Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
File: XiZI8SkNRHG821C4K-TtkyADCU0.mft (raw, json)
Hash identifier: tNrKQkSsHrmixUnYEbEf3QD3KJ+M50elA6ywP44gEoQ=
Subject key identifier: 68:5A:A9:DA:99:CF:9B:65:2E:D3:0C:CD:F4:A5:F1:30:01:15:B8:85
Authority key identifier: 5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
Certificate issuer: /CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Certificate serial: 019676E7A76DA529AE0B207C1C440D79AC0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
Manifest number: 14A1
Signing time: Sun 27 Apr 2025 11:00:15 +0000
Manifest this update: Sun 27 Apr 2025 11:00:15 +0000
Manifest next update: Mon 28 Apr 2025 11:00:15 +0000
Files and hashes: 1: BECHjRO1sNTrECspSOXRaHeMWRM.roa (hash: CUP2bSCGR2R7pQJIeBFSspVhJwtI4r06AoqaZ9LnrhQ=)
2: XiZI8SkNRHG821C4K-TtkyADCU0.crl (hash: 9OjSU9K7I0ExYes2VM3ZvrLObomFhvIc/oGIsAKGerY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:e7:a7:6d:a5:29:ae:0b:20:7c:1c:44:0d:79:ac:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e2648f1290d4471bcdb50b82be4ed932003094d
Validity
Not Before: Apr 27 11:00:15 2025 GMT
Not After : Apr 28 11:00:15 2025 GMT
Subject: CN=685aa9da99cf9b652ed30ccdf4a5f1300115b885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:20:62:36:2f:93:e2:91:69:aa:5c:d0:58:
9b:b4:6a:ed:07:2f:f5:8e:bb:a7:2a:b8:3c:42:32:
e2:33:df:98:62:eb:5e:7b:b1:0f:7f:f7:94:d7:22:
90:00:09:bd:0e:c6:3f:6a:51:20:24:15:29:ef:f2:
55:7f:96:b1:4c:3b:80:9b:19:9c:32:4a:5d:df:e2:
81:a3:72:07:96:e9:d0:fe:80:ec:3f:79:04:40:98:
29:33:a8:54:80:7f:cf:38:48:d4:7a:e4:1d:3a:26:
17:21:e5:28:a4:ac:46:ee:20:4b:de:d4:88:17:1a:
81:ce:e7:8d:ca:89:2c:73:b1:4f:ee:dd:48:9c:65:
d4:a9:49:8a:92:95:6e:1a:9b:82:ff:52:ff:83:f9:
3f:d1:c9:b9:c7:4a:08:62:19:ee:7c:a0:d3:6a:e4:
2c:16:b9:bd:da:90:63:aa:c1:9e:c1:b0:31:65:a4:
54:7f:d4:5a:b0:a2:3c:6a:27:f8:2e:83:1d:d7:14:
53:33:d2:a9:fa:a6:1c:29:a0:4e:92:f4:80:cb:5c:
9a:26:6c:a8:61:62:34:4f:54:e7:a2:fa:21:f7:45:
34:f5:a6:e3:7d:16:61:ae:d5:11:b0:9a:4c:70:ea:
f4:8f:40:cd:c2:d8:98:38:17:c0:58:33:51:44:f7:
ca:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5A:A9:DA:99:CF:9B:65:2E:D3:0C:CD:F4:A5:F1:30:01:15:B8:85
X509v3 Authority Key Identifier:
keyid:5E:26:48:F1:29:0D:44:71:BC:DB:50:B8:2B:E4:ED:93:20:03:09:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZI8SkNRHG821C4K-TtkyADCU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bc4c53-0db5-4f11-84f6-f55fcdf97846/1/XiZI8SkNRHG821C4K-TtkyADCU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:67:66:1f:b4:8d:1d:87:35:08:6c:c6:10:13:a7:f3:c2:44:
b1:5d:07:3f:b3:92:84:85:a8:e8:12:f7:bd:32:10:3f:9c:48:
e8:87:bc:ca:a2:b2:1d:58:6b:47:f8:29:af:f8:0b:07:2c:36:
cd:25:a3:1d:5b:88:3b:83:91:91:6c:4d:c2:c8:e4:78:35:fa:
da:70:5e:c1:6f:5d:8f:53:6f:29:5d:22:c0:7c:fa:87:e1:68:
3e:60:ae:99:7e:7f:58:c7:df:6c:10:ba:60:25:d4:9f:a5:5e:
f4:09:fd:a3:c2:d1:35:80:17:a2:35:50:43:4e:e0:0a:ac:d9:
93:48:45:b3:1a:3d:1c:92:83:b7:3a:34:a7:cb:5e:e5:ef:1f:
9f:24:56:ff:e4:d5:cb:c1:42:30:b9:c8:b5:49:49:72:da:23:
e6:7a:ad:f3:39:d7:19:e5:a6:1f:9c:6e:df:34:6a:ee:37:8a:
a0:51:bd:cd:ff:59:9a:13:f4:d4:02:f4:99:72:3e:d8:10:00:
c7:66:32:58:ca:67:07:23:95:f3:7c:1d:a4:3f:9d:1e:71:52:
46:32:30:c2:d5:8b:ce:e7:c8:33:72:5b:b6:12:81:27:25:4d:
f6:46:e8:9f:0e:d0:c1:50:42:cc:ab:61:fd:93:f9:b2:05:1e:
f5:ec:0e:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ256dtpSmuCyB8HEQNeawMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0OGYxMjkwZDQ0NzFiY2RiNTBiODJiZTRlZDkzMjAw
MzA5NGQwHhcNMjUwNDI3MTEwMDE1WhcNMjUwNDI4MTEwMDE1WjAzMTEwLwYDVQQD
Eyg2ODVhYTlkYTk5Y2Y5YjY1MmVkMzBjY2RmNGE1ZjEzMDAxMTViODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdggYjYvk+KRaapc0FibtGrtBy/1
jrunKrg8QjLiM9+YYutee7EPf/eU1yKQAAm9DsY/alEgJBUp7/JVf5axTDuAmxmc
Mkpd3+KBo3IHlunQ/oDsP3kEQJgpM6hUgH/POEjUeuQdOiYXIeUopKxG7iBL3tSI
FxqBzueNyoksc7FP7t1InGXUqUmKkpVuGpuC/1L/g/k/0cm5x0oIYhnufKDTauQs
Frm92pBjqsGewbAxZaRUf9RasKI8aif4LoMd1xRTM9Kp+qYcKaBOkvSAy1yaJmyo
YWI0T1Tnovoh90U09abjfRZhrtURsJpMcOr0j0DNwtiYOBfAWDNRRPfKQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhaqdqZz5tlLtMMzfSl8TABFbiFMB8GA1UdIwQY
MBaAFF4mSPEpDURxvNtQuCvk7ZMgAwlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYt
ZjU1ZmNkZjk3ODQ2LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iYzRjNTMtMGRiNS00ZjExLTg0ZjYtZjU1ZmNkZjk3ODQ2
LzEvWGlaSThTa05SSEc4MjFDNEstVHRreUFEQ1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO2dmH7SN
HYc1CGzGEBOn88JEsV0HP7OShIWo6BL3vTIQP5xI6Ie8yqKyHVhrR/gpr/gLByw2
zSWjHVuIO4ORkWxNwsjkeDX62nBewW9dj1NvKV0iwHz6h+FoPmCumX5/WMffbBC6
YCXUn6Ve9An9o8LRNYAXojVQQ07gCqzZk0hFsxo9HJKDtzo0p8te5e8fnyRW/+TV
y8FCMLnItUlJctoj5nqt8znXGeWmH5xu3zRq7jeKoFG9zf9ZmhP01AL0mXI+2BAA
x2YyWMpnByOV83wdpD+dHnFSRjIwwtWLzufIM3JbthKBJyVN9kbonw7QwVBCzKth
/ZP5sgUe9ewOaA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:52:42 2025 by rpki-client