Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
File: XL1s2RrWpyhrIfZQn92fUP7nXYc.mft (raw, json)
Hash identifier: Jbn1ey2cB6L3wdKhnsa9ceF9DCOaJ07P+NKtakH8BNY=
Subject key identifier: 06:0B:8E:A9:7F:5E:26:B5:50:B4:F0:26:43:BE:55:B4:74:5E:57:D4
Authority key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Certificate issuer: /CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Certificate serial: 01964D7E84B9A6C76BC37918D20311FAFB7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
Manifest number: 1427
Signing time: Sat 19 Apr 2025 10:00:59 +0000
Manifest this update: Sat 19 Apr 2025 10:00:59 +0000
Manifest next update: Sun 20 Apr 2025 10:00:59 +0000
Files and hashes: 1: LfsV7f6LxRRDF8DgEB39eI0JGcY.roa (hash: 57HPzdZv/cmkcVMLJmynj7OnbXGj1b4sWVjtj2VnRws=)
2: XL1s2RrWpyhrIfZQn92fUP7nXYc.crl (hash: OKMXfnih7S8+qmIVIbgT3wxD2iorXcK29MhcIWfrubE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:7e:84:b9:a6:c7:6b:c3:79:18:d2:03:11:fa:fb:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Validity
Not Before: Apr 19 10:00:59 2025 GMT
Not After : Apr 20 10:00:59 2025 GMT
Subject: CN=060b8ea97f5e26b550b4f02643be55b4745e57d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:71:68:ae:98:d6:4a:86:78:5b:ae:1c:8b:b5:
99:8e:df:64:1c:e3:9d:78:37:1a:65:df:93:23:eb:
19:01:b9:a1:73:9c:99:15:1e:c0:45:f3:8b:78:fc:
c6:94:c7:7d:eb:51:2e:34:f6:6a:94:da:f0:99:21:
d7:a1:a1:f8:d5:89:57:31:d0:99:1b:a7:9d:ff:e3:
d2:2d:55:6e:35:89:c7:b7:b8:f7:02:37:8f:4e:4b:
7e:a7:aa:f0:07:ec:e8:e7:49:fb:65:06:55:be:85:
98:b3:49:08:b0:ff:7f:83:9e:2f:d5:23:8c:22:50:
85:16:71:a8:ef:aa:ec:0c:e6:72:6f:a8:e9:8f:47:
f2:2a:2a:06:9b:58:45:a0:10:e2:6a:ba:d4:ce:61:
33:7a:f7:94:ff:a0:a7:87:fa:71:81:7e:31:15:3c:
ea:5d:c0:89:9b:4b:c8:ff:41:43:09:07:1a:86:6f:
74:d4:18:74:f5:32:7e:51:51:25:91:c6:cf:e9:82:
05:fb:26:f6:af:b3:20:44:4d:ba:e5:f6:62:a2:cd:
af:56:e6:d5:e1:b6:6f:fb:0b:22:78:20:e9:03:3c:
eb:1c:25:82:38:df:46:56:00:73:59:3c:dc:82:77:
bc:e5:cb:c9:a1:29:fa:7e:2b:d4:da:81:78:b1:8e:
ac:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0B:8E:A9:7F:5E:26:B5:50:B4:F0:26:43:BE:55:B4:74:5E:57:D4
X509v3 Authority Key Identifier:
keyid:5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:3e:fe:a6:41:dc:61:21:f5:ec:98:ab:04:1a:47:15:44:1a:
e9:8c:56:10:2e:bd:7c:69:53:40:9a:c2:fd:90:75:c8:0e:a7:
29:fa:49:f6:50:2b:3c:a8:68:bb:4f:53:64:d1:b6:90:1b:02:
a1:5c:67:27:84:40:2c:3a:3b:ad:73:69:24:dc:52:8c:3c:b7:
61:a0:0f:d1:e1:6e:a8:45:d1:97:26:f9:95:e0:97:34:c8:aa:
14:d5:4b:c6:2b:a3:61:6b:91:f2:1d:9f:1f:d6:0a:2c:22:42:
04:c2:9b:57:ab:a9:0c:88:d9:00:45:64:ce:6e:b1:ee:ae:18:
84:36:44:74:bc:7d:25:b2:74:92:d8:72:fb:58:ce:fb:2d:fa:
54:13:e6:2d:5f:39:3b:7e:68:ae:b2:d9:ef:64:9b:c4:76:f8:
de:41:a0:fb:01:54:89:f7:4b:50:34:b3:04:c9:ca:5e:2a:8b:
3b:a4:ec:3c:1e:c1:f7:87:e7:bc:d7:11:62:4b:18:08:af:c6:
54:95:a1:05:46:90:33:e5:04:3d:aa:3c:27:61:f1:fb:74:df:
1a:a9:1e:e7:20:fe:c4:40:d3:4d:6c:d5:7c:d5:c2:59:d0:30:
ca:60:0a:ea:d2:9c:ea:a4:e2:d1:61:15:1c:36:06:23:4b:c0:
ee:47:84:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfoS5psdrw3kY0gMR+vt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmQ2Y2Q5MWFkNmE3Mjg2YjIxZjY1MDlmZGQ5ZjUwZmVl
NzVkODcwHhcNMjUwNDE5MTAwMDU5WhcNMjUwNDIwMTAwMDU5WjAzMTEwLwYDVQQD
EygwNjBiOGVhOTdmNWUyNmI1NTBiNGYwMjY0M2JlNTViNDc0NWU1N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHForpjWSoZ4W64ci7WZjt9kHOOd
eDcaZd+TI+sZAbmhc5yZFR7ARfOLePzGlMd961EuNPZqlNrwmSHXoaH41YlXMdCZ
G6ed/+PSLVVuNYnHt7j3AjePTkt+p6rwB+zo50n7ZQZVvoWYs0kIsP9/g54v1SOM
IlCFFnGo76rsDOZyb6jpj0fyKioGm1hFoBDiarrUzmEzeveU/6Cnh/pxgX4xFTzq
XcCJm0vI/0FDCQcahm901Bh09TJ+UVElkcbP6YIF+yb2r7MgRE265fZios2vVubV
4bZv+wsieCDpAzzrHCWCON9GVgBzWTzcgne85cvJoSn6fivU2oF4sY6s+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAYLjql/Xia1ULTwJkO+VbR0XlfUMB8GA1UdIwQY
MBaAFFy9bNka1qcoayH2UJ/dn1D+512HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQt
ZmJhMDc0YmExYjkwLzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lMDIyM2EtMzFmZC00Y2FjLTgxNjQtZmJhMDc0YmExYjkw
LzEvWEwxczJScldweWhySWZaUW45MmZVUDduWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAej7+pkHc
YSH17JirBBpHFUQa6YxWEC69fGlTQJrC/ZB1yA6nKfpJ9lArPKhou09TZNG2kBsC
oVxnJ4RALDo7rXNpJNxSjDy3YaAP0eFuqEXRlyb5leCXNMiqFNVLxiujYWuR8h2f
H9YKLCJCBMKbV6upDIjZAEVkzm6x7q4YhDZEdLx9JbJ0kthy+1jO+y36VBPmLV85
O35orrLZ72SbxHb43kGg+wFUifdLUDSzBMnKXiqLO6TsPB7B94fnvNcRYksYCK/G
VJWhBUaQM+UEPao8J2Hx+3TfGqke5yD+xEDTTWzVfNXCWdAwymAK6tKc6qTi0WEV
HDYGI0vA7keEqA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:35:59 2025 by rpki-client