Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
File: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft (raw, json)
Hash identifier: Kj52BlcFJbDEmXkQr605LYpZlLju4XvtTnLLTGErKfg=
Subject key identifier: 3A:E0:89:9F:BE:EB:30:65:37:24:92:B0:40:36:BE:0F:B5:3D:12:2C
Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4
Certificate serial: 0196B9A3860298E7BB0F1B60DD5F6589A38F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
Manifest number: 1041
Signing time: Sat 10 May 2025 10:00:23 +0000
Manifest this update: Sat 10 May 2025 10:00:23 +0000
Manifest next update: Sun 11 May 2025 10:00:23 +0000
Files and hashes: 1: QGKSiFavp9LMElSoLZBhqzLqFMM.roa (hash: ip/2uYmlI+BKnaF8k1mqNHwsPmNtHEQrk8aTeSCdMUA=)
2: XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl (hash: IDGIIgfgLuJcviAlTj0Czp1QXD9TEMewTyAZy32JiZQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b9:a3:86:02:98:e7:bb:0f:1b:60:dd:5f:65:89:a3:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4
Validity
Not Before: May 10 10:00:23 2025 GMT
Not After : May 11 10:00:23 2025 GMT
Subject: CN=3ae0899fbeeb3065372492b04036be0fb53d122c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:19:79:ab:99:14:fc:f9:3a:3b:96:a3:5f:
62:27:ea:4a:33:98:8e:92:93:bc:df:56:4e:0a:f9:
5f:73:a6:d0:f7:15:ee:1c:96:1f:14:57:57:e3:90:
87:09:83:c0:0d:c7:50:03:14:b2:8a:f6:bd:ad:86:
c9:b0:bb:87:78:84:2e:45:02:26:7a:94:db:ed:cc:
e8:49:f1:9a:61:c1:e9:f1:c2:4c:42:12:47:07:a7:
2b:8b:72:98:a1:97:4b:cb:e5:c3:47:53:0c:c0:f8:
d4:04:72:cd:cf:e6:a1:6a:b8:a2:ec:d4:e2:6c:30:
fc:48:1e:a0:a9:21:37:e0:7a:f6:a8:b0:35:53:db:
bd:5a:20:48:35:0d:7b:76:9d:55:67:29:c1:ab:c0:
cb:12:7f:f2:74:94:11:69:fa:39:f5:0c:a4:c7:f0:
9c:29:e0:26:7d:d5:5f:78:0d:72:68:0d:49:6e:63:
fa:9e:79:bc:0a:0e:14:31:1b:9e:f2:13:18:85:53:
9e:e0:80:0b:d9:9a:b4:e2:1b:21:f8:49:45:38:84:
6a:0f:f1:9b:be:c1:d4:11:84:39:a0:91:ed:f9:6a:
b8:f3:f6:5d:0f:49:fd:d2:0f:ce:75:7f:81:40:b9:
2d:ec:34:e6:69:91:a2:dd:1a:b5:c0:e8:74:cc:85:
ee:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E0:89:9F:BE:EB:30:65:37:24:92:B0:40:36:BE:0F:B5:3D:12:2C
X509v3 Authority Key Identifier:
keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:20:de:53:20:d5:82:08:ce:91:da:d5:7b:c2:0d:58:55:54:
21:75:a9:32:0f:fd:a3:e2:0c:3a:48:2d:91:93:6b:c7:a1:2f:
dd:77:2b:cc:38:9e:3a:e6:b0:af:be:cf:05:7f:9e:0e:46:db:
18:43:3d:33:d3:22:f5:87:08:6a:a9:99:52:0b:85:37:c2:66:
01:67:6d:8b:71:c3:98:ee:79:9e:75:86:89:05:1d:14:11:5c:
8c:ce:d8:2b:48:9f:2b:bb:4e:f8:ee:32:d6:1d:e1:8b:6f:df:
a5:8d:f1:68:13:d4:08:0e:ee:a9:f1:03:81:17:c4:72:32:1e:
86:e4:84:85:a5:90:eb:f2:3c:c5:4b:4d:17:57:38:ea:41:d7:
70:20:95:61:d9:88:e5:30:0b:fb:83:f1:c8:a6:74:fd:09:ed:
4d:c7:10:9a:77:17:22:16:f5:39:95:5f:d2:57:0a:10:13:d7:
d6:85:e4:34:4f:50:ae:8c:76:58:71:6b:5d:14:b2:71:84:e0:
d8:b3:34:fd:55:a9:43:d0:17:35:8b:89:1d:b1:f4:65:ee:d5:
76:c2:8a:77:cc:21:c6:39:c3:ab:24:28:18:af:20:dd:73:98:
9a:50:da:e0:bf:b9:32:9b:93:b3:37:0c:7a:3a:76:8d:85:36:
e1:d4:03:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o4YCmOe7Dxtg3V9liaOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz
ZTIwZTQwHhcNMjUwNTEwMTAwMDIzWhcNMjUwNTExMTAwMDIzWjAzMTEwLwYDVQQD
EygzYWUwODk5ZmJlZWIzMDY1MzcyNDkyYjA0MDM2YmUwZmI1M2QxMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWwZeauZFPz5OjuWo19iJ+pKM5iO
kpO831ZOCvlfc6bQ9xXuHJYfFFdX45CHCYPADcdQAxSyiva9rYbJsLuHeIQuRQIm
epTb7czoSfGaYcHp8cJMQhJHB6cri3KYoZdLy+XDR1MMwPjUBHLNz+aharii7NTi
bDD8SB6gqSE34Hr2qLA1U9u9WiBINQ17dp1VZynBq8DLEn/ydJQRafo59Qykx/Cc
KeAmfdVfeA1yaA1JbmP6nnm8Cg4UMRue8hMYhVOe4IAL2Zq04hsh+ElFOIRqD/Gb
vsHUEYQ5oJHt+Wq48/ZdD0n90g/OdX+BQLkt7DTmaZGi3Rq1wOh0zIXugwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrgiZ++6zBlNySSsEA2vg+1PRIsMB8GA1UdIwQY
MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt
YWE0MDA1MzJkYWViLzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi
LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyDeUyDV
ggjOkdrVe8INWFVUIXWpMg/9o+IMOkgtkZNrx6Ev3XcrzDieOuawr77PBX+eDkbb
GEM9M9Mi9YcIaqmZUguFN8JmAWdti3HDmO55nnWGiQUdFBFcjM7YK0ifK7tO+O4y
1h3hi2/fpY3xaBPUCA7uqfEDgRfEcjIehuSEhaWQ6/I8xUtNF1c46kHXcCCVYdmI
5TAL+4PxyKZ0/QntTccQmncXIhb1OZVf0lcKEBPX1oXkNE9Qrox2WHFrXRSycYTg
2LM0/VWpQ9AXNYuJHbH0Ze7VdsKKd8whxjnDqyQoGK8g3XOYmlDa4L+5MpuTszcM
ejp2jYU24dQDfw==
-----END CERTIFICATE-----
Generated at Sat May 10 15:42:30 2025 by rpki-client