Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft
File: X7qw05-2l5_k09JIOgG908k77O8.mft (raw, json)
Hash identifier: gRE9mCeJmS/0ZzPCvntHRLCbAtd5zZtnpSt4zOEmemU=
Subject key identifier: FC:62:F5:C4:25:FF:08:C1:11:D3:91:1E:9C:F3:C3:42:DE:40:82:8D
Authority key identifier: 5F:BA:B0:D3:9F:B6:97:9F:E4:D3:D2:48:3A:01:BD:D3:C9:3B:EC:EF
Certificate issuer: /CN=5fbab0d39fb6979fe4d3d2483a01bdd3c93becef
Certificate serial: 019644E8F650A8E7F017B7C1F7D86773080F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft
Manifest number: 0A05
Signing time: Thu 17 Apr 2025 18:00:40 +0000
Manifest this update: Thu 17 Apr 2025 18:00:40 +0000
Manifest next update: Fri 18 Apr 2025 18:00:40 +0000
Files and hashes: 1: X7qw05-2l5_k09JIOgG908k77O8.crl (hash: sljl7CmBeS3qtjmLUYkaq/0yGbFRepV/N4QIst+chQ0=)
2: vKqft3GpUgOOXSf2VjTKls-pWMw.roa (hash: 5Tvu15lYIVA9/K7Qk9i7l4tCbiMQ02zrBkIoUMRXadY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft
rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:e8:f6:50:a8:e7:f0:17:b7:c1:f7:d8:67:73:08:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbab0d39fb6979fe4d3d2483a01bdd3c93becef
Validity
Not Before: Apr 17 18:00:40 2025 GMT
Not After : Apr 18 18:00:40 2025 GMT
Subject: CN=fc62f5c425ff08c111d3911e9cf3c342de40828d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:92:75:87:4b:e9:3a:5b:7e:d6:f7:ce:25:
bc:4b:00:29:b2:ec:c3:e6:20:25:b4:43:b1:6c:f5:
cb:6c:d2:6b:9d:a0:c0:d6:c9:8d:1c:dd:0a:a1:2d:
1c:22:3b:1c:95:2d:84:cb:41:00:6d:50:62:f7:93:
19:34:5f:49:fd:7a:8e:e4:cf:80:30:76:75:d0:55:
c5:9d:b6:48:5d:04:1f:92:05:6f:96:2f:73:f0:91:
46:cb:04:b4:d0:d2:01:31:54:60:da:e1:47:81:01:
8c:be:00:7a:4e:b7:ec:2c:a8:40:77:73:2b:48:cb:
d5:90:d7:dc:18:a9:ba:3b:7d:5e:f2:e0:68:ba:be:
04:85:91:20:18:16:f7:89:65:2f:e6:c0:2a:4c:03:
7e:2a:d4:34:0d:d3:e9:72:90:96:61:e6:75:d6:10:
6d:5e:ef:af:8b:c6:9f:1f:48:8a:7f:94:6b:ad:94:
cc:33:58:90:58:d0:f2:13:f9:71:7f:b3:ed:39:be:
3f:c6:c2:ad:0e:b8:cd:f3:71:b2:86:27:a4:b1:80:
51:94:07:d8:ac:a0:97:cb:19:b0:db:80:de:46:c2:
5d:4b:7d:b3:fe:0e:1d:77:74:43:1e:e2:da:b8:cc:
11:e7:e3:a6:70:cf:13:4f:4f:6d:db:8b:ab:50:88:
87:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:62:F5:C4:25:FF:08:C1:11:D3:91:1E:9C:F3:C3:42:DE:40:82:8D
X509v3 Authority Key Identifier:
keyid:5F:BA:B0:D3:9F:B6:97:9F:E4:D3:D2:48:3A:01:BD:D3:C9:3B:EC:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7qw05-2l5_k09JIOgG908k77O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3c524e-12b8-4dcc-8f10-30df62429df0/1/X7qw05-2l5_k09JIOgG908k77O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:a9:30:0a:30:e5:31:ef:bb:3f:a8:3a:d3:54:c3:10:a4:9f:
7a:09:f1:12:5e:f6:2e:b9:f5:a2:8e:21:6b:5f:28:3b:db:6c:
37:e0:11:75:9e:c8:e8:f9:33:4f:93:e7:8c:81:a9:19:9e:6a:
32:cb:af:c3:35:99:74:0c:20:a3:cb:41:b5:20:f4:0f:da:43:
85:85:55:70:04:32:0c:62:8f:34:84:66:55:c4:8b:95:ad:42:
8c:8a:57:9a:f1:3b:83:86:00:9b:8b:35:88:c7:d6:26:56:20:
1d:05:d6:77:f8:08:fe:17:62:79:41:91:80:33:56:42:70:11:
aa:21:b6:ef:41:fb:9a:b7:c5:7d:10:96:f2:a7:2a:97:6c:f1:
89:9b:4b:63:33:a7:cc:e0:e4:9d:57:ff:0f:03:f7:fe:50:e9:
25:2d:d4:36:3d:91:ff:15:a4:c9:6a:0b:80:bb:e7:83:d3:1b:
39:3e:52:4f:68:84:d1:a0:0b:c9:e1:01:13:96:d0:94:7c:1e:
29:71:2f:66:d4:f3:aa:db:f6:17:8a:c4:f8:30:10:9f:86:ef:
d2:f6:a8:bb:4e:42:fc:44:8d:93:35:52:03:75:f9:f9:09:0d:
ae:3d:89:1a:f2:83:e2:3f:f4:99:c5:e6:e5:c0:6c:ab:9a:74:
c9:78:01:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZE6PZQqOfwF7fB99hncwgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmFiMGQzOWZiNjk3OWZlNGQzZDI0ODNhMDFiZGQzYzkz
YmVjZWYwHhcNMjUwNDE3MTgwMDQwWhcNMjUwNDE4MTgwMDQwWjAzMTEwLwYDVQQD
EyhmYzYyZjVjNDI1ZmYwOGMxMTFkMzkxMWU5Y2YzYzM0MmRlNDA4MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFSSdYdL6Tpbftb3ziW8SwApsuzD
5iAltEOxbPXLbNJrnaDA1smNHN0KoS0cIjsclS2Ey0EAbVBi95MZNF9J/XqO5M+A
MHZ10FXFnbZIXQQfkgVvli9z8JFGywS00NIBMVRg2uFHgQGMvgB6TrfsLKhAd3Mr
SMvVkNfcGKm6O31e8uBour4EhZEgGBb3iWUv5sAqTAN+KtQ0DdPpcpCWYeZ11hBt
Xu+vi8afH0iKf5RrrZTMM1iQWNDyE/lxf7PtOb4/xsKtDrjN83GyhieksYBRlAfY
rKCXyxmw24DeRsJdS32z/g4dd3RDHuLauMwR5+OmcM8TT09t24urUIiHAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxi9cQl/wjBEdORHpzzw0LeQIKNMB8GA1UdIwQY
MBaAFF+6sNOftpef5NPSSDoBvdPJO+zvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zYzUyNGUtMTJiOC00ZGNjLThmMTAt
MzBkZjYyNDI5ZGYwLzEvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zYzUyNGUtMTJiOC00ZGNjLThmMTAtMzBkZjYyNDI5ZGYw
LzEvWDdxdzA1LTJsNV9rMDlKSU9nRzkwOGs3N084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC6kwCjDl
Me+7P6g601TDEKSfegnxEl72Lrn1oo4ha18oO9tsN+ARdZ7I6PkzT5PnjIGpGZ5q
MsuvwzWZdAwgo8tBtSD0D9pDhYVVcAQyDGKPNIRmVcSLla1CjIpXmvE7g4YAm4s1
iMfWJlYgHQXWd/gI/hdieUGRgDNWQnARqiG270H7mrfFfRCW8qcql2zxiZtLYzOn
zODknVf/DwP3/lDpJS3UNj2R/xWkyWoLgLvng9MbOT5ST2iE0aALyeEBE5bQlHwe
KXEvZtTzqtv2F4rE+DAQn4bv0vaou05C/ESNkzVSA3X5+QkNrj2JGvKD4j/0mcXm
5cBsq5p0yXgB4Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:35:26 2025 by rpki-client