Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
File: xT4qugUV7JDRCREGD88pI2123d8.mft (raw, json)
Hash identifier: L6Ihr5LQWg/5JDwiNVtVAlk7T+7f89FgFNF4AxCJHsc=
Subject key identifier: 38:7D:7F:62:13:1E:12:FF:2A:C5:27:29:8C:15:5A:E3:F5:EB:4A:8E
Authority key identifier: C5:3E:2A:BA:05:15:EC:90:D1:09:11:06:0F:CF:29:23:6D:76:DD:DF
Certificate issuer: /CN=c53e2aba0515ec90d10911060fcf29236d76dddf
Certificate serial: 0194C3BE5117ABBB21CEFAFA47D94F5607AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xT4qugUV7JDRCREGD88pI2123d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
Manifest number: 0BE4
Signing time: Sat 01 Feb 2025 23:00:17 +0000
Manifest this update: Sat 01 Feb 2025 23:00:17 +0000
Manifest next update: Sun 02 Feb 2025 23:00:17 +0000
Files and hashes: 1: f0yhahkLcuZ1yoHAyLMFgYV-0C4.roa (hash: o3wGDB8+TAGkWavLVm8YXjs+gVitRLdf6b5WKa02EC8=)
2: xT4qugUV7JDRCREGD88pI2123d8.crl (hash: g7OFxQHJTQboL3Qm+9J4eMkpdCt+RoNpCp3F2aCk3L4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xT4qugUV7JDRCREGD88pI2123d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:be:51:17:ab:bb:21:ce:fa:fa:47:d9:4f:56:07:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53e2aba0515ec90d10911060fcf29236d76dddf
Validity
Not Before: Feb 1 23:00:17 2025 GMT
Not After : Feb 2 23:00:17 2025 GMT
Subject: CN=387d7f62131e12ff2ac527298c155ae3f5eb4a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9a:3f:62:e7:8d:82:4f:4e:b4:f0:7f:87:80:
6e:47:cf:36:6a:46:68:56:db:5d:d4:9f:84:09:3a:
2c:5c:48:89:41:cd:4e:12:72:21:4a:5b:a2:9e:37:
9b:c0:c0:5c:db:7a:1f:90:cf:c1:bb:18:6e:6d:1e:
29:c3:6b:70:ec:97:21:50:a2:b0:df:26:eb:29:4a:
a4:e6:a9:9f:c4:4e:4f:02:49:df:9b:e2:e3:81:96:
65:aa:5a:b6:3c:db:a6:fe:01:26:21:4a:27:04:29:
b5:37:d4:f4:82:7f:39:5b:6f:6f:76:d5:6a:46:3c:
b0:99:20:fb:e5:28:f7:51:1b:db:72:6c:07:8d:ab:
b7:e1:e1:d0:35:f5:87:8c:a8:cb:e4:68:aa:57:5a:
19:af:19:9b:a4:a9:0b:dc:8e:14:97:04:f4:82:2c:
8d:e9:66:28:6d:e4:b4:58:f7:63:62:ec:e9:c2:4a:
4c:3b:9e:23:06:1b:5f:d9:4a:bc:1a:7a:a0:9a:ee:
c7:9b:9a:cc:3d:ad:17:32:b6:a8:7d:62:11:ce:9f:
c5:45:96:fd:30:f1:29:cc:24:ba:2d:82:54:0c:f0:
09:80:20:b5:98:74:6b:fe:14:b6:57:e6:18:7d:c2:
d5:d8:b1:40:ac:6c:b4:38:21:fb:1e:d4:0d:a9:62:
e5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:7F:62:13:1E:12:FF:2A:C5:27:29:8C:15:5A:E3:F5:EB:4A:8E
X509v3 Authority Key Identifier:
keyid:C5:3E:2A:BA:05:15:EC:90:D1:09:11:06:0F:CF:29:23:6D:76:DD:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xT4qugUV7JDRCREGD88pI2123d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/908a62-f4e0-4985-9e34-12053ade9faf/1/xT4qugUV7JDRCREGD88pI2123d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:98:4c:b5:95:49:a0:0a:f1:34:a1:38:e4:2a:59:0c:47:42:
29:35:dc:66:2a:78:4f:b1:3b:8d:69:7c:c5:49:8b:bc:31:08:
8e:58:8d:3f:4e:64:54:80:9c:69:d4:43:d2:29:71:be:30:81:
00:4b:96:5c:e8:8e:4e:16:f9:84:09:a8:02:5d:33:82:39:d3:
fc:5b:3d:7e:23:dd:1f:4a:cf:8c:2c:5a:8f:87:51:24:d4:56:
e5:c2:47:0e:21:e7:03:f2:bc:83:20:90:3a:7a:96:dd:dd:f2:
ff:38:8f:f5:65:d0:e3:1b:e0:a8:f8:6a:00:12:ff:b1:8e:d1:
9f:3c:5c:04:86:1e:6f:5a:3d:77:37:e3:31:b0:d6:ab:b3:3b:
06:23:3f:b2:e9:d3:60:94:28:89:7c:58:62:30:44:c5:a1:e5:
89:36:79:61:5b:a8:7f:06:62:6d:dc:75:ed:2f:0c:e7:cc:26:
bd:28:c6:e5:21:d8:be:51:46:86:5e:e8:5b:4f:fa:fb:6a:fc:
af:c7:d8:71:6f:3f:e3:8e:f6:a9:9d:f0:83:07:ad:eb:48:56:
03:f6:9b:7f:b0:11:56:91:1e:28:f7:12:5c:90:b0:a7:e0:13:
91:98:13:3f:e1:d8:32:39:2c:9c:4c:8e:57:32:07:97:56:74:
23:ff:57:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDvlEXq7shzvr6R9lPVgetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2UyYWJhMDUxNWVjOTBkMTA5MTEwNjBmY2YyOTIzNmQ3
NmRkZGYwHhcNMjUwMjAxMjMwMDE3WhcNMjUwMjAyMjMwMDE3WjAzMTEwLwYDVQQD
EygzODdkN2Y2MjEzMWUxMmZmMmFjNTI3Mjk4YzE1NWFlM2Y1ZWI0YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Jo/YueNgk9OtPB/h4BuR882akZo
Vttd1J+ECTosXEiJQc1OEnIhSluinjebwMBc23ofkM/BuxhubR4pw2tw7JchUKKw
3ybrKUqk5qmfxE5PAknfm+LjgZZlqlq2PNum/gEmIUonBCm1N9T0gn85W29vdtVq
RjywmSD75Sj3URvbcmwHjau34eHQNfWHjKjL5GiqV1oZrxmbpKkL3I4UlwT0giyN
6WYobeS0WPdjYuzpwkpMO54jBhtf2Uq8Gnqgmu7Hm5rMPa0XMraofWIRzp/FRZb9
MPEpzCS6LYJUDPAJgCC1mHRr/hS2V+YYfcLV2LFArGy0OCH7HtQNqWLl/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDh9f2ITHhL/KsUnKYwVWuP160qOMB8GA1UdIwQY
MBaAFMU+KroFFeyQ0QkRBg/PKSNtdt3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFQ0cXVnVVY3SkRSQ1JFR0Q4OHBJMjEyM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85MDhhNjItZjRlMC00OTg1LTllMzQt
MTIwNTNhZGU5ZmFmLzEveFQ0cXVnVVY3SkRSQ1JFR0Q4OHBJMjEyM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85MDhhNjItZjRlMC00OTg1LTllMzQtMTIwNTNhZGU5ZmFm
LzEveFQ0cXVnVVY3SkRSQ1JFR0Q4OHBJMjEyM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5hMtZVJ
oArxNKE45CpZDEdCKTXcZip4T7E7jWl8xUmLvDEIjliNP05kVICcadRD0ilxvjCB
AEuWXOiOThb5hAmoAl0zgjnT/Fs9fiPdH0rPjCxaj4dRJNRW5cJHDiHnA/K8gyCQ
OnqW3d3y/ziP9WXQ4xvgqPhqABL/sY7RnzxcBIYeb1o9dzfjMbDWq7M7BiM/sunT
YJQoiXxYYjBExaHliTZ5YVuofwZibdx17S8M58wmvSjG5SHYvlFGhl7oW0/6+2r8
r8fYcW8/4472qZ3wgwet60hWA/abf7ARVpEeKPcSXJCwp+ATkZgTP+HYMjksnEyO
VzIHl1Z0I/9Xbw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 07:04:54 2025 by rpki-client