Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
File: xtEbZP_hjvpC9DpsdlY53uONAn4.mft (raw, json)
Hash identifier: 9CN6mAi/EaN7TGrKX2ZgjPmYOsLwWj0EN5x+B1HJKKw=
Subject key identifier: 03:5C:31:E8:E5:29:79:F0:D4:C2:52:08:F1:F3:A5:D8:7F:4C:AF:DB
Authority key identifier: C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E
Certificate issuer: /CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
Certificate serial: 019682103DDD1E6BF8CDF24DFC72C3A2AE72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
Manifest number: 0D9C
Signing time: Tue 29 Apr 2025 15:00:24 +0000
Manifest this update: Tue 29 Apr 2025 15:00:24 +0000
Manifest next update: Wed 30 Apr 2025 15:00:24 +0000
Files and hashes: 1: 5stymyV2VXExRNfPDRHs0SsKv84.roa (hash: LAJy81D8Y1W3Al27GIYu76cE8aqvZvfTwIjGsrUN8O8=)
2: wX4zTXXZMo2WWHOKinMvyAiRYeE.roa (hash: dkBnWGmwxThQE3RCE6xz1EoswQLwUBpuloKrWzo2tUE=)
3: xtEbZP_hjvpC9DpsdlY53uONAn4.crl (hash: jM2nG6OzMvBs+mxF3IMj3rx4W6TDdmabdwzPYl5Y6LY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:10:3d:dd:1e:6b:f8:cd:f2:4d:fc:72:c3:a2:ae:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d11b64ffe18efa42f43a6c765639dee38d027e
Validity
Not Before: Apr 29 15:00:24 2025 GMT
Not After : Apr 30 15:00:24 2025 GMT
Subject: CN=035c31e8e52979f0d4c25208f1f3a5d87f4cafdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ff:94:e5:ee:cd:84:a0:17:27:f5:5c:57:fd:
ad:e2:81:76:63:ee:2a:9f:27:b0:a6:6f:1c:fd:79:
a8:f9:0c:39:24:e6:88:58:02:75:b5:69:e7:9e:45:
26:62:10:c4:fd:34:88:5e:29:13:5b:81:d3:f5:de:
34:16:c7:c7:17:34:43:39:0b:b5:3c:d8:cc:1d:cd:
a5:bc:61:ed:79:39:91:88:ca:2d:dc:24:17:3f:0f:
c6:0a:84:c1:be:da:4f:6f:5a:75:67:2b:06:dd:79:
b1:95:2a:d4:ee:47:9c:06:bb:ec:0a:64:db:05:10:
59:f7:00:52:b2:58:4c:52:69:11:b5:f1:89:b5:3f:
80:1e:f5:f3:fa:c3:ea:2c:03:ab:de:2f:d7:ad:3e:
28:2d:30:d3:80:a3:92:2c:97:7e:be:ad:5f:a2:88:
e8:89:c0:fe:56:3b:60:c0:20:e7:00:7a:16:91:ce:
e0:7d:4e:2f:0d:47:d7:82:8e:e4:ac:db:e5:1b:26:
3e:81:36:fb:02:fc:00:50:99:26:32:2d:69:e6:88:
e2:d7:5e:51:ad:f5:04:f2:f1:56:80:e7:45:bd:f0:
3f:a3:0f:35:56:7a:20:09:02:d0:a3:87:12:12:3f:
4d:f9:d6:46:86:9e:94:0f:5c:6d:f2:90:41:a1:f6:
0a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5C:31:E8:E5:29:79:F0:D4:C2:52:08:F1:F3:A5:D8:7F:4C:AF:DB
X509v3 Authority Key Identifier:
keyid:C6:D1:1B:64:FF:E1:8E:FA:42:F4:3A:6C:76:56:39:DE:E3:8D:02:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtEbZP_hjvpC9DpsdlY53uONAn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/4cac6b-8e05-448a-83f7-6835852158d8/1/xtEbZP_hjvpC9DpsdlY53uONAn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:66:17:60:8d:7c:2e:56:3c:fe:32:76:9f:2f:a9:17:60:1b:
7a:0e:1c:04:e9:53:3d:ee:04:b2:78:7a:2d:3d:6c:7d:23:20:
3f:39:62:f3:20:d4:15:54:ea:16:a6:a2:fc:c2:69:9f:4a:52:
de:85:87:e9:3c:0d:e5:83:d7:17:da:65:ed:51:6a:c9:e2:42:
17:3f:f7:21:24:b4:97:7f:e4:24:c4:e5:27:d4:f9:ee:ea:da:
c7:08:a0:ca:d4:dd:30:43:d0:3e:8f:05:26:a8:ba:63:de:d3:
8d:a7:75:46:d7:79:46:ce:99:8e:c4:8e:80:f7:76:f0:37:04:
0c:58:f9:9c:3b:86:83:34:fb:83:6a:09:6b:8b:06:e5:b3:4d:
8f:67:4c:75:96:46:87:88:bf:b5:31:27:12:7d:61:6d:23:c5:
0b:3f:bf:f6:cc:d8:29:bd:48:f8:b0:76:40:31:36:77:75:c8:
26:21:f2:de:fe:a0:54:42:18:ca:02:b6:0d:d5:e2:8c:a5:79:
96:3a:96:40:d8:de:04:67:21:59:94:91:e1:2e:8d:44:a9:2b:
4d:62:f9:b8:a5:eb:5d:fd:25:2a:8d:fb:ed:98:73:8d:f2:44:
e2:f2:24:37:1f:f5:8e:82:eb:79:dd:fc:36:7f:e1:01:b0:b6:
bb:e3:72:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCED3dHmv4zfJN/HLDoq5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDExYjY0ZmZlMThlZmE0MmY0M2E2Yzc2NTYzOWRlZTM4
ZDAyN2UwHhcNMjUwNDI5MTUwMDI0WhcNMjUwNDMwMTUwMDI0WjAzMTEwLwYDVQQD
EygwMzVjMzFlOGU1Mjk3OWYwZDRjMjUyMDhmMWYzYTVkODdmNGNhZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/+U5e7NhKAXJ/VcV/2t4oF2Y+4q
nyewpm8c/Xmo+Qw5JOaIWAJ1tWnnnkUmYhDE/TSIXikTW4HT9d40FsfHFzRDOQu1
PNjMHc2lvGHteTmRiMot3CQXPw/GCoTBvtpPb1p1ZysG3XmxlSrU7kecBrvsCmTb
BRBZ9wBSslhMUmkRtfGJtT+AHvXz+sPqLAOr3i/XrT4oLTDTgKOSLJd+vq1foojo
icD+VjtgwCDnAHoWkc7gfU4vDUfXgo7krNvlGyY+gTb7AvwAUJkmMi1p5oji115R
rfUE8vFWgOdFvfA/ow81VnogCQLQo4cSEj9N+dZGhp6UD1xt8pBBofYK7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANcMejlKXnw1MJSCPHzpdh/TK/bMB8GA1UdIwQY
MBaAFMbRG2T/4Y76QvQ6bHZWOd7jjQJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80Y2FjNmItOGUwNS00NDhhLTgzZjct
NjgzNTg1MjE1OGQ4LzEveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80Y2FjNmItOGUwNS00NDhhLTgzZjctNjgzNTg1MjE1OGQ4
LzEveHRFYlpQX2hqdnBDOURwc2RsWTUzdU9OQW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWYXYI18
LlY8/jJ2ny+pF2Abeg4cBOlTPe4Esnh6LT1sfSMgPzli8yDUFVTqFqai/MJpn0pS
3oWH6TwN5YPXF9pl7VFqyeJCFz/3ISS0l3/kJMTlJ9T57uraxwigytTdMEPQPo8F
Jqi6Y97Tjad1Rtd5Rs6ZjsSOgPd28DcEDFj5nDuGgzT7g2oJa4sG5bNNj2dMdZZG
h4i/tTEnEn1hbSPFCz+/9szYKb1I+LB2QDE2d3XIJiHy3v6gVEIYygK2DdXijKV5
ljqWQNjeBGchWZSR4S6NRKkrTWL5uKXrXf0lKo377ZhzjfJE4vIkNx/1joLred38
Nn/hAbC2u+Nycw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:30:05 2025 by rpki-client