Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File: xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier: SEtCe0Bq468QPD7OdzDcsxtd8ioGzI4kHz1+qpOcnr0=
Subject key identifier: 10:4A:B9:47:3C:4D:95:83:7A:AD:FD:E7:9E:7B:18:50:3F:99:6F:C6
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer: /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial: 019650485C64B1E0701C67159912E94AFF5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number: 0596
Signing time: Sat 19 Apr 2025 23:00:41 +0000
Manifest this update: Sat 19 Apr 2025 23:00:41 +0000
Manifest next update: Sun 20 Apr 2025 23:00:41 +0000
Files and hashes: 1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: tFgOmAVzq7Kb0rhAnciMBWz/VxIoYSiiGiKXygt3CZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:50:48:5c:64:b1:e0:70:1c:67:15:99:12:e9:4a:ff:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Validity
Not Before: Apr 19 23:00:41 2025 GMT
Not After : Apr 20 23:00:41 2025 GMT
Subject: CN=104ab9473c4d95837aadfde79e7b18503f996fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fb:01:f2:bf:b9:75:b3:3d:ee:10:5a:05:27:
a6:e7:53:33:89:6b:6c:c3:0f:bf:a7:4d:43:af:33:
f2:28:7d:a2:77:27:e4:80:b3:b1:96:a8:c5:f8:8c:
0c:29:b4:03:fb:13:e8:43:a9:a3:3c:74:7c:89:aa:
d7:3f:9c:c2:cd:9e:0f:be:51:a1:23:a9:7c:7b:a5:
d5:5b:75:6b:62:a2:2e:2f:1e:e8:3e:dc:25:fb:a0:
84:88:df:0d:41:47:dc:09:b2:90:72:fd:ab:9f:d8:
0c:9b:2a:ea:40:a3:48:88:34:0d:24:58:b1:13:2c:
68:b4:88:29:bb:c3:f2:47:ad:80:e1:d8:9b:97:6c:
2e:91:5b:d6:14:71:ec:24:d4:bd:ad:85:11:63:fc:
ac:80:57:a1:dd:dc:a7:52:88:fa:39:33:ad:a4:be:
0e:11:1d:85:76:ea:2a:48:07:e3:c2:79:49:78:67:
27:6f:40:ae:4f:44:db:58:db:52:7c:db:f5:03:21:
54:0d:14:2f:be:5f:23:01:7f:3a:d6:24:cc:79:9b:
90:d4:ec:fe:0d:c9:6b:ac:4f:65:01:60:6d:38:a0:
41:4a:29:ae:6e:67:bf:d1:ac:9a:53:c6:ab:b4:d3:
33:5c:c5:ea:e6:9a:c7:6d:3a:9a:c2:e1:f2:03:d3:
5c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:4A:B9:47:3C:4D:95:83:7A:AD:FD:E7:9E:7B:18:50:3F:99:6F:C6
X509v3 Authority Key Identifier:
keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:1e:d6:aa:4a:70:ae:81:f0:83:1f:f3:17:88:c3:46:82:cf:
c6:c6:5a:75:24:40:4a:57:a3:1d:0f:b3:95:7b:9f:90:1d:07:
51:73:fb:a2:b7:e1:6b:88:07:44:d7:b2:23:18:98:48:06:e3:
4b:dd:5e:1e:9c:ed:d5:2e:a7:ef:35:f4:64:b6:63:9a:b0:af:
bd:f6:61:d3:ad:5e:b7:44:04:3d:f4:6a:bd:28:fa:67:66:db:
83:45:f0:3a:5c:df:a1:66:20:ec:92:43:80:36:21:8d:8b:5c:
0d:d0:dc:ba:b1:13:f8:ff:c4:07:03:49:f0:29:c1:50:52:54:
f0:5c:d2:3d:4d:22:39:ab:3d:6d:2e:e9:28:d2:78:67:f9:57:
19:8c:91:79:e8:13:8f:2e:a6:be:bf:94:bd:77:f8:26:aa:d8:
7e:98:f7:c6:92:28:78:5b:06:34:08:44:31:ec:1a:7d:4e:0e:
e3:64:71:ab:71:d8:80:46:24:24:6c:9a:9d:42:b8:6a:67:28:
99:dd:ea:c9:1d:4a:07:f3:ce:dd:dd:2f:b1:d8:bd:77:5a:0a:
e9:cd:1f:db:1e:3b:d6:95:04:75:7a:5b:56:8d:ae:d6:7c:84:
eb:31:8f:27:d6:47:88:e2:de:83:3f:13:cc:17:e4:8c:8e:4e:
5d:38:30:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQSFxkseBwHGcVmRLpSv9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwNDE5MjMwMDQxWhcNMjUwNDIwMjMwMDQxWjAzMTEwLwYDVQQD
EygxMDRhYjk0NzNjNGQ5NTgzN2FhZGZkZTc5ZTdiMTg1MDNmOTk2ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfsB8r+5dbM97hBaBSem51MziWts
ww+/p01DrzPyKH2idyfkgLOxlqjF+IwMKbQD+xPoQ6mjPHR8iarXP5zCzZ4PvlGh
I6l8e6XVW3VrYqIuLx7oPtwl+6CEiN8NQUfcCbKQcv2rn9gMmyrqQKNIiDQNJFix
EyxotIgpu8PyR62A4dibl2wukVvWFHHsJNS9rYURY/ysgFeh3dynUoj6OTOtpL4O
ER2FduoqSAfjwnlJeGcnb0CuT0TbWNtSfNv1AyFUDRQvvl8jAX861iTMeZuQ1Oz+
DclrrE9lAWBtOKBBSimubme/0ayaU8artNMzXMXq5prHbTqawuHyA9NceQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBKuUc8TZWDeq395557GFA/mW/GMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArB7Wqkpw
roHwgx/zF4jDRoLPxsZadSRASlejHQ+zlXufkB0HUXP7orfha4gHRNeyIxiYSAbj
S91eHpzt1S6n7zX0ZLZjmrCvvfZh061et0QEPfRqvSj6Z2bbg0XwOlzfoWYg7JJD
gDYhjYtcDdDcurET+P/EBwNJ8CnBUFJU8FzSPU0iOas9bS7pKNJ4Z/lXGYyReegT
jy6mvr+UvXf4JqrYfpj3xpIoeFsGNAhEMewafU4O42Rxq3HYgEYkJGyanUK4amco
md3qyR1KB/PO3d0vsdi9d1oK6c0f2x471pUEdXpbVo2u1nyE6zGPJ9ZHiOLegz8T
zBfkjI5OXTgwiQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:52 2025 by rpki-client