Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
File: XcYkXKggiZ1-tBQDAsIQQbXbygY.mft (raw, json)
Hash identifier: NjskMgMQpM+1+BSyIXxEw2Lp5HNpDB1LJH4RhuOrIMs=
Subject key identifier: FA:B8:64:F3:A6:3E:A1:E5:B7:D0:52:83:E1:F5:C6:AB:D2:ED:62:90
Authority key identifier: 5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
Certificate issuer: /CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Certificate serial: 0196583876A2A5ACC9C296131CA3E00F7515
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
Manifest number: 04EA
Signing time: Mon 21 Apr 2025 12:00:17 +0000
Manifest this update: Mon 21 Apr 2025 12:00:17 +0000
Manifest next update: Tue 22 Apr 2025 12:00:17 +0000
Files and hashes: 1: XcYkXKggiZ1-tBQDAsIQQbXbygY.crl (hash: 9uFAue9iv/Z/iTkTx9viwp6fFZrMtvTsIigEP6urCSQ=)
2: p3q-BDwRqsq597BmScWC04Uizbg.roa (hash: vEfpkI+83ThIFnHcYAP8l+1vWWpuU+kEjWNLTSj4mUg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:38:76:a2:a5:ac:c9:c2:96:13:1c:a3:e0:0f:75:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc6245ca820899d7eb4140302c21041b5dbca06
Validity
Not Before: Apr 21 12:00:17 2025 GMT
Not After : Apr 22 12:00:17 2025 GMT
Subject: CN=fab864f3a63ea1e5b7d05283e1f5c6abd2ed6290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f5:b5:e5:e1:99:5c:4c:b0:ba:83:02:4b:11:
7b:b2:f7:4e:fe:10:0c:4b:81:d9:54:fe:9d:cd:bf:
ff:22:bc:78:24:60:da:97:51:68:72:1b:a7:3e:6a:
6c:e8:18:66:c6:f9:08:05:f0:2a:e9:5c:69:3f:9d:
3e:bf:f2:0e:04:a5:b5:7a:2a:ec:84:c2:20:4b:e3:
2d:1b:d0:c9:49:2a:d0:d8:1e:eb:4c:21:77:13:41:
66:22:83:20:58:f0:db:29:56:c0:50:5f:4a:ac:cd:
cb:45:ae:a4:96:ec:a8:67:70:7c:2e:0d:ab:fe:a8:
9d:e7:06:a4:87:b0:de:78:ac:5e:ee:18:94:0e:0e:
3c:e3:d7:bc:2b:ff:3d:49:2e:e9:57:31:2e:63:c2:
5a:8d:c3:5e:51:b8:a3:e1:1b:fa:ea:e2:31:e1:0c:
25:e3:06:d9:43:b4:ba:8a:18:5e:4c:68:9a:2b:7b:
dd:58:34:db:d7:69:9f:fc:33:37:57:94:6f:01:26:
20:3a:7f:d7:09:d4:63:5b:be:6a:a5:bd:87:90:3f:
86:3e:12:46:06:5c:3e:c9:b9:36:f2:39:0b:6e:92:
f0:e2:c0:df:bf:e5:df:45:f8:0a:c0:22:ae:b0:9f:
09:3b:4f:c2:e7:29:8f:28:38:d6:5d:8f:d6:be:92:
68:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B8:64:F3:A6:3E:A1:E5:B7:D0:52:83:E1:F5:C6:AB:D2:ED:62:90
X509v3 Authority Key Identifier:
keyid:5D:C6:24:5C:A8:20:89:9D:7E:B4:14:03:02:C2:10:41:B5:DB:CA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcYkXKggiZ1-tBQDAsIQQbXbygY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8a430f-40c5-474b-8fd9-074ed70b4673/1/XcYkXKggiZ1-tBQDAsIQQbXbygY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:7d:be:5c:97:bf:ec:36:57:de:47:60:08:e4:b7:bf:bc:d3:
17:83:7e:de:99:3d:4d:f3:03:41:5a:77:fc:2c:bd:16:cd:21:
c9:5a:f2:59:b0:a4:93:1b:e9:2b:30:a5:0c:60:7b:8f:00:7f:
0e:a2:0f:ac:db:86:20:92:fe:c0:0f:e8:96:0d:b0:48:5f:93:
21:5a:80:cc:22:4e:f4:ca:93:10:56:92:04:dd:28:d0:9a:a7:
3c:65:83:63:ab:0f:02:2c:f6:eb:03:6b:7a:ea:77:dc:ca:80:
d8:ff:8f:53:a1:67:af:db:fe:75:16:44:be:8a:ea:06:5a:f4:
d5:98:16:0b:1e:99:ac:0d:48:a1:48:23:a4:c9:8f:4d:07:11:
b7:b3:f3:e9:59:27:d9:4d:82:a2:59:68:88:51:82:4d:81:6e:
98:6d:f6:02:c8:5f:15:78:cf:f0:06:b5:bd:7a:1d:46:bd:24:
c2:ec:0e:c7:a6:56:f7:56:35:88:70:69:5c:5d:30:6b:f8:c0:
0b:a2:da:65:fb:05:89:51:8b:d1:9c:82:5c:e2:1e:1b:2f:14:
c2:ca:7a:03:e0:31:e7:4f:da:a1:b9:08:35:50:eb:f7:47:f8:
27:13:d6:a7:f9:75:fc:53:a7:0c:64:90:4e:5e:85:cf:e3:e5:
cb:67:ea:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYOHaipazJwpYTHKPgD3UVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzYyNDVjYTgyMDg5OWQ3ZWI0MTQwMzAyYzIxMDQxYjVk
YmNhMDYwHhcNMjUwNDIxMTIwMDE3WhcNMjUwNDIyMTIwMDE3WjAzMTEwLwYDVQQD
EyhmYWI4NjRmM2E2M2VhMWU1YjdkMDUyODNlMWY1YzZhYmQyZWQ2MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvW15eGZXEywuoMCSxF7svdO/hAM
S4HZVP6dzb//Irx4JGDal1FochunPmps6BhmxvkIBfAq6VxpP50+v/IOBKW1eirs
hMIgS+MtG9DJSSrQ2B7rTCF3E0FmIoMgWPDbKVbAUF9KrM3LRa6kluyoZ3B8Lg2r
/qid5wakh7DeeKxe7hiUDg4849e8K/89SS7pVzEuY8JajcNeUbij4Rv66uIx4Qwl
4wbZQ7S6ihheTGiaK3vdWDTb12mf/DM3V5RvASYgOn/XCdRjW75qpb2HkD+GPhJG
Blw+ybk28jkLbpLw4sDfv+XfRfgKwCKusJ8JO0/C5ymPKDjWXY/WvpJozQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPq4ZPOmPqHlt9BSg+H1xqvS7WKQMB8GA1UdIwQY
MBaAFF3GJFyoIImdfrQUAwLCEEG128oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDkt
MDc0ZWQ3MGI0NjczLzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84YTQzMGYtNDBjNS00NzRiLThmZDktMDc0ZWQ3MGI0Njcz
LzEvWGNZa1hLZ2dpWjEtdEJRREFzSVFRYlhieWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYn2+XJe/
7DZX3kdgCOS3v7zTF4N+3pk9TfMDQVp3/Cy9Fs0hyVryWbCkkxvpKzClDGB7jwB/
DqIPrNuGIJL+wA/olg2wSF+TIVqAzCJO9MqTEFaSBN0o0JqnPGWDY6sPAiz26wNr
eup33MqA2P+PU6Fnr9v+dRZEvorqBlr01ZgWCx6ZrA1IoUgjpMmPTQcRt7Pz6Vkn
2U2ColloiFGCTYFumG32AshfFXjP8Aa1vXodRr0kwuwOx6ZW91Y1iHBpXF0wa/jA
C6LaZfsFiVGL0ZyCXOIeGy8Uwsp6A+Ax50/aobkINVDr90f4JxPWp/l1/FOnDGSQ
Tl6Fz+Ply2fqiw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:22:51 2025 by rpki-client