Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
File: lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft (raw, json)
Hash identifier: +grKKKVI8AbOFEUSa8+IlmVt2SaAG6/XGsCCLcPGABs=
Subject key identifier: 12:31:2D:2D:33:F2:9D:9C:89:F9:09:4D:3A:58:22:C8:6A:89:DA:92
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 01963F54FC1611427AC650A0F8E48FA50EDB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
Manifest number: 14F3
Signing time: Wed 16 Apr 2025 16:00:56 +0000
Manifest this update: Wed 16 Apr 2025 16:00:56 +0000
Manifest next update: Thu 17 Apr 2025 16:00:56 +0000
Files and hashes: 1: Fs8XEPRvhs2sBrhxNlZzi8XKons.roa (hash: C0hFaordL7p5SUJfrTELAa9KIVrov4I7azhDmZ9FUrw=)
2: lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl (hash: KI3Z1Wd+IyIcLHU+gEajkeNH79MdxdomG7teTtff8oE=)
3: sId5K04MuNzDrV7JjoafXNRATrU.roa (hash: c9K2d3wbOg2QoEGGWWmmlRXcKof1alf7zD4SEHKIWBQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:54:fc:16:11:42:7a:c6:50:a0:f8:e4:8f:a5:0e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Apr 16 16:00:56 2025 GMT
Not After : Apr 17 16:00:56 2025 GMT
Subject: CN=12312d2d33f29d9c89f9094d3a5822c86a89da92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:76:13:66:58:52:cf:74:a6:f3:c3:26:3c:8a:
8f:51:58:ad:c1:16:ae:d3:2a:1f:66:aa:9b:ad:0e:
1c:ff:be:c1:3c:49:82:74:8d:82:67:70:c4:f0:c2:
de:09:5f:af:b8:d3:00:2a:af:59:27:62:c6:a1:fb:
a1:c9:60:cc:89:bd:b8:7d:18:4f:97:c7:ba:51:0b:
87:c5:26:1f:ab:ca:8d:f4:40:90:1c:fd:0d:a8:27:
b0:c3:69:a4:60:45:f3:82:35:9b:58:08:b7:9a:6d:
c4:32:6c:59:99:d1:63:b7:81:31:75:8a:da:6f:28:
35:10:1b:95:41:8b:3d:7d:bb:93:f8:b9:7b:fa:30:
5d:da:90:02:09:fa:f5:d4:a5:54:23:33:88:59:19:
a7:c8:c0:d1:7c:fb:94:4a:0c:57:6c:1f:1a:ca:ff:
0e:87:17:c8:46:9f:de:49:30:a6:b1:57:a7:22:c7:
37:71:a3:40:e3:b7:5d:20:e5:ff:96:93:6d:8a:7a:
13:57:8c:39:c9:43:57:4c:90:fe:ce:6c:9f:cf:b2:
b3:d1:71:18:ad:3c:3c:89:8e:c9:4b:3a:01:b4:57:
73:c0:6c:8f:d3:3a:28:d4:e5:96:d6:fd:69:85:b3:
ab:24:79:4f:fb:1e:0f:01:f2:c3:f2:01:61:b4:80:
27:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:31:2D:2D:33:F2:9D:9C:89:F9:09:4D:3A:58:22:C8:6A:89:DA:92
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:a6:70:69:31:d7:e3:6f:58:3a:fc:14:e7:20:d4:e9:87:b3:
98:77:bb:99:b4:5c:c8:ed:48:04:98:6a:be:ca:9b:ad:be:5d:
9e:01:78:01:c8:2d:2a:ba:0f:24:3b:88:e5:4f:96:80:5e:1b:
b0:29:af:68:1a:14:54:06:70:1c:6b:d9:f5:1f:45:c6:03:69:
ba:9b:da:3f:f7:8c:53:6d:6a:f8:c5:f5:f4:7d:03:4e:08:62:
e2:af:a9:73:3d:13:b1:56:76:c3:94:01:c2:19:36:be:3d:3e:
41:31:b3:1c:bf:65:d2:97:25:34:84:1f:a8:2b:c2:12:ed:44:
59:e7:1d:10:f9:dc:c9:cb:51:4a:0b:1b:d6:5f:6c:2c:63:44:
6e:00:49:67:f2:9c:68:70:a6:18:4f:06:00:28:ea:c8:0c:40:
2b:3c:0e:f8:f9:62:78:f5:9e:4f:70:15:d7:56:46:1b:ce:28:
69:c5:72:43:eb:ce:43:8f:0a:a4:1e:26:30:83:b5:dd:c4:ca:
8d:1c:28:0d:18:1e:70:82:a4:af:25:60:c6:63:61:d5:01:a1:
1c:46:10:89:18:69:b5:e5:50:ea:10:d2:b8:1b:94:e8:e6:42:
fd:f3:14:ba:02:c1:8d:2c:05:72:76:c9:b8:36:23:bc:3f:df:
38:14:32:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/VPwWEUJ6xlCg+OSPpQ7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWM3OGIzMDVmYjQ5Y2JkNDAwNWQ0NDI3YzFmNjJjNmE0
NTVhNjgwHhcNMjUwNDE2MTYwMDU2WhcNMjUwNDE3MTYwMDU2WjAzMTEwLwYDVQQD
EygxMjMxMmQyZDMzZjI5ZDljODlmOTA5NGQzYTU4MjJjODZhODlkYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3YTZlhSz3Sm88MmPIqPUVitwRau
0yofZqqbrQ4c/77BPEmCdI2CZ3DE8MLeCV+vuNMAKq9ZJ2LGofuhyWDMib24fRhP
l8e6UQuHxSYfq8qN9ECQHP0NqCeww2mkYEXzgjWbWAi3mm3EMmxZmdFjt4ExdYra
byg1EBuVQYs9fbuT+Ll7+jBd2pACCfr11KVUIzOIWRmnyMDRfPuUSgxXbB8ayv8O
hxfIRp/eSTCmsVenIsc3caNA47ddIOX/lpNtinoTV4w5yUNXTJD+zmyfz7Kz0XEY
rTw8iY7JSzoBtFdzwGyP0zoo1OWW1v1phbOrJHlP+x4PAfLD8gFhtIAn+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIxLS0z8p2cifkJTTpYIshqidqSMB8GA1UdIwQY
MBaAFJcceLMF+0nL1ABdRCfB9ixqRVpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEt
MWMyNzU4NjUxZWZhLzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEtMWMyNzU4NjUxZWZh
LzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn6ZwaTHX
429YOvwU5yDU6YezmHe7mbRcyO1IBJhqvsqbrb5dngF4AcgtKroPJDuI5U+WgF4b
sCmvaBoUVAZwHGvZ9R9FxgNpupvaP/eMU21q+MX19H0DTghi4q+pcz0TsVZ2w5QB
whk2vj0+QTGzHL9l0pclNIQfqCvCEu1EWecdEPncyctRSgsb1l9sLGNEbgBJZ/Kc
aHCmGE8GACjqyAxAKzwO+PliePWeT3AV11ZGG84oacVyQ+vOQ48KpB4mMIO13cTK
jRwoDRgecIKkryVgxmNh1QGhHEYQiRhpteVQ6hDSuBuU6OZC/fMUugLBjSwFcnbJ
uDYjvD/fOBQyRA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:09:25 2025 by rpki-client