Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File: XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier: 5y6RaEjPznvnNFBH0JLry1RJ0g81ex7T5QFWEolTQhA=
Subject key identifier: 94:E7:BE:DC:47:E0:0E:43:A0:1A:4F:E6:EA:52:DB:F6:D9:5D:EA:99
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer: /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial: 0194BB2975A78AAEDA470CF70C723562DC7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number: 0123
Signing time: Fri 31 Jan 2025 07:00:43 +0000
Manifest this update: Fri 31 Jan 2025 07:00:43 +0000
Manifest next update: Sat 01 Feb 2025 07:00:43 +0000
Files and hashes: 1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: anNIb4vMQvNC10BO2ankuT3v7iYMCTf4zxz3uIYJyFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Feb 2025 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:29:75:a7:8a:ae:da:47:0c:f7:0c:72:35:62:dc:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Validity
Not Before: Jan 31 07:00:43 2025 GMT
Not After : Feb 1 07:00:43 2025 GMT
Subject: CN=94e7bedc47e00e43a01a4fe6ea52dbf6d95dea99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:eb:8b:a0:db:54:fe:9e:2c:b2:1f:fd:b4:c5:
ff:84:1b:bc:f3:bf:bf:90:3c:87:d3:b8:79:6c:7f:
9f:e0:e5:18:2f:76:e1:94:33:c2:c9:4a:35:e2:7a:
0c:f2:52:fa:2d:77:f8:92:df:52:d2:f2:dd:fa:60:
43:50:22:b8:9e:2d:15:ea:ba:b3:60:7d:d2:57:f6:
e4:d6:43:4d:4e:a3:d9:5b:c8:7b:f5:74:64:f7:1f:
0c:23:92:5b:f6:c5:dc:e2:a5:0d:02:ea:b6:da:ac:
de:80:19:54:c7:4d:4a:a9:f8:60:65:cc:66:94:2e:
c8:bf:72:22:fb:d6:b8:66:86:06:6c:13:c6:9c:ea:
c0:47:e2:37:95:c6:0f:40:74:7f:8f:9e:b8:c0:ef:
02:dd:84:f4:56:9a:aa:eb:c0:e1:c3:56:1e:d7:0e:
36:e0:00:c2:eb:a4:d5:ea:82:be:3f:df:dc:70:46:
57:8f:04:4e:03:e3:31:d9:9c:26:62:9d:47:fc:45:
42:cf:e1:63:2e:4d:6b:2d:fc:e3:c5:07:fa:0f:71:
fc:5a:1f:c6:85:8e:85:8b:46:f4:31:78:37:f3:8c:
dc:dd:91:7e:08:88:0d:ec:69:4f:79:4e:4e:83:6d:
26:d5:4a:27:cb:3f:42:26:6e:8a:ac:a4:6b:12:d2:
6d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E7:BE:DC:47:E0:0E:43:A0:1A:4F:E6:EA:52:DB:F6:D9:5D:EA:99
X509v3 Authority Key Identifier:
keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:05:35:64:c2:8b:e0:c1:08:a9:0b:7d:4c:f4:f7:e8:6e:06:
80:ca:0b:76:50:3c:79:97:5f:1e:c9:5d:65:78:72:79:60:99:
77:1d:85:a8:64:d7:4c:68:29:b8:3a:bb:95:26:28:a9:21:49:
fe:af:3a:80:25:8b:77:da:f7:23:2f:0d:c6:be:17:8e:cc:a6:
fc:51:98:c1:de:a2:82:e1:de:cf:b7:4f:c2:8a:1e:80:cf:ef:
b9:74:14:57:a6:1d:3d:a8:1e:71:58:3b:d0:81:7f:72:3b:a8:
de:de:66:03:41:e7:1d:93:e5:a1:d6:3c:9a:83:ff:cc:47:91:
ef:ab:50:dc:10:e8:6d:77:62:cd:26:56:1d:cf:f2:de:78:55:
58:21:87:49:5c:c9:1e:44:ef:68:11:0e:5d:0f:d8:62:93:3b:
a4:36:2d:9b:a5:c6:7f:0a:3d:b4:fe:31:a2:16:50:28:0b:03:
53:44:6a:b2:eb:03:c7:63:47:47:c7:73:00:c3:2e:20:86:c3:
be:78:3b:8b:a9:0d:b6:44:b0:8b:49:b0:23:ec:dd:12:ad:ae:
e5:99:a4:6f:b0:00:43:ad:26:ce:0b:13:ba:cd:6b:a9:e0:b0:
7d:5e:c6:4b:65:5b:58:ad:b3:e8:eb:db:93:de:ad:41:4a:26:
c8:81:4c:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KXWniq7aRwz3DHI1Ytx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwMTMxMDcwMDQzWhcNMjUwMjAxMDcwMDQzWjAzMTEwLwYDVQQD
Eyg5NGU3YmVkYzQ3ZTAwZTQzYTAxYTRmZTZlYTUyZGJmNmQ5NWRlYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOuLoNtU/p4ssh/9tMX/hBu887+/
kDyH07h5bH+f4OUYL3bhlDPCyUo14noM8lL6LXf4kt9S0vLd+mBDUCK4ni0V6rqz
YH3SV/bk1kNNTqPZW8h79XRk9x8MI5Jb9sXc4qUNAuq22qzegBlUx01KqfhgZcxm
lC7Iv3Ii+9a4ZoYGbBPGnOrAR+I3lcYPQHR/j564wO8C3YT0Vpqq68Dhw1Ye1w42
4ADC66TV6oK+P9/ccEZXjwROA+Mx2ZwmYp1H/EVCz+FjLk1rLfzjxQf6D3H8Wh/G
hY6Fi0b0MXg384zc3ZF+CIgN7GlPeU5Og20m1Uonyz9CJm6KrKRrEtJtSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJTnvtxH4A5DoBpP5upS2/bZXeqZMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYAU1ZMKL
4MEIqQt9TPT36G4GgMoLdlA8eZdfHsldZXhyeWCZdx2FqGTXTGgpuDq7lSYoqSFJ
/q86gCWLd9r3Iy8Nxr4Xjsym/FGYwd6iguHez7dPwooegM/vuXQUV6YdPagecVg7
0IF/cjuo3t5mA0HnHZPlodY8moP/zEeR76tQ3BDobXdizSZWHc/y3nhVWCGHSVzJ
HkTvaBEOXQ/YYpM7pDYtm6XGfwo9tP4xohZQKAsDU0RqsusDx2NHR8dzAMMuIIbD
vng7i6kNtkSwi0mwI+zdEq2u5Zmkb7AAQ60mzgsTus1rqeCwfV7GS2VbWK2z6Ovb
k96tQUomyIFM6w==
-----END CERTIFICATE-----
Generated at Fri Jan 31 15:40:18 2025 by rpki-client on console-fra.rpki-client.org