Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
File: xZKgYJDwFpQNMesbCbrhLZSxlbA.mft (raw, json)
Hash identifier: lL8z7kV0zJ9O2FnYws2kWhCaXe+3NBa00K08BScIM1I=
Subject key identifier: 5A:8B:92:A4:B2:CE:62:3A:13:AE:95:0C:CD:18:6D:7B:17:C4:B7:D5
Authority key identifier: C5:92:A0:60:90:F0:16:94:0D:31:EB:1B:09:BA:E1:2D:94:B1:95:B0
Certificate issuer: /CN=c592a06090f016940d31eb1b09bae12d94b195b0
Certificate serial: 019511352ED4AD1A46FA78EF6F29C1E1789E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
Manifest number: 0336
Signing time: Mon 17 Feb 2025 00:00:52 +0000
Manifest this update: Mon 17 Feb 2025 00:00:52 +0000
Manifest next update: Tue 18 Feb 2025 00:00:52 +0000
Files and hashes: 1: tOD7ZPqas8UpTT4bdLzx0MJD5rk.roa (hash: k/eXxf7557SFB+l+Q/mWhChu1kZsTZ07A3b0mG1jAsA=)
2: xZKgYJDwFpQNMesbCbrhLZSxlbA.crl (hash: CzlzpKV9a6WhdKxDmZt3vdRSX/17R5Y4tH5OArTfbv8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:35:2e:d4:ad:1a:46:fa:78:ef:6f:29:c1:e1:78:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592a06090f016940d31eb1b09bae12d94b195b0
Validity
Not Before: Feb 17 00:00:52 2025 GMT
Not After : Feb 18 00:00:52 2025 GMT
Subject: CN=5a8b92a4b2ce623a13ae950ccd186d7b17c4b7d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:19:d9:88:14:eb:92:8e:de:24:99:7c:04:de:
da:78:92:5e:0d:0e:60:07:88:8a:31:6e:31:f2:06:
41:b8:a9:6e:83:a9:2c:aa:ec:a6:52:66:1e:35:9b:
86:dc:5a:9a:0c:a4:e9:c0:4f:ca:a6:d6:ed:ca:5e:
71:2d:44:52:af:b4:55:9f:2e:4c:f3:6d:8c:c3:31:
85:97:c9:2f:46:93:46:9d:c2:51:74:fa:4f:21:4a:
33:6d:b1:13:0f:8a:ad:e2:cd:ee:f5:a7:28:7b:ee:
ad:a4:13:80:a7:a1:fd:d4:e6:49:81:a4:50:d9:34:
06:a8:89:73:cf:e0:1e:ef:29:8b:d0:69:3b:bb:4d:
01:16:89:df:66:b5:bb:7b:8c:f0:d2:23:de:fc:14:
48:0c:25:11:1c:99:0f:3c:fc:f4:6b:f5:84:5c:f8:
62:21:97:0b:78:7c:ea:ae:b5:ec:fa:25:91:37:bc:
01:e2:72:a5:ad:57:fd:74:86:6e:be:91:a1:b2:b9:
c8:cc:1a:d1:82:64:66:ba:52:03:1e:1e:69:ad:dc:
9a:3a:50:65:23:c3:7f:bf:35:d9:3f:91:16:d7:f9:
1c:8b:04:b0:4b:28:06:1d:74:84:2c:60:87:fe:e5:
52:b1:e4:31:2b:4c:6b:c4:b0:e4:40:dc:b8:60:be:
79:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8B:92:A4:B2:CE:62:3A:13:AE:95:0C:CD:18:6D:7B:17:C4:B7:D5
X509v3 Authority Key Identifier:
keyid:C5:92:A0:60:90:F0:16:94:0D:31:EB:1B:09:BA:E1:2D:94:B1:95:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:95:aa:61:d3:dc:09:bc:69:19:c3:0c:6d:7e:45:b1:ac:61:
1f:9a:08:d0:8d:35:d8:d5:b1:cf:61:6e:09:5e:63:17:fe:af:
2a:35:05:86:cc:1c:87:0a:92:9b:91:d3:40:7a:1a:7f:37:77:
a7:e5:e3:f4:c1:ac:10:ef:81:42:a8:c6:8f:a6:13:bd:95:69:
6e:54:44:d8:c5:26:b3:cd:87:8f:e4:de:28:30:d9:3c:98:9a:
d4:d1:b9:d4:93:a4:50:07:28:84:1d:39:00:64:0d:f1:a7:7d:
37:83:05:58:4b:22:e3:26:6c:8f:49:ed:d6:de:f4:6c:06:78:
a7:7d:58:4e:5b:c4:68:34:a3:7d:cd:4d:89:c0:57:b1:61:ac:
5e:7b:22:cc:67:2a:c3:6f:8b:cd:d3:fd:c4:34:0a:ca:f6:6c:
bb:b8:c4:66:83:0c:f5:2c:99:02:d8:3f:b0:b2:50:f4:64:b4:
45:3b:ed:17:6e:69:65:ad:96:a9:54:a0:b8:12:1a:21:cb:82:
7e:e7:8c:09:6c:eb:ce:81:33:de:62:fc:11:27:42:d3:ce:e7:
a7:56:d7:4a:8a:2f:39:76:0a:9a:39:f4:9d:55:06:62:1c:ce:
1c:5a:3d:4d:eb:98:ae:8f:52:78:95:80:43:8e:d3:61:52:4b:
14:2d:7c:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNS7UrRpG+njvbynB4XieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTJhMDYwOTBmMDE2OTQwZDMxZWIxYjA5YmFlMTJkOTRi
MTk1YjAwHhcNMjUwMjE3MDAwMDUyWhcNMjUwMjE4MDAwMDUyWjAzMTEwLwYDVQQD
Eyg1YThiOTJhNGIyY2U2MjNhMTNhZTk1MGNjZDE4NmQ3YjE3YzRiN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hnZiBTrko7eJJl8BN7aeJJeDQ5g
B4iKMW4x8gZBuKlug6ksquymUmYeNZuG3FqaDKTpwE/Kptbtyl5xLURSr7RVny5M
822MwzGFl8kvRpNGncJRdPpPIUozbbETD4qt4s3u9acoe+6tpBOAp6H91OZJgaRQ
2TQGqIlzz+Ae7ymL0Gk7u00BFonfZrW7e4zw0iPe/BRIDCURHJkPPPz0a/WEXPhi
IZcLeHzqrrXs+iWRN7wB4nKlrVf9dIZuvpGhsrnIzBrRgmRmulIDHh5prdyaOlBl
I8N/vzXZP5EW1/kciwSwSygGHXSELGCH/uVSseQxK0xrxLDkQNy4YL55YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqLkqSyzmI6E66VDM0YbXsXxLfVMB8GA1UdIwQY
MBaAFMWSoGCQ8BaUDTHrGwm64S2UsZWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83MDM5MDItNzA2MS00ZWNiLTlkZjEt
YzQ1NjIwMzI2NDkxLzEveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83MDM5MDItNzA2MS00ZWNiLTlkZjEtYzQ1NjIwMzI2NDkx
LzEveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqpWqYdPc
CbxpGcMMbX5FsaxhH5oI0I012NWxz2FuCV5jF/6vKjUFhswchwqSm5HTQHoafzd3
p+Xj9MGsEO+BQqjGj6YTvZVpblRE2MUms82Hj+TeKDDZPJia1NG51JOkUAcohB05
AGQN8ad9N4MFWEsi4yZsj0nt1t70bAZ4p31YTlvEaDSjfc1NicBXsWGsXnsizGcq
w2+LzdP9xDQKyvZsu7jEZoMM9SyZAtg/sLJQ9GS0RTvtF25pZa2WqVSguBIaIcuC
fueMCWzrzoEz3mL8ESdC087np1bXSoovOXYKmjn0nVUGYhzOHFo9TeuYro9SeJWA
Q47TYVJLFC18FA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:12 2025 by rpki-client