Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json)
Hash identifier: bKX3cAHXigO32Da41QwXvd9zWVAJVqvBvoYoYvsnuVU=
Subject key identifier: B4:52:A5:4A:91:37:69:5A:C6:53:90:7D:59:E5:BC:49:2F:45:2D:EA
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 019650B65C0818367B0F507769A49E8D1B02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
Manifest number: 11A8
Signing time: Sun 20 Apr 2025 01:00:50 +0000
Manifest this update: Sun 20 Apr 2025 01:00:50 +0000
Manifest next update: Mon 21 Apr 2025 01:00:50 +0000
Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=)
2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: 5VIHqoubpnw2Hy0KdfUcXKcjluHYFYPpAwV71zkYnR4=)
3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:50:b6:5c:08:18:36:7b:0f:50:77:69:a4:9e:8d:1b:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Apr 20 01:00:50 2025 GMT
Not After : Apr 21 01:00:50 2025 GMT
Subject: CN=b452a54a9137695ac653907d59e5bc492f452dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:58:fd:4a:5d:b0:1c:60:38:58:10:5f:d3:be:
99:4c:5d:d5:92:12:d5:f3:6c:dc:ed:e3:05:9a:d8:
24:f3:b6:14:d5:6b:45:c8:53:2f:6a:6e:83:67:80:
51:9d:e6:ec:fd:40:4e:55:57:36:a5:34:5a:6a:c7:
d7:f3:1e:d3:79:46:6b:95:a4:a9:82:31:95:7f:51:
b6:9c:6b:11:6b:ad:63:80:44:b0:a3:c1:f6:a2:4f:
77:a5:d1:f0:a3:b1:08:0d:b2:57:c3:70:b3:f2:07:
10:34:21:6d:f4:30:aa:ca:48:2e:65:15:b4:84:cd:
01:29:e9:d7:8e:c1:fc:c1:14:f9:9d:6a:a4:e0:2b:
1a:27:f4:f0:17:d3:d5:3f:b3:a6:4c:64:56:cf:84:
e6:1b:d6:d3:2f:13:e9:2c:a7:af:91:f2:dd:62:e4:
59:73:6b:73:e1:6a:3a:cd:4b:94:03:5e:91:bc:41:
c5:73:1b:7f:25:3d:2a:2c:b1:6e:ca:e0:c9:d3:de:
8a:e1:d2:a0:9e:c0:ba:a7:a7:b6:77:57:9b:37:c5:
ca:f0:9c:2c:ea:57:b0:a0:1b:11:19:40:ea:62:7c:
78:60:51:65:33:fc:c5:fd:40:b0:ee:85:c8:fd:eb:
58:d5:bd:22:45:67:d1:3d:d4:5b:04:fa:bb:27:a7:
a7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:52:A5:4A:91:37:69:5A:C6:53:90:7D:59:E5:BC:49:2F:45:2D:EA
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:6f:16:0b:4e:55:24:ac:5e:2c:fd:0a:9f:93:e2:47:f0:71:
d5:84:ea:fa:eb:72:35:4f:a4:e9:0a:2d:ed:5c:c6:bd:d7:e2:
f3:42:50:af:9e:35:56:f2:f7:d9:07:2d:92:fd:31:47:45:b9:
17:25:8c:c1:a8:76:30:5c:f6:3a:e7:2c:0a:33:c3:70:17:42:
12:7c:5e:14:ee:47:c1:dc:bc:de:43:41:ca:49:92:2b:a8:21:
c6:2f:c6:48:32:de:86:6b:dd:f2:05:bb:c7:8b:de:fa:1d:13:
f0:b0:a7:17:3e:1e:fd:9b:bc:e4:a6:3d:7f:42:72:8b:bd:01:
24:c5:e1:fc:0c:ae:2e:41:98:09:e9:aa:d7:a7:95:87:19:8f:
50:df:cd:27:cc:73:d2:c4:fb:55:ce:dc:d0:00:b1:e4:b5:9f:
90:d5:f3:b2:fe:e6:49:7b:dd:25:e7:74:af:ef:ff:d4:51:c7:
4c:50:93:4a:be:55:77:1c:01:14:ca:85:45:c2:3c:24:17:2c:
a9:50:4b:c5:27:41:ce:3e:ea:c1:69:33:6d:09:0b:62:76:f4:
c4:87:6e:e6:72:d8:c6:a3:9f:3b:20:f7:30:ec:d8:5f:da:9a:
52:4b:b0:3b:ed:bd:7d:43:13:56:cd:17:34:1b:7f:c6:d0:d6:
46:d3:f7:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQtlwIGDZ7D1B3aaSejRsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjUwNDIwMDEwMDUwWhcNMjUwNDIxMDEwMDUwWjAzMTEwLwYDVQQD
EyhiNDUyYTU0YTkxMzc2OTVhYzY1MzkwN2Q1OWU1YmM0OTJmNDUyZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1j9Sl2wHGA4WBBf076ZTF3VkhLV
82zc7eMFmtgk87YU1WtFyFMvam6DZ4BRnebs/UBOVVc2pTRaasfX8x7TeUZrlaSp
gjGVf1G2nGsRa61jgESwo8H2ok93pdHwo7EIDbJXw3Cz8gcQNCFt9DCqykguZRW0
hM0BKenXjsH8wRT5nWqk4CsaJ/TwF9PVP7OmTGRWz4TmG9bTLxPpLKevkfLdYuRZ
c2tz4Wo6zUuUA16RvEHFcxt/JT0qLLFuyuDJ096K4dKgnsC6p6e2d1ebN8XK8Jws
6lewoBsRGUDqYnx4YFFlM/zF/UCw7oXI/etY1b0iRWfRPdRbBPq7J6enCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRSpUqRN2laxlOQfVnlvEkvRS3qMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMW8WC05V
JKxeLP0Kn5PiR/Bx1YTq+utyNU+k6Qot7VzGvdfi80JQr541VvL32Qctkv0xR0W5
FyWMwah2MFz2OucsCjPDcBdCEnxeFO5Hwdy83kNBykmSK6ghxi/GSDLehmvd8gW7
x4ve+h0T8LCnFz4e/Zu85KY9f0Jyi70BJMXh/AyuLkGYCemq16eVhxmPUN/NJ8xz
0sT7Vc7c0ACx5LWfkNXzsv7mSXvdJed0r+//1FHHTFCTSr5VdxwBFMqFRcI8JBcs
qVBLxSdBzj7qwWkzbQkLYnb0xIdu5nLYxqOfOyD3MOzYX9qaUkuwO+29fUMTVs0X
NBt/xtDWRtP3YQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:10 2025 by rpki-client