Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
File: xTG2PRGmzC0c5p4TEch6waanBzM.mft (raw, json)
Hash identifier: q+7+oCPR6ACDxkkUm1WFZxWX5l1TJSi4CyljzFpeA7U=
Subject key identifier: B8:2A:60:21:31:18:89:A7:E6:6F:0D:3B:B5:36:E9:BA:CD:1C:7C:33
Authority key identifier: C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
Certificate issuer: /CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Certificate serial: 01967C4544B8162554B9F4F94C8F2A922377
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
Manifest number: 0D96
Signing time: Mon 28 Apr 2025 12:00:36 +0000
Manifest this update: Mon 28 Apr 2025 12:00:36 +0000
Manifest next update: Tue 29 Apr 2025 12:00:36 +0000
Files and hashes: 1: 3cKiOm3cqL9AuF9PS6f53tN4Gdg.roa (hash: HiF4cbbVkgMNvvCZGg36cGuMWinu6Z8X1/cmYfYlH0w=)
2: 7dlaDlkKgi4dAirWDUWBZGBGqcU.roa (hash: p1fbv33BP/4U3m5pS2Ws4rI2vfUa3r6QuSWQWQR+Iw4=)
3: xTG2PRGmzC0c5p4TEch6waanBzM.crl (hash: /iR7PFZxmD2cwGBhH5YMtNywhLb14ppr4VF+FqczYi8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:45:44:b8:16:25:54:b9:f4:f9:4c:8f:2a:92:23:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c531b63d11a6cc2d1ce69e1311c87ac1a6a70733
Validity
Not Before: Apr 28 12:00:36 2025 GMT
Not After : Apr 29 12:00:36 2025 GMT
Subject: CN=b82a6021311889a7e66f0d3bb536e9bacd1c7c33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7b:c6:9d:49:c0:ca:d2:94:80:91:63:b4:3b:
6e:75:1f:b2:f6:4b:f3:1d:05:c6:ee:36:9d:0a:0e:
27:3b:8d:93:3e:d5:38:67:a2:fc:d5:39:2d:f4:29:
e1:6e:49:2b:0d:53:d2:78:53:c9:6f:db:3f:c2:9a:
5c:fa:0a:30:2d:82:83:11:5d:a1:2b:95:b9:94:03:
88:58:bb:e3:d0:e7:08:53:eb:c2:40:ec:a1:0a:9e:
79:25:b8:f6:d9:64:fc:da:8b:c9:17:33:1f:7c:ae:
e0:08:32:c6:cc:8c:64:df:31:c9:39:72:f3:91:ea:
fa:63:29:b7:80:59:2b:c8:62:7b:5c:5b:44:45:6b:
88:24:05:8c:b9:66:f6:0e:d8:0c:47:83:a1:2e:05:
25:d4:12:92:b2:ff:37:87:fa:fd:9a:57:7b:c2:45:
71:77:61:6f:bb:37:93:4c:14:81:71:04:78:9a:29:
de:85:25:cb:0c:74:62:16:06:e8:7a:7c:17:2b:bb:
e4:ae:e7:08:d4:22:fc:a4:0f:00:63:1b:28:a9:6e:
5b:18:79:22:9d:09:4a:81:dc:f4:34:34:52:7e:d3:
db:19:29:a8:df:ec:e2:d0:53:88:fc:04:10:f3:1f:
f8:27:aa:a7:19:81:e7:52:39:39:dd:71:4d:d2:fb:
12:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2A:60:21:31:18:89:A7:E6:6F:0D:3B:B5:36:E9:BA:CD:1C:7C:33
X509v3 Authority Key Identifier:
keyid:C5:31:B6:3D:11:A6:CC:2D:1C:E6:9E:13:11:C8:7A:C1:A6:A7:07:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTG2PRGmzC0c5p4TEch6waanBzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/86898e-e6e6-4b88-8811-db8cabcee21e/1/xTG2PRGmzC0c5p4TEch6waanBzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:4b:a8:46:75:c8:72:12:a7:96:6b:f3:1e:14:44:a4:02:d3:
50:29:7f:3d:7c:19:15:85:53:6d:ed:8b:97:14:87:81:39:99:
d0:75:d1:d4:be:85:ba:b4:7f:1b:c4:75:cc:b2:02:0d:dd:93:
96:ea:ca:18:a2:a3:bf:a6:84:3c:d2:e1:8c:31:4c:9c:a1:f9:
9a:6e:ca:4b:ab:68:6e:55:2a:8d:f5:97:5e:1b:9c:9a:39:56:
fe:32:cb:c2:4f:4d:be:29:24:fd:db:e9:17:38:dc:01:b8:b1:
30:97:cd:af:50:e6:cf:ed:e3:1a:30:42:fb:10:45:cf:88:d1:
f3:d2:8a:e3:ac:29:0e:11:19:74:5a:18:09:74:5e:d1:70:9a:
2f:4d:34:96:cd:16:1d:d5:5a:cc:2a:8d:7c:68:45:0a:48:17:
d8:1f:7b:13:07:eb:c3:10:ef:ba:fe:82:70:e3:1a:7e:2f:72:
9c:fc:98:f0:f0:45:ae:ce:b7:71:a2:f4:93:1e:45:76:f7:ca:
a3:de:99:e0:0e:2e:79:bf:5a:7b:9f:a7:43:2f:d7:70:18:97:
4a:d9:3f:53:0a:8e:5a:b6:19:7a:a3:e0:02:4f:8a:db:b3:c8:
2a:cb:9c:b7:ab:71:db:a0:5c:72:bb:71:95:ed:5b:a2:06:1d:
18:80:ab:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8RUS4FiVUufT5TI8qkiN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MzFiNjNkMTFhNmNjMmQxY2U2OWUxMzExYzg3YWMxYTZh
NzA3MzMwHhcNMjUwNDI4MTIwMDM2WhcNMjUwNDI5MTIwMDM2WjAzMTEwLwYDVQQD
EyhiODJhNjAyMTMxMTg4OWE3ZTY2ZjBkM2JiNTM2ZTliYWNkMWM3YzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXvGnUnAytKUgJFjtDtudR+y9kvz
HQXG7jadCg4nO42TPtU4Z6L81Tkt9CnhbkkrDVPSeFPJb9s/wppc+gowLYKDEV2h
K5W5lAOIWLvj0OcIU+vCQOyhCp55Jbj22WT82ovJFzMffK7gCDLGzIxk3zHJOXLz
ker6Yym3gFkryGJ7XFtERWuIJAWMuWb2DtgMR4OhLgUl1BKSsv83h/r9mld7wkVx
d2FvuzeTTBSBcQR4minehSXLDHRiFgboenwXK7vkrucI1CL8pA8AYxsoqW5bGHki
nQlKgdz0NDRSftPbGSmo3+zi0FOI/AQQ8x/4J6qnGYHnUjk53XFN0vsSzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgqYCExGImn5m8NO7U26brNHHwzMB8GA1UdIwQY
MBaAFMUxtj0RpswtHOaeExHIesGmpwczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEt
ZGI4Y2FiY2VlMjFlLzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84Njg5OGUtZTZlNi00Yjg4LTg4MTEtZGI4Y2FiY2VlMjFl
LzEveFRHMlBSR216QzBjNXA0VEVjaDZ3YWFuQnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe0uoRnXI
chKnlmvzHhREpALTUCl/PXwZFYVTbe2LlxSHgTmZ0HXR1L6FurR/G8R1zLICDd2T
lurKGKKjv6aEPNLhjDFMnKH5mm7KS6toblUqjfWXXhucmjlW/jLLwk9Nvikk/dvp
FzjcAbixMJfNr1Dmz+3jGjBC+xBFz4jR89KK46wpDhEZdFoYCXRe0XCaL000ls0W
HdVazCqNfGhFCkgX2B97EwfrwxDvuv6CcOMafi9ynPyY8PBFrs63caL0kx5FdvfK
o96Z4A4ueb9ae5+nQy/XcBiXStk/UwqOWrYZeqPgAk+K27PIKsuct6tx26Bccrtx
le1bogYdGICrhA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:50:39 2025 by rpki-client