Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json)
Hash identifier: Qm91pBQ8+/KInXDR7Qvf6Bu4TpChWXLNjKvKsNAetlQ=
Subject key identifier: D9:20:EC:6C:36:65:CC:D3:95:F1:93:07:C4:E8:93:78:7E:30:56:1B
Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Certificate serial: 019677C3DCA42F386207AD9013C68CD981E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
Manifest number: 040E
Signing time: Sun 27 Apr 2025 15:00:46 +0000
Manifest this update: Sun 27 Apr 2025 15:00:46 +0000
Manifest next update: Mon 28 Apr 2025 15:00:46 +0000
Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=)
2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: 9zjyU27GUZm1H265nJrDdPU0PUOnFAvofr9w+Hfl4/o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:77:c3:dc:a4:2f:38:62:07:ad:90:13:c6:8c:d9:81:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Validity
Not Before: Apr 27 15:00:46 2025 GMT
Not After : Apr 28 15:00:46 2025 GMT
Subject: CN=d920ec6c3665ccd395f19307c4e893787e30561b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cb:0e:1b:eb:89:a7:18:6b:9a:1d:6c:0d:5a:
36:b9:65:74:0b:66:30:40:0a:c2:6a:3e:b4:10:fa:
10:bb:5d:2e:86:3f:42:f8:9a:3f:9c:4e:b3:38:c1:
97:a4:c9:f1:04:f3:6d:0b:8a:d8:0e:15:af:1d:2d:
0a:08:d7:fb:ff:15:02:4c:9a:20:a5:7c:01:7e:d5:
6d:83:82:00:09:5c:42:04:45:02:1f:29:1c:cb:c9:
67:cd:0c:2b:29:c5:4d:d2:be:8a:45:a1:44:a0:68:
59:96:aa:76:a6:a3:b1:0c:e7:1c:44:a9:a7:cb:8a:
00:d1:cd:47:1c:90:79:26:16:a5:07:69:f8:fa:17:
40:b6:dc:61:cc:1a:ca:22:2a:0e:ed:d8:1c:35:31:
c0:aa:12:5d:19:42:1c:f6:03:92:3b:32:c7:b7:1d:
dc:5f:1b:d4:c4:01:da:5d:fe:ac:76:3d:5e:84:ed:
df:f3:11:c6:fd:56:8f:78:ed:9d:8d:be:e2:69:f0:
4e:c2:96:1f:ad:39:5d:51:3f:e7:ed:cb:c1:ae:89:
66:76:1a:c0:e4:95:54:df:be:9c:d9:9a:22:eb:16:
49:88:3f:7b:3d:fe:c8:dc:2a:4c:27:8c:5f:18:c8:
f7:00:51:21:a9:28:97:f1:88:71:fa:dd:b1:49:d4:
58:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:20:EC:6C:36:65:CC:D3:95:F1:93:07:C4:E8:93:78:7E:30:56:1B
X509v3 Authority Key Identifier:
keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:43:9a:fe:db:dd:82:2e:f4:be:43:76:bf:61:13:9b:b8:53:
8e:f3:28:20:9c:91:5a:ac:5a:46:dc:59:06:60:a5:60:28:f7:
46:de:93:dd:23:fb:11:e5:8d:ea:c9:f3:27:9c:cd:4a:74:86:
d9:d5:be:e6:b9:33:4f:52:71:50:41:d1:ac:2d:8f:a7:42:a1:
8a:4a:a4:11:fc:0a:5d:83:42:b8:a0:60:63:8e:d0:77:c2:c9:
d1:99:00:d1:b5:69:c7:9c:c7:f2:64:00:8b:38:ff:01:ee:bf:
35:59:4f:65:b6:f0:2c:2c:90:4d:67:b8:bb:f6:a5:29:ef:c4:
0d:44:26:98:a7:da:a8:d1:e5:5f:83:37:5b:b3:a3:69:4e:1f:
cc:02:3c:6f:0e:cd:46:f1:1d:0a:1c:7a:e3:ae:8b:24:93:c3:
95:6c:44:2f:25:5c:ea:f3:93:4e:42:6f:c4:5c:34:61:d8:ea:
7f:0a:c4:14:dc:17:75:1a:01:8d:31:29:ba:70:7f:54:7c:17:
81:fa:ee:46:e9:2d:d3:a6:44:f9:61:73:00:b6:a3:68:27:f8:
fa:7a:d9:43:dd:0f:7d:90:99:8e:f2:80:47:22:7b:52:69:a2:
7e:9d:fb:98:a4:31:b1:8b:ff:7d:99:20:5d:cb:a9:4c:98:69:
e3:17:c6:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w9ykLzhiB62QE8aM2YHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5
MDUwNzEwHhcNMjUwNDI3MTUwMDQ2WhcNMjUwNDI4MTUwMDQ2WjAzMTEwLwYDVQQD
EyhkOTIwZWM2YzM2NjVjY2QzOTVmMTkzMDdjNGU4OTM3ODdlMzA1NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyssOG+uJpxhrmh1sDVo2uWV0C2Yw
QArCaj60EPoQu10uhj9C+Jo/nE6zOMGXpMnxBPNtC4rYDhWvHS0KCNf7/xUCTJog
pXwBftVtg4IACVxCBEUCHykcy8lnzQwrKcVN0r6KRaFEoGhZlqp2pqOxDOccRKmn
y4oA0c1HHJB5JhalB2n4+hdAttxhzBrKIioO7dgcNTHAqhJdGUIc9gOSOzLHtx3c
XxvUxAHaXf6sdj1ehO3f8xHG/VaPeO2djb7iafBOwpYfrTldUT/n7cvBrolmdhrA
5JVU376c2Zoi6xZJiD97Pf7I3CpMJ4xfGMj3AFEhqSiX8Yhx+t2xSdRY0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkg7Gw2ZczTlfGTB8Tok3h+MFYbMB8GA1UdIwQY
MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt
NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy
LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP0Oa/tvd
gi70vkN2v2ETm7hTjvMoIJyRWqxaRtxZBmClYCj3Rt6T3SP7EeWN6snzJ5zNSnSG
2dW+5rkzT1JxUEHRrC2Pp0KhikqkEfwKXYNCuKBgY47Qd8LJ0ZkA0bVpx5zH8mQA
izj/Ae6/NVlPZbbwLCyQTWe4u/alKe/EDUQmmKfaqNHlX4M3W7OjaU4fzAI8bw7N
RvEdChx6466LJJPDlWxELyVc6vOTTkJvxFw0YdjqfwrEFNwXdRoBjTEpunB/VHwX
gfruRukt06ZE+WFzALajaCf4+nrZQ90PfZCZjvKARyJ7Ummifp37mKQxsYv/fZkg
XcupTJhp4xfGBQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 21:09:00 2025 by rpki-client