Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier: 7R8SOEVg3M9XOHyBG27D+MOCzQXKAiqRQNc8OH/vgGg=
Subject key identifier: 28:94:B5:CC:E4:86:2C:65:B6:CA:82:73:94:94:A2:C7:8F:B2:DF:71
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer: /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial: 019653EE5D288A07E5FE08BB68F5C9159E8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number: 05D2
Signing time: Sun 20 Apr 2025 16:00:52 +0000
Manifest this update: Sun 20 Apr 2025 16:00:52 +0000
Manifest next update: Mon 21 Apr 2025 16:00:52 +0000
Files and hashes: 1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: 8M3BsRReH978CHo9Yvcd4nPye5/jBDvzXKGMqS1env0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:ee:5d:28:8a:07:e5:fe:08:bb:68:f5:c9:15:9e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Validity
Not Before: Apr 20 16:00:52 2025 GMT
Not After : Apr 21 16:00:52 2025 GMT
Subject: CN=2894b5cce4862c65b6ca82739494a2c78fb2df71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9c:64:56:f5:c6:67:34:69:0c:28:06:a6:12:
fe:bb:2e:0f:0f:5d:e1:e2:ae:c4:40:a3:22:d7:2b:
07:ae:f1:19:e6:ca:96:e8:22:72:46:ee:a8:77:1e:
5e:ff:35:c7:34:11:cd:2b:ef:9e:07:be:ab:43:4a:
26:1e:54:b4:17:44:12:b1:06:28:0b:78:e6:76:e0:
88:5f:b2:ee:aa:95:fd:1c:26:60:24:64:36:54:71:
9d:00:5e:c9:3f:ee:92:88:3a:22:c7:dd:5b:fb:d4:
fb:cf:0e:cc:e7:87:c0:d5:69:1c:95:fe:8d:3c:b8:
a1:2c:4b:c4:96:42:c4:e8:f9:96:21:e6:b5:8d:dc:
53:05:52:ec:19:17:a3:3f:ea:47:03:1c:bb:bc:84:
0b:86:61:56:b2:12:28:2d:5e:8f:25:b9:b7:1a:6e:
57:58:bd:99:72:40:3b:a8:98:b4:bb:0a:7a:d6:f4:
6e:28:e2:70:f0:50:15:ed:6c:b3:18:f6:38:21:11:
8c:55:7f:ea:64:b2:1b:9f:38:74:2a:75:35:0f:e8:
64:76:d4:e5:73:7a:6d:1f:b8:47:bc:7b:27:fb:79:
be:4c:7f:1d:a0:c6:e3:ce:cf:b9:d9:19:0a:74:8b:
4b:3c:34:d2:f9:34:f1:3e:ca:2f:59:63:49:8d:d1:
06:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:94:B5:CC:E4:86:2C:65:B6:CA:82:73:94:94:A2:C7:8F:B2:DF:71
X509v3 Authority Key Identifier:
keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:ac:b2:f5:ba:c1:b2:45:c4:80:4a:7b:ef:08:20:db:b5:7b:
0a:60:52:bf:17:60:c3:54:2a:2d:49:b3:2c:e9:23:45:cc:2b:
21:91:24:4b:22:e6:a0:ec:46:d7:06:0a:b6:87:b4:19:a1:e9:
3f:88:0c:cf:8a:4f:de:4e:7c:53:95:75:81:d4:f6:38:38:92:
73:4c:5b:7c:13:71:41:2f:a2:49:53:69:b4:c7:0c:31:b0:85:
f5:a9:a0:9e:64:59:c1:7d:79:f8:12:da:59:a5:15:ba:be:c1:
2f:77:ea:d4:14:29:15:4a:da:2f:d5:d7:54:09:86:6e:cc:4d:
b6:4e:0f:08:6b:3b:71:a4:f9:f0:1c:0c:31:bc:b3:a3:f2:79:
4a:70:36:63:a7:8f:e2:7c:6a:5b:4b:62:a5:8e:4c:5a:74:71:
bf:34:3c:f7:9c:97:e4:ad:57:88:48:d8:1f:d6:6a:f3:20:c8:
94:26:f1:b4:53:18:4a:dc:05:a5:4b:ad:31:67:a0:ce:70:40:
bd:59:8b:64:21:2d:f2:50:29:ac:e3:b4:b0:ce:ad:cd:b9:ad:
98:74:60:d9:ac:c7:89:f0:ba:6d:ca:de:09:0e:37:b3:8d:06:
c1:af:cb:56:d1:e3:9e:18:69:7e:1d:d8:f4:40:12:1d:da:08:
ca:44:1e:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZT7l0oigfl/gi7aPXJFZ6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUwNDIwMTYwMDUyWhcNMjUwNDIxMTYwMDUyWjAzMTEwLwYDVQQD
EygyODk0YjVjY2U0ODYyYzY1YjZjYTgyNzM5NDk0YTJjNzhmYjJkZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5xkVvXGZzRpDCgGphL+uy4PD13h
4q7EQKMi1ysHrvEZ5sqW6CJyRu6odx5e/zXHNBHNK++eB76rQ0omHlS0F0QSsQYo
C3jmduCIX7LuqpX9HCZgJGQ2VHGdAF7JP+6SiDoix91b+9T7zw7M54fA1Wkclf6N
PLihLEvElkLE6PmWIea1jdxTBVLsGRejP+pHAxy7vIQLhmFWshIoLV6PJbm3Gm5X
WL2ZckA7qJi0uwp61vRuKOJw8FAV7WyzGPY4IRGMVX/qZLIbnzh0KnU1D+hkdtTl
c3ptH7hHvHsn+3m+TH8doMbjzs+52RkKdItLPDTS+TTxPsovWWNJjdEGfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiUtczkhixltsqCc5SUosePst9xMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPqyy9brB
skXEgEp77wgg27V7CmBSvxdgw1QqLUmzLOkjRcwrIZEkSyLmoOxG1wYKtoe0GaHp
P4gMz4pP3k58U5V1gdT2ODiSc0xbfBNxQS+iSVNptMcMMbCF9amgnmRZwX15+BLa
WaUVur7BL3fq1BQpFUraL9XXVAmGbsxNtk4PCGs7caT58BwMMbyzo/J5SnA2Y6eP
4nxqW0tipY5MWnRxvzQ895yX5K1XiEjYH9Zq8yDIlCbxtFMYStwFpUutMWegznBA
vVmLZCEt8lAprOO0sM6tzbmtmHRg2azHifC6bcreCQ43s40Gwa/LVtHjnhhpfh3Y
9EASHdoIykQecA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:27:53 2025 by rpki-client