Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
File: XasLCOUfgYIkYp-zohHYPVvjVEA.mft (raw, json)
Hash identifier: mLJDXZoSiLM1/QmZ6xp6ooBXQzgsHKEyRpZ4Yka2VMw=
Subject key identifier: 9A:34:11:08:B2:12:E6:09:03:F0:57:4F:44:29:AF:83:78:85:C0:F0
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 0196759E9B1AA56338D3E1AB07314EC40058
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
Manifest number: 131C
Signing time: Sun 27 Apr 2025 05:00:50 +0000
Manifest this update: Sun 27 Apr 2025 05:00:50 +0000
Manifest next update: Mon 28 Apr 2025 05:00:50 +0000
Files and hashes: 1: J3IfRy5hJG3sO5FFR3klCa0Rmag.roa (hash: y8cOLwfC28T1Q/CwomIs12ZpdB8agP1zP7ErrJL2HLM=)
2: XasLCOUfgYIkYp-zohHYPVvjVEA.crl (hash: 3L2f9F1iATihguzA3B9Os5p+0S1JibBtic0y6Cb/V2g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:9e:9b:1a:a5:63:38:d3:e1:ab:07:31:4e:c4:00:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Apr 27 05:00:50 2025 GMT
Not After : Apr 28 05:00:50 2025 GMT
Subject: CN=9a341108b212e60903f0574f4429af837885c0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:00:86:c7:07:75:4f:44:1f:26:9f:7d:11:86:
75:6c:c9:37:24:21:83:b9:f5:d6:0b:46:29:76:aa:
c1:c6:80:ec:86:9e:63:b1:65:6d:ae:4d:ec:3b:58:
64:f0:7e:f6:66:c9:64:39:16:4f:f6:22:21:c6:3d:
d0:34:6b:85:e9:d6:09:e6:c1:ef:2f:7d:16:ab:a0:
d7:e5:c9:be:41:8c:44:b0:71:12:30:03:ef:a7:61:
3a:00:c5:f0:a7:e3:bd:0f:db:80:de:ea:f3:7a:fa:
33:02:10:f0:c9:12:f8:69:54:d3:a3:16:ee:d7:1b:
8e:29:59:b9:90:9d:6b:04:ec:09:b8:8f:21:d9:5a:
e2:d7:b9:14:e8:f9:28:23:ce:0c:01:61:1b:76:36:
48:e5:02:8a:54:a3:f6:4d:ad:c2:42:62:ca:88:30:
4f:3c:35:45:63:9c:cb:d8:f7:62:84:70:ad:29:5e:
05:b3:b7:d9:35:73:d2:e5:a7:21:b3:f1:41:a1:64:
e7:ed:fc:37:f3:63:61:bc:ee:21:dd:c1:d3:41:11:
8c:6d:e6:21:45:14:48:e3:08:3c:53:4e:d5:72:82:
5d:7a:f0:3c:90:69:2e:87:a7:9a:b2:94:a0:28:ab:
3e:f1:11:99:a5:ae:eb:51:3f:48:5d:8b:75:c8:e2:
b0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:34:11:08:B2:12:E6:09:03:F0:57:4F:44:29:AF:83:78:85:C0:F0
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:de:70:66:12:2b:2c:13:f5:81:38:8b:a5:85:5e:22:2f:ba:
9a:78:19:c3:2a:43:86:df:19:c6:53:1d:70:de:b0:54:53:cf:
3e:01:89:84:dd:f1:57:fe:96:8b:b9:aa:97:55:af:44:61:f8:
91:2d:e9:a8:26:bc:c1:ef:ae:2c:8f:50:fb:92:a9:fb:d7:d0:
19:fc:2e:a3:c4:b1:f4:9d:56:ac:11:85:7e:d6:a9:c3:8b:cd:
20:ad:de:d4:56:44:18:a7:b0:bd:fa:10:dc:bc:b1:ba:73:da:
61:19:cc:75:1f:92:22:60:b1:2c:f3:5f:72:6e:86:3b:9f:a0:
1f:d4:12:75:3c:c2:ce:f5:79:28:ec:a7:dd:74:f1:52:4b:3b:
8b:6e:76:d8:c4:41:b5:a1:a7:92:17:56:d7:dc:c7:e1:6f:3f:
d8:1a:e3:90:0d:3e:eb:8e:a7:fa:e5:4d:7b:9b:2d:26:7e:e6:
78:bb:9f:95:04:a4:84:1c:ec:c0:8e:a4:f7:29:0b:a6:9b:ef:
55:45:ad:25:38:07:29:fb:de:d2:d9:6e:56:7b:47:09:82:00:
2a:b0:da:8a:95:81:03:31:f0:9f:61:8d:15:c7:35:78:ad:ea:
a7:08:a4:36:e9:41:65:a5:c4:05:5c:f2:a1:91:17:58:3d:98:
b5:65:3a:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1npsapWM40+GrBzFOxABYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWIwYjA4ZTUxZjgxODIyNDYyOWZiM2EyMTFkODNkNWJl
MzU0NDAwHhcNMjUwNDI3MDUwMDUwWhcNMjUwNDI4MDUwMDUwWjAzMTEwLwYDVQQD
Eyg5YTM0MTEwOGIyMTJlNjA5MDNmMDU3NGY0NDI5YWY4Mzc4ODVjMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QCGxwd1T0QfJp99EYZ1bMk3JCGD
ufXWC0YpdqrBxoDshp5jsWVtrk3sO1hk8H72ZslkORZP9iIhxj3QNGuF6dYJ5sHv
L30Wq6DX5cm+QYxEsHESMAPvp2E6AMXwp+O9D9uA3urzevozAhDwyRL4aVTToxbu
1xuOKVm5kJ1rBOwJuI8h2Vri17kU6PkoI84MAWEbdjZI5QKKVKP2Ta3CQmLKiDBP
PDVFY5zL2PdihHCtKV4Fs7fZNXPS5achs/FBoWTn7fw382NhvO4h3cHTQRGMbeYh
RRRI4wg8U07VcoJdevA8kGkuh6easpSgKKs+8RGZpa7rUT9IXYt1yOKwzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJo0EQiyEuYJA/BXT0Qpr4N4hcDwMB8GA1UdIwQY
MBaAFF2rCwjlH4GCJGKfs6IR2D1b41RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUt
NjI3ODkxODJhMGYzLzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNjIwODktYjk4YS00ZmRkLTljNGUtNjI3ODkxODJhMGYz
LzEvWGFzTENPVWZnWUlrWXAtem9oSFlQVnZqVkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgd5wZhIr
LBP1gTiLpYVeIi+6mngZwypDht8ZxlMdcN6wVFPPPgGJhN3xV/6Wi7mql1WvRGH4
kS3pqCa8we+uLI9Q+5Kp+9fQGfwuo8Sx9J1WrBGFftapw4vNIK3e1FZEGKewvfoQ
3LyxunPaYRnMdR+SImCxLPNfcm6GO5+gH9QSdTzCzvV5KOyn3XTxUks7i2522MRB
taGnkhdW19zH4W8/2BrjkA0+646n+uVNe5stJn7meLuflQSkhBzswI6k9ykLppvv
VUWtJTgHKfve0tluVntHCYIAKrDaipWBAzHwn2GNFcc1eK3qpwikNulBZaXEBVzy
oZEXWD2YtWU6NQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:29:23 2025 by rpki-client