83:0e:96:13:fc:67:96:b9:1a:28:a6:b2:34:1e:4e:6d:eb:1f:
33:4d:55:52:41:36:df:b4:3b:e4:bf:8f:49:8e:88:61:9c:af:
f0:86:c4:8d:7f:11:c1:4b:91:c1:c6:86:92:54:d3:7d:a9:80:
0a:4c:9c:14:d5:80:11:ad:37:56:18:1d:bf:06:57:2f:bc:80:
bb:59:bf:86:d8:1b:28:f5:eb:e5:c0:83:a4:c0:49:7f:79:be:
23:8b:a9:61:f1:a8:68:4f:1a:ad:a2:90:c8:b3:b0:b8:0b:df:
be:69:28:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7lwDvCWNYOmoug8FF/SrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5
YTg0NzQwHhcNMjUwMTMxMDkwMDIyWhcNMjUwMjAxMDkwMDIyWjAzMTEwLwYDVQQD
Eyg5NTUzOGNlOThjMTBhMjBlZDMwM2YyZTE4ZjBiNDFlYTlkOTBmOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSxvxvGb6Mu7HzHaFZEy74mTvibf
FcOT1PGLwMOYJBQykKPW5SG99nawxnC6EeVSESsc/iNsH+D28qYtVZ7wSa3MD+3r
dcPNW2gHFN/jMIBkAhEumzUYkI5irRaOFZMEyPS8okve0FgicBo18nut21K7g4sC
KREtD7dQMGYY/eZfxCpYc3srqhqtxfjzQWtGq4bOvAk7n3lTuHkdX6b8/LYIqRUN
sHsxp2js++zurCMzvhrqrJKs4yd50TrnPIZp1vzX1HDrUNFcQRl1KxoyKzUvA3lT
LVj9wUHTADFMGUCo24odoKIN1ejv8GBlKAdKFQNfPkLWre+JLygdsT/P1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVTjOmMEKIO0wPy4Y8LQeqdkPkZMB8GA1UdIwQY
MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt
M2IzMzlkMDgxZjgzLzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz
LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjZHkpp48
aiWClkQeZ/tmq6rJjhgafA8ddlgqkiTXLGbNUI3YO76aGQsbgF96GMpHw7p4rhUJ
CS+NY63B8hD/4Zo/9YVnGJqiyF2QG5OpyCq3erAa14trM15ySaPdSeKJCPw49+Ii
UzuSTdJZCC3QGmtRnm2BhhALOCoROMruSYC7u07+yy7jN4MMdH2IbvuNgw6WE/xn
lrkaKKayNB5ObesfM01VUkE237Q75L+PSY6IYZyv8IbEjX8RwUuRwcaGklTTfamA
CkycFNWAEa03VhgdvwZXL7yAu1m/htgbKPXr5cCDpMBJf3m+I4upYfGoaE8araKQ
yLOwuAvfvmko/Q==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:45:13 2025 by rpki-client on console-fra.rpki-client.org