Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/sxk4vHICgkRLq9OyazSStFats5c.mft
File: sxk4vHICgkRLq9OyazSStFats5c.mft (raw, json)
Hash identifier: hH96tSUJhtSqwBQH0Bo3KZpIt5pypOn0l7tnNHpm1jM=
Subject key identifier: 99:CB:6E:C4:8B:4A:30:5A:04:01:71:8D:21:AC:C4:F5:25:01:43:C6
Authority key identifier: B3:19:38:BC:72:02:82:44:4B:AB:D3:B2:6B:34:92:B4:56:AD:B3:97
Certificate issuer: /CN=b31938bc720282444babd3b26b3492b456adb397
Certificate serial: 0196BF6F078661AA4231C4A11F568232A93A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxk4vHICgkRLq9OyazSStFats5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/sxk4vHICgkRLq9OyazSStFats5c.mft
Manifest number: 0854
Signing time: Sun 11 May 2025 13:00:46 +0000
Manifest this update: Sun 11 May 2025 13:00:46 +0000
Manifest next update: Mon 12 May 2025 13:00:46 +0000
Files and hashes: 1: mMmymzplWMeJzzgdG7P3tHtpBaQ.roa (hash: /bqXbIc2T1Ug7GTSXeUaRuS3D15TA3H+LDCDm5yP2ts=)
2: sxk4vHICgkRLq9OyazSStFats5c.crl (hash: hEHAuOWxABSoiGrB7rPfuLUlGC7Il3Lf8i+Vfc3YCU0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/sxk4vHICgkRLq9OyazSStFats5c.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/sxk4vHICgkRLq9OyazSStFats5c.mft
rsync://rpki.ripe.net/repository/DEFAULT/sxk4vHICgkRLq9OyazSStFats5c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bf:6f:07:86:61:aa:42:31:c4:a1:1f:56:82:32:a9:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31938bc720282444babd3b26b3492b456adb397
Validity
Not Before: May 11 13:00:46 2025 GMT
Not After : May 12 13:00:46 2025 GMT
Subject: CN=99cb6ec48b4a305a0401718d21acc4f5250143c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a7:4e:a7:6c:5d:7f:eb:43:81:74:a9:65:a5:
7c:b7:4b:04:1f:a7:20:bf:fb:a9:7b:39:d1:91:76:
c3:56:7c:0b:23:05:47:49:b9:27:71:b4:5a:40:ac:
6a:23:40:e6:cd:f2:31:01:9e:ba:13:2e:b9:d8:e5:
b3:8a:d5:5d:d9:33:22:17:8b:d7:9f:38:71:5a:b5:
a8:a9:34:90:94:c2:ea:43:d6:69:34:3c:85:8f:3c:
19:4a:15:41:55:4c:88:bb:a6:f9:f2:88:90:4c:b4:
a4:5c:65:bc:8d:e1:98:95:7d:12:24:0d:46:e1:c2:
0b:f5:c2:6c:eb:49:7f:bb:bf:be:ef:1e:db:ca:aa:
ff:e9:a6:14:1b:cb:e6:5e:5a:71:3a:75:29:92:62:
f4:18:15:0e:bb:9a:e4:41:ec:4a:b6:d3:aa:83:08:
86:ac:f9:92:97:f0:0d:e7:d0:fd:e5:26:c0:ea:df:
ec:43:36:89:6f:eb:4c:65:0f:8f:cd:ab:55:87:96:
03:81:70:03:8d:fa:2c:49:c5:90:af:b5:1d:80:f4:
d0:50:25:83:63:6d:9d:cf:12:b1:ec:a9:65:e4:45:
b3:f0:44:85:84:e0:65:f0:3c:2d:6e:71:ad:8a:b1:
f6:3e:8d:3f:2f:3c:76:67:1a:7a:95:d5:df:a9:39:
43:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:CB:6E:C4:8B:4A:30:5A:04:01:71:8D:21:AC:C4:F5:25:01:43:C6
X509v3 Authority Key Identifier:
keyid:B3:19:38:BC:72:02:82:44:4B:AB:D3:B2:6B:34:92:B4:56:AD:B3:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxk4vHICgkRLq9OyazSStFats5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/sxk4vHICgkRLq9OyazSStFats5c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/75dede-5449-4d47-9b51-9b5df85c1140/1/sxk4vHICgkRLq9OyazSStFats5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:12:d3:b8:e9:3a:ae:26:cb:5a:d7:14:9b:96:e4:23:f8:a9:
ea:11:7f:41:d8:68:6a:3c:a7:3e:03:1f:b4:24:f0:92:7c:d1:
80:60:43:31:9e:eb:11:6a:dd:b0:aa:00:ab:ba:1b:bd:54:b0:
17:84:0a:ec:77:62:60:8a:41:75:87:0d:60:b5:36:88:b9:ff:
8a:84:dd:06:96:c4:1f:7b:57:44:ad:72:b5:bd:88:a6:07:e5:
48:b3:51:c5:0f:06:e0:26:70:fa:49:bd:fa:de:cd:fb:79:60:
14:37:5f:1a:a7:8d:4c:93:22:be:29:1e:e7:d8:64:7e:00:c7:
b7:54:27:d7:90:ad:f7:4e:6a:94:4f:37:b4:2f:2c:c3:f5:0f:
0f:37:63:bc:dd:1c:4a:91:62:42:32:1f:41:b2:4b:3c:6e:6a:
96:49:fb:5e:d2:c9:c0:a2:62:15:b3:33:36:e4:7d:96:d9:66:
4d:ea:a4:6c:55:51:30:10:f3:15:89:00:c4:1e:ad:3a:31:1b:
03:a5:7c:e7:05:b6:a0:a9:2e:cd:65:89:21:9c:56:4f:a7:95:
15:2d:08:23:0d:f6:ef:bf:bf:d9:49:e4:6c:43:06:3c:6f:ad:
e4:31:f6:c9:e4:1d:32:3d:f2:a8:fb:9f:2d:af:3d:09:0a:7f:
aa:f1:7d:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/bweGYapCMcShH1aCMqk6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTkzOGJjNzIwMjgyNDQ0YmFiZDNiMjZiMzQ5MmI0NTZh
ZGIzOTcwHhcNMjUwNTExMTMwMDQ2WhcNMjUwNTEyMTMwMDQ2WjAzMTEwLwYDVQQD
Eyg5OWNiNmVjNDhiNGEzMDVhMDQwMTcxOGQyMWFjYzRmNTI1MDE0M2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2adOp2xdf+tDgXSpZaV8t0sEH6cg
v/upeznRkXbDVnwLIwVHSbkncbRaQKxqI0DmzfIxAZ66Ey652OWzitVd2TMiF4vX
nzhxWrWoqTSQlMLqQ9ZpNDyFjzwZShVBVUyIu6b58oiQTLSkXGW8jeGYlX0SJA1G
4cIL9cJs60l/u7++7x7byqr/6aYUG8vmXlpxOnUpkmL0GBUOu5rkQexKttOqgwiG
rPmSl/AN59D95SbA6t/sQzaJb+tMZQ+PzatVh5YDgXADjfosScWQr7UdgPTQUCWD
Y22dzxKx7Kll5EWz8ESFhOBl8DwtbnGtirH2Po0/Lzx2Zxp6ldXfqTlDQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnLbsSLSjBaBAFxjSGsxPUlAUPGMB8GA1UdIwQY
MBaAFLMZOLxyAoJES6vTsms0krRWrbOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hrNHZISUNna1JMcTlPeWF6U1N0RmF0czVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83NWRlZGUtNTQ0OS00ZDQ3LTliNTEt
OWI1ZGY4NWMxMTQwLzEvc3hrNHZISUNna1JMcTlPeWF6U1N0RmF0czVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83NWRlZGUtNTQ0OS00ZDQ3LTliNTEtOWI1ZGY4NWMxMTQw
LzEvc3hrNHZISUNna1JMcTlPeWF6U1N0RmF0czVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAShLTuOk6
ribLWtcUm5bkI/ip6hF/QdhoajynPgMftCTwknzRgGBDMZ7rEWrdsKoAq7obvVSw
F4QK7HdiYIpBdYcNYLU2iLn/ioTdBpbEH3tXRK1ytb2IpgflSLNRxQ8G4CZw+km9
+t7N+3lgFDdfGqeNTJMivike59hkfgDHt1Qn15Ct905qlE83tC8sw/UPDzdjvN0c
SpFiQjIfQbJLPG5qlkn7XtLJwKJiFbMzNuR9ltlmTeqkbFVRMBDzFYkAxB6tOjEb
A6V85wW2oKkuzWWJIZxWT6eVFS0IIw3277+/2UnkbEMGPG+t5DH2yeQdMj3yqPuf
La89CQp/qvF9Ag==
-----END CERTIFICATE-----
Generated at Sun May 11 17:34:59 2025 by rpki-client