Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
File: XeYTaCVSAQKY86aUoA18WQYGC5U.mft (raw, json)
Hash identifier: 1phhc0JZC8IXbiQy7ga4Ev62X+f0qyE9AnGN+/XAvEY=
Subject key identifier: 4C:A5:71:AC:26:6E:64:2F:21:26:F7:A8:B9:85:85:96:80:3C:29:F0
Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
Certificate issuer: /CN=5de613682552010298f3a694a00d7c5906060b95
Certificate serial: 019754C7274C7B2C29C310AEE3D91AF3A82F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
Manifest number: 1585
Signing time: Mon 09 Jun 2025 13:00:27 +0000
Manifest this update: Mon 09 Jun 2025 13:00:27 +0000
Manifest next update: Tue 10 Jun 2025 13:00:27 +0000
Files and hashes: 1: XeYTaCVSAQKY86aUoA18WQYGC5U.crl (hash: M54npS3DYm0Za5dGevFfA/GMLznqHsygrjf1ufyvao0=)
2: auYlcZnEp-yqavQsok9_TPLHAq0.roa (hash: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 11:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:c7:27:4c:7b:2c:29:c3:10:ae:e3:d9:1a:f3:a8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5de613682552010298f3a694a00d7c5906060b95
Validity
Not Before: Jun 9 13:00:27 2025 GMT
Not After : Jun 10 13:00:27 2025 GMT
Subject: CN=4ca571ac266e642f2126f7a8b9858596803c29f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:50:5a:2c:2c:57:08:fd:1a:06:96:d5:e4:3c:
b2:3e:61:a3:36:8b:47:64:31:d7:a7:88:d0:bb:a5:
5d:a4:d4:ff:17:30:62:ee:c7:53:2c:65:9e:61:92:
d9:c4:b4:0d:15:5e:de:dd:4a:7a:f4:40:b8:6c:7b:
08:59:09:37:88:a3:07:40:58:b4:bd:13:93:34:47:
69:63:15:0b:11:5f:b4:fd:8f:3d:29:ff:68:63:a6:
8e:6b:ac:54:07:b9:2c:12:84:43:78:d2:7b:b2:9d:
11:6e:9b:9e:d4:37:97:1e:26:82:29:bb:80:b1:e6:
35:2b:31:5a:06:23:83:b7:59:65:c2:e8:1f:e3:07:
de:a9:fb:2b:0c:e1:85:7b:e0:68:e6:e4:a7:1c:aa:
b0:43:d2:fb:52:9c:8c:cf:b5:47:80:04:e0:61:35:
46:c6:72:be:e3:1e:49:48:16:cc:3d:7a:33:27:70:
11:8e:bb:df:3b:7b:16:68:da:8f:08:6e:c3:7b:90:
07:fa:22:90:fd:69:a7:17:7c:e9:f4:74:21:f6:a7:
eb:ed:b1:0a:d8:f0:a9:5f:33:1c:52:05:90:be:ce:
e3:54:ef:1f:9f:83:34:59:34:0e:e9:eb:38:11:80:
92:47:b9:2d:4f:57:39:86:fc:34:1c:66:96:7d:e8:
cb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A5:71:AC:26:6E:64:2F:21:26:F7:A8:B9:85:85:96:80:3C:29:F0
X509v3 Authority Key Identifier:
keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:bc:b2:6b:7f:b3:4f:ea:d7:cf:b5:c1:fb:f8:bc:47:cf:64:
d9:67:a1:e9:15:82:92:ed:d2:f2:76:1b:05:fd:01:41:3d:55:
43:0a:6f:bd:01:e3:54:35:92:ba:c6:41:f9:14:89:84:ff:21:
46:02:4d:db:5a:bc:7d:b1:04:21:85:a7:bb:7e:27:0c:fc:b8:
19:3d:a4:ca:33:a2:de:c6:c3:36:0c:d7:69:33:b7:d5:1b:8d:
c7:a3:89:07:33:60:0a:bd:05:2a:4a:39:f8:5e:36:da:b7:f1:
bb:8f:c7:1f:ea:c7:51:17:71:78:4d:8f:4f:1f:1d:79:e3:74:
b2:74:ea:8a:c3:a5:6d:33:ec:99:ba:e4:e6:af:43:ef:63:d6:
be:b8:78:e5:2d:bd:92:83:39:ae:78:0e:ec:33:2f:0c:0f:af:
c1:87:41:88:8c:55:50:62:9c:ad:7a:53:00:73:db:12:07:5e:
1a:39:09:36:88:27:db:98:32:14:05:35:c1:92:a9:fb:d8:ae:
ab:44:cd:b9:f9:c3:4f:75:9f:ae:c8:69:e8:11:c4:76:c1:d1:
d2:78:df:95:de:75:fb:98:84:07:3e:66:3f:71:ae:cb:fb:e1:
30:49:f4:1c:64:5e:a4:33:c1:fb:65:c5:28:40:c1:b9:08:59:
d5:a5:1a:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUxydMeywpwxCu49ka86gvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw
NjBiOTUwHhcNMjUwNjA5MTMwMDI3WhcNMjUwNjEwMTMwMDI3WjAzMTEwLwYDVQQD
Eyg0Y2E1NzFhYzI2NmU2NDJmMjEyNmY3YThiOTg1ODU5NjgwM2MyOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlBaLCxXCP0aBpbV5DyyPmGjNotH
ZDHXp4jQu6VdpNT/FzBi7sdTLGWeYZLZxLQNFV7e3Up69EC4bHsIWQk3iKMHQFi0
vROTNEdpYxULEV+0/Y89Kf9oY6aOa6xUB7ksEoRDeNJ7sp0Rbpue1DeXHiaCKbuA
seY1KzFaBiODt1llwugf4wfeqfsrDOGFe+Bo5uSnHKqwQ9L7UpyMz7VHgATgYTVG
xnK+4x5JSBbMPXozJ3ARjrvfO3sWaNqPCG7De5AH+iKQ/WmnF3zp9HQh9qfr7bEK
2PCpXzMcUgWQvs7jVO8fn4M0WTQO6es4EYCSR7ktT1c5hvw0HGaWfejLZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEylcawmbmQvISb3qLmFhZaAPCnwMB8GA1UdIwQY
MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt
MjIyOTVkZjEyYjI3LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3
LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhbyya3+z
T+rXz7XB+/i8R89k2Weh6RWCku3S8nYbBf0BQT1VQwpvvQHjVDWSusZB+RSJhP8h
RgJN21q8fbEEIYWnu34nDPy4GT2kyjOi3sbDNgzXaTO31RuNx6OJBzNgCr0FKko5
+F422rfxu4/HH+rHURdxeE2PTx8deeN0snTqisOlbTPsmbrk5q9D72PWvrh45S29
koM5rngO7DMvDA+vwYdBiIxVUGKcrXpTAHPbEgdeGjkJNogn25gyFAU1wZKp+9iu
q0TNufnDT3Wfrshp6BHEdsHR0njfld51+5iEBz5mP3Guy/vhMEn0HGRepDPB+2XF
KEDBuQhZ1aUa4w==
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:05:05 2025 by rpki-client