Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier: 7XHOvsMPZrfAMxYkQrjdJoWjXfQndrO2UUp5Yc34si0=
Subject key identifier: 19:18:67:CC:42:70:DB:84:72:29:19:DB:9B:24:51:AA:55:A9:D8:E3
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial: 01969ED15B361AC030C92CD5D333F55F1E6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number: 11AD
Signing time: Mon 05 May 2025 05:00:42 +0000
Manifest this update: Mon 05 May 2025 05:00:42 +0000
Manifest next update: Tue 06 May 2025 05:00:42 +0000
Files and hashes: 1: SIndVbkKUXy4BUQozeoniwpZDAY.roa (hash: w+S8wcJNHWfC84514ZDYZ2EFFwmdH9ulSWKDE7QHbmQ=)
2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: wmwE3MrYyGgz7kYrOKEqekGBWKoIUMt3Qxy3MYHUUWQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9e:d1:5b:36:1a:c0:30:c9:2c:d5:d3:33:f5:5f:1e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Validity
Not Before: May 5 05:00:42 2025 GMT
Not After : May 6 05:00:42 2025 GMT
Subject: CN=191867cc4270db84722919db9b2451aa55a9d8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:5c:be:a9:2e:91:e6:8a:7c:46:b3:e9:24:
c3:28:63:85:da:26:c7:24:12:ce:99:c3:67:e2:e2:
ba:e2:e3:9a:a1:ca:53:8a:f8:c1:76:e3:a7:46:d5:
32:ec:8b:ae:57:b6:e7:61:35:7b:ef:e6:81:2c:03:
b1:8c:52:5c:46:e6:39:34:cb:1a:37:bc:84:91:88:
8b:d2:b6:82:88:aa:ca:ec:8d:b2:28:d8:e1:90:de:
0e:82:46:61:62:62:ce:b9:8d:8d:21:9e:43:d1:e0:
bc:c8:bf:2f:3b:da:e8:d5:75:b8:ad:a7:73:79:c9:
1e:7b:02:51:a0:32:3f:22:7d:39:fd:f4:3a:a7:4f:
c9:d4:ae:4f:97:ae:8c:eb:7e:4e:f0:08:a3:61:fa:
53:ef:f8:0c:7c:b2:01:e4:4e:da:b8:de:7c:b8:ac:
78:a9:9f:51:63:1d:d3:fb:ed:ff:80:02:2f:d7:b3:
89:70:09:0e:e1:10:d0:90:8c:92:72:53:f7:16:31:
17:2a:8a:a9:8c:f2:e3:da:49:40:c3:62:01:c1:8a:
5f:5d:02:6b:88:94:7e:59:1b:44:94:07:e5:dd:2e:
8d:e8:22:e4:dd:10:a6:db:53:76:70:dd:9b:a2:53:
c6:67:81:65:da:27:ef:d3:0d:21:40:5c:17:ee:69:
c2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:18:67:CC:42:70:DB:84:72:29:19:DB:9B:24:51:AA:55:A9:D8:E3
X509v3 Authority Key Identifier:
keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:87:e8:2b:18:ca:89:38:8e:ce:ff:08:aa:e7:95:db:01:14:
be:72:93:7a:bc:e4:93:e4:f2:02:00:37:fc:25:3b:f0:46:4b:
f2:cd:d7:94:dd:fb:c0:ab:50:bb:53:25:3f:eb:b9:71:1a:7e:
f8:cf:d8:b4:93:66:c8:f7:ec:59:cd:55:b2:45:e2:51:6a:c8:
33:06:57:91:da:7e:f9:e7:50:e8:47:9d:17:a1:3a:9c:07:cd:
b6:91:ac:2e:72:30:b5:38:ca:fd:c2:0e:3d:c5:1e:ae:7a:e7:
75:83:11:05:95:b9:0b:22:4f:60:89:4b:c6:d4:13:92:a8:b7:
c9:ce:1b:70:10:9b:f9:4c:93:a8:e4:97:c0:e3:e4:9a:a1:68:
07:9a:58:e9:57:63:b2:67:81:b7:51:b1:5e:81:da:16:21:46:
fd:d3:83:4d:b1:83:50:ba:02:31:eb:36:c1:1c:00:5d:ce:3e:
92:ec:ab:77:bd:29:b6:fe:10:36:64:2d:43:cf:1e:22:b0:a3:
3f:c3:0f:ad:ed:bc:4f:b8:f8:07:f8:d5:05:67:3c:13:bc:00:
a7:b8:02:76:51:a2:29:3c:c7:6f:b3:7e:96:07:0c:1c:4d:31:
3f:39:8b:01:01:20:85:9a:a6:45:f4:d9:a0:86:9f:bc:6f:5d:
26:b1:77:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZae0Vs2GsAwySzV0zP1Xx5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjUwNTA1MDUwMDQyWhcNMjUwNTA2MDUwMDQyWjAzMTEwLwYDVQQD
EygxOTE4NjdjYzQyNzBkYjg0NzIyOTE5ZGI5YjI0NTFhYTU1YTlkOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD5cvqkukeaKfEaz6STDKGOF2ibH
JBLOmcNn4uK64uOaocpTivjBduOnRtUy7IuuV7bnYTV77+aBLAOxjFJcRuY5NMsa
N7yEkYiL0raCiKrK7I2yKNjhkN4OgkZhYmLOuY2NIZ5D0eC8yL8vO9ro1XW4radz
eckeewJRoDI/In05/fQ6p0/J1K5Pl66M635O8AijYfpT7/gMfLIB5E7auN58uKx4
qZ9RYx3T++3/gAIv17OJcAkO4RDQkIySclP3FjEXKoqpjPLj2klAw2IBwYpfXQJr
iJR+WRtElAfl3S6N6CLk3RCm21N2cN2bolPGZ4Fl2ifv0w0hQFwX7mnCpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkYZ8xCcNuEcikZ25skUapVqdjjMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfYfoKxjK
iTiOzv8IqueV2wEUvnKTerzkk+TyAgA3/CU78EZL8s3XlN37wKtQu1MlP+u5cRp+
+M/YtJNmyPfsWc1VskXiUWrIMwZXkdp++edQ6EedF6E6nAfNtpGsLnIwtTjK/cIO
PcUernrndYMRBZW5CyJPYIlLxtQTkqi3yc4bcBCb+UyTqOSXwOPkmqFoB5pY6Vdj
smeBt1GxXoHaFiFG/dODTbGDULoCMes2wRwAXc4+kuyrd70ptv4QNmQtQ88eIrCj
P8MPre28T7j4B/jVBWc8E7wAp7gCdlGiKTzHb7N+lgcMHE0xPzmLAQEghZqmRfTZ
oIafvG9dJrF3SQ==
-----END CERTIFICATE-----
Generated at Mon May 5 14:21:14 2025 by rpki-client