Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
File: cxkAeiit4HgdMS2NSUcts2dnBBY.mft (raw, json)
Hash identifier: rgYQE9oV/LPx7HWpalkW6FIBC5Q+GTF77x5+i7uaqmI=
Subject key identifier: 11:44:6D:9A:4F:60:93:3E:A0:B7:94:E5:58:13:9C:FE:C3:CA:FA:01
Authority key identifier: 73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
Certificate issuer: /CN=7319007a28ade0781d312d8d49472db367670416
Certificate serial: 0196A12D5647296C6137295CC3D12F9D2BA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
Manifest number: 07A1
Signing time: Mon 05 May 2025 16:00:25 +0000
Manifest this update: Mon 05 May 2025 16:00:25 +0000
Manifest next update: Tue 06 May 2025 16:00:25 +0000
Files and hashes: 1: cxkAeiit4HgdMS2NSUcts2dnBBY.crl (hash: UijMyT5NRaRunpgAJq9G88ACCvMOryNPAzfru+z9BBE=)
2: rOIGMeXF9bxOY5fu4vCOE7NrCP0.roa (hash: 1nU5+mzZGJaibKrLnnLB5qj48GydY1KP7W2pluR6Ujw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:2d:56:47:29:6c:61:37:29:5c:c3:d1:2f:9d:2b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7319007a28ade0781d312d8d49472db367670416
Validity
Not Before: May 5 16:00:25 2025 GMT
Not After : May 6 16:00:25 2025 GMT
Subject: CN=11446d9a4f60933ea0b794e558139cfec3cafa01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f6:77:60:19:ed:21:6a:d9:81:3b:84:c1:44:
2d:43:fe:26:25:be:56:71:67:e2:56:47:4b:dc:74:
94:f9:21:70:63:19:f9:e0:11:6c:f5:ba:08:63:11:
c3:e0:2c:19:42:93:e1:f1:6a:3d:27:ee:ba:48:52:
bc:e4:e4:f2:ae:94:d5:4f:7e:a3:c7:60:50:92:8c:
5d:8e:57:5c:ac:40:05:03:84:cf:3e:77:97:f0:58:
4f:2a:7d:02:9d:3e:49:88:1d:ea:76:80:36:15:14:
a0:20:c4:24:89:b4:d4:5c:96:ba:56:0b:2e:11:ad:
5a:a6:15:8e:18:40:21:db:10:fa:c2:49:f2:64:12:
32:cd:f6:8e:9b:83:e7:00:61:9d:b1:22:83:8f:16:
ce:af:38:4b:17:af:6e:b0:0a:ae:a5:b1:8a:97:e1:
b4:52:46:fa:a3:e2:96:6b:36:6a:e0:2c:5c:b9:09:
d4:d4:a5:ed:6d:8c:dd:d0:4d:60:33:f9:ec:96:d5:
c5:b1:08:6e:7b:03:f2:58:fd:3d:61:1d:79:e2:68:
55:66:66:07:7d:62:92:a1:a9:3c:5f:b6:a0:fa:26:
bc:6a:44:cc:a7:ab:40:07:b4:13:6f:f7:40:06:31:
a9:a9:f2:74:80:d4:de:a9:3e:42:44:6c:cd:b7:0d:
3b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:44:6D:9A:4F:60:93:3E:A0:B7:94:E5:58:13:9C:FE:C3:CA:FA:01
X509v3 Authority Key Identifier:
keyid:73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:2c:72:c8:d3:e7:08:34:c6:aa:4d:a5:55:01:89:85:b3:84:
7c:e5:dd:93:99:b0:69:ec:58:ee:2c:96:e4:ab:cb:82:48:7e:
a8:b9:dd:99:b7:58:1a:08:97:61:a8:fa:06:3d:b2:af:26:2c:
06:15:1b:b1:4f:24:d8:49:76:d3:8f:07:5c:fd:9a:ad:4e:2a:
9a:35:1f:1f:e7:e8:2a:80:04:9a:10:09:c7:9f:d2:ff:d3:10:
f7:e6:fd:93:59:ec:b2:6e:48:2d:ee:d8:44:fb:6e:e8:a9:fb:
8e:d6:c3:5d:81:1d:e3:7a:d4:66:bb:ae:0d:be:ab:fb:3b:52:
62:18:ef:0c:c4:c2:a7:3b:54:67:cf:05:e9:fb:3b:6b:12:35:
64:53:08:dc:5a:45:67:4c:6c:69:55:db:b1:ea:fa:24:69:ee:
b8:0c:31:b8:82:2e:2f:83:19:15:38:46:35:ad:41:8e:6a:64:
b6:95:59:05:a6:42:a8:5d:0b:e0:03:00:fe:45:83:25:c2:e5:
04:28:5c:77:5f:88:ed:dd:f4:f7:f8:4c:12:80:9a:2b:ac:71:
12:90:d1:b0:0c:87:4f:2b:96:94:bb:89:0c:45:cc:40:43:d7:
c1:f4:5b:a9:d4:7a:0b:c2:d6:20:4f:a2:4c:b9:66:02:c0:10:
71:13:5f:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZahLVZHKWxhNylcw9EvnSukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMTkwMDdhMjhhZGUwNzgxZDMxMmQ4ZDQ5NDcyZGIzNjc2
NzA0MTYwHhcNMjUwNTA1MTYwMDI1WhcNMjUwNTA2MTYwMDI1WjAzMTEwLwYDVQQD
EygxMTQ0NmQ5YTRmNjA5MzNlYTBiNzk0ZTU1ODEzOWNmZWMzY2FmYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/Z3YBntIWrZgTuEwUQtQ/4mJb5W
cWfiVkdL3HSU+SFwYxn54BFs9boIYxHD4CwZQpPh8Wo9J+66SFK85OTyrpTVT36j
x2BQkoxdjldcrEAFA4TPPneX8FhPKn0CnT5JiB3qdoA2FRSgIMQkibTUXJa6Vgsu
Ea1aphWOGEAh2xD6wknyZBIyzfaOm4PnAGGdsSKDjxbOrzhLF69usAqupbGKl+G0
Ukb6o+KWazZq4CxcuQnU1KXtbYzd0E1gM/nsltXFsQhuewPyWP09YR154mhVZmYH
fWKSoak8X7ag+ia8akTMp6tAB7QTb/dABjGpqfJ0gNTeqT5CRGzNtw07ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFEbZpPYJM+oLeU5VgTnP7DyvoBMB8GA1UdIwQY
MBaAFHMZAHooreB4HTEtjUlHLbNnZwQWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgt
OWY5NDk0OTY2YzU0LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgtOWY5NDk0OTY2YzU0
LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIyxyyNPn
CDTGqk2lVQGJhbOEfOXdk5mwaexY7iyW5KvLgkh+qLndmbdYGgiXYaj6Bj2yryYs
BhUbsU8k2El2048HXP2arU4qmjUfH+foKoAEmhAJx5/S/9MQ9+b9k1nssm5ILe7Y
RPtu6Kn7jtbDXYEd43rUZruuDb6r+ztSYhjvDMTCpztUZ88F6fs7axI1ZFMI3FpF
Z0xsaVXbser6JGnuuAwxuIIuL4MZFThGNa1BjmpktpVZBaZCqF0L4AMA/kWDJcLl
BChcd1+I7d309/hMEoCaK6xxEpDRsAyHTyuWlLuJDEXMQEPXwfRbqdR6C8LWIE+i
TLlmAsAQcRNfSg==
-----END CERTIFICATE-----
Generated at Mon May 5 17:32:49 2025 by rpki-client