Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/13dc38-2e75-4b07-bef0-e1ea453c5257/1/XfnoVvBJXISQ1RJOjPuvCNcN-xc.mft
File: XfnoVvBJXISQ1RJOjPuvCNcN-xc.mft (raw, json)
Hash identifier: H76DgbCvTAU1K6sKZBjzvZ0KLYslNNJ4mzDubeMA0Qw=
Subject key identifier: E1:AB:F8:EE:77:E1:78:DB:F3:38:B3:D4:28:F7:87:EA:31:37:45:11
Authority key identifier: 5D:F9:E8:56:F0:49:5C:84:90:D5:12:4E:8C:FB:AF:08:D7:0D:FB:17
Certificate issuer: /CN=5df9e856f0495c8490d5124e8cfbaf08d70dfb17
Certificate serial: 01965B03C9D980F364D8B5553DEFCECA92E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfnoVvBJXISQ1RJOjPuvCNcN-xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/13dc38-2e75-4b07-bef0-e1ea453c5257/1/XfnoVvBJXISQ1RJOjPuvCNcN-xc.mft
Manifest number: DE
Signing time: Tue 22 Apr 2025 01:01:36 +0000
Manifest this update: Tue 22 Apr 2025 01:01:36 +0000
Manifest next update: Wed 23 Apr 2025 01:01:36 +0000
Files and hashes: 1: X7HkSzc73grEKj4u4ebonuY_N3k.roa (hash: OyEQG3xPXjnpnin1BNjI7sPjB8DI9jWlTT019Ki3K7k=)
2: XfnoVvBJXISQ1RJOjPuvCNcN-xc.crl (hash: VR6t9O1NQ3k7CjY555iS9r0VTYTUFDSEi5uZABZn4Co=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/13dc38-2e75-4b07-bef0-e1ea453c5257/1/XfnoVvBJXISQ1RJOjPuvCNcN-xc.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/13dc38-2e75-4b07-bef0-e1ea453c5257/1/XfnoVvBJXISQ1RJOjPuvCNcN-xc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XfnoVvBJXISQ1RJOjPuvCNcN-xc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5b:03:c9:d9:80:f3:64:d8:b5:55:3d:ef:ce:ca:92:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df9e856f0495c8490d5124e8cfbaf08d70dfb17
Validity
Not Before: Apr 22 01:01:36 2025 GMT
Not After : Apr 23 01:01:36 2025 GMT
Subject: CN=e1abf8ee77e178dbf338b3d428f787ea31374511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0d:3f:87:5e:2a:03:b4:35:35:41:f1:81:e2:
1d:55:de:e7:94:31:25:36:18:d4:cb:a8:50:d2:72:
bb:25:bc:f8:b3:4a:99:85:00:65:da:6e:39:f6:0b:
1f:6d:32:0e:b0:9b:72:44:d5:13:ef:73:67:1e:a9:
e8:34:d9:10:ee:62:25:b4:38:9b:96:dc:96:66:98:
36:5b:8a:82:d1:d9:5f:45:fe:49:a6:2a:5d:91:18:
bc:a8:9d:c3:d6:f9:81:ec:28:37:49:73:56:f7:30:
70:07:3b:bd:5f:07:6c:42:32:9d:22:64:ad:bf:5a:
e0:a2:3c:e0:d1:dd:85:fd:7a:ee:b9:84:dc:5e:e3:
6b:b9:60:22:59:ff:8c:ce:75:af:ec:54:67:d8:ad:
42:98:e3:33:ce:c2:37:2e:0d:e7:22:34:d1:77:ef:
0c:b9:49:b6:6d:20:76:18:8d:ad:18:64:60:96:12:
1e:b3:d3:c2:44:0e:2b:ce:6b:75:e1:3f:25:cc:1f:
46:70:84:41:69:47:1a:66:a1:c3:b5:a2:c1:33:d1:
c3:d4:e5:f4:ec:ae:d9:39:2c:3e:ee:ac:b4:c9:6c:
71:27:fe:7c:fb:bf:f9:e9:26:c2:84:34:8c:63:09:
78:96:0f:3b:74:14:4d:15:54:da:18:d2:74:fd:b8:
2b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:AB:F8:EE:77:E1:78:DB:F3:38:B3:D4:28:F7:87:EA:31:37:45:11
X509v3 Authority Key Identifier:
keyid:5D:F9:E8:56:F0:49:5C:84:90:D5:12:4E:8C:FB:AF:08:D7:0D:FB:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfnoVvBJXISQ1RJOjPuvCNcN-xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/13dc38-2e75-4b07-bef0-e1ea453c5257/1/XfnoVvBJXISQ1RJOjPuvCNcN-xc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/13dc38-2e75-4b07-bef0-e1ea453c5257/1/XfnoVvBJXISQ1RJOjPuvCNcN-xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:ff:6d:1b:8a:20:5f:3f:6f:db:51:3f:2f:60:e9:aa:b8:9b:
08:25:b2:27:ea:c4:93:96:c2:3b:c3:46:f8:1f:f6:d8:f1:92:
42:a1:b5:bb:67:56:ba:a7:10:4f:80:85:e0:12:81:02:95:f1:
61:a7:df:06:fa:80:6f:72:8a:91:75:ae:b8:72:63:48:ad:6b:
47:6a:68:0c:6a:55:33:1d:0d:a5:62:fc:23:95:ff:07:96:7f:
a0:b4:4f:91:5b:1f:be:25:29:8b:d0:2f:24:58:37:07:b5:f8:
aa:a2:66:f4:9a:d1:80:c7:46:c1:7e:72:89:2a:2b:86:46:4a:
97:f7:6a:71:59:83:21:e0:ae:7d:52:67:4e:0f:b4:51:b6:0a:
55:6f:06:8e:46:5e:d1:5a:49:ff:4c:91:df:37:06:06:ac:31:
d9:b6:f7:88:b4:12:20:d1:ec:ba:94:52:99:c4:74:13:a9:a6:
05:75:51:20:22:b4:e9:17:49:bf:fa:b4:de:57:f8:8f:83:e2:
5f:8d:e1:42:e2:07:cf:d9:c8:e4:56:d3:ca:2c:a8:69:76:6d:
d3:db:b4:38:b7:a9:39:49:59:a2:d0:55:56:06:0a:03:ac:00:
4f:a5:3e:1e:72:86:e1:a6:3e:7d:c4:d6:b2:03:2b:91:63:09:
d8:83:7c:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbA8nZgPNk2LVVPe/OypLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjllODU2ZjA0OTVjODQ5MGQ1MTI0ZThjZmJhZjA4ZDcw
ZGZiMTcwHhcNMjUwNDIyMDEwMTM2WhcNMjUwNDIzMDEwMTM2WjAzMTEwLwYDVQQD
EyhlMWFiZjhlZTc3ZTE3OGRiZjMzOGIzZDQyOGY3ODdlYTMxMzc0NTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ0/h14qA7Q1NUHxgeIdVd7nlDEl
NhjUy6hQ0nK7Jbz4s0qZhQBl2m459gsfbTIOsJtyRNUT73NnHqnoNNkQ7mIltDib
ltyWZpg2W4qC0dlfRf5JpipdkRi8qJ3D1vmB7Cg3SXNW9zBwBzu9XwdsQjKdImSt
v1rgojzg0d2F/XruuYTcXuNruWAiWf+MznWv7FRn2K1CmOMzzsI3Lg3nIjTRd+8M
uUm2bSB2GI2tGGRglhIes9PCRA4rzmt14T8lzB9GcIRBaUcaZqHDtaLBM9HD1OX0
7K7ZOSw+7qy0yWxxJ/58+7/56SbChDSMYwl4lg87dBRNFVTaGNJ0/bgr+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGr+O534Xjb8ziz1Cj3h+oxN0URMB8GA1UdIwQY
MBaAFF356FbwSVyEkNUSToz7rwjXDfsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZub1Z2QkpYSVNRMVJKT2pQdXZDTmNOLXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xM2RjMzgtMmU3NS00YjA3LWJlZjAt
ZTFlYTQ1M2M1MjU3LzEvWGZub1Z2QkpYSVNRMVJKT2pQdXZDTmNOLXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xM2RjMzgtMmU3NS00YjA3LWJlZjAtZTFlYTQ1M2M1MjU3
LzEvWGZub1Z2QkpYSVNRMVJKT2pQdXZDTmNOLXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdf9tG4og
Xz9v21E/L2DpqribCCWyJ+rEk5bCO8NG+B/22PGSQqG1u2dWuqcQT4CF4BKBApXx
YaffBvqAb3KKkXWuuHJjSK1rR2poDGpVMx0NpWL8I5X/B5Z/oLRPkVsfviUpi9Av
JFg3B7X4qqJm9JrRgMdGwX5yiSorhkZKl/dqcVmDIeCufVJnTg+0UbYKVW8GjkZe
0VpJ/0yR3zcGBqwx2bb3iLQSINHsupRSmcR0E6mmBXVRICK06RdJv/q03lf4j4Pi
X43hQuIHz9nI5FbTyiyoaXZt09u0OLepOUlZotBVVgYKA6wAT6U+HnKG4aY+fcTW
sgMrkWMJ2IN8tA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:37:27 2025 by rpki-client