Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
File: xHKa8T09FW9BGXaxduVU-mcddvc.mft (raw, json)
Hash identifier: XP+Rh0FCBX/aewfn9ZC1YvYV/A8kjJvn9WAbOobBYQ8=
Subject key identifier: E4:B7:3B:9D:9E:0B:D9:CE:1B:B5:33:18:7B:F9:0C:B2:53:03:68:DD
Authority key identifier: C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
Certificate issuer: /CN=c4729af13d3d156f411976b176e554fa671d76f7
Certificate serial: 0196B96C8E4AEE961B9A95DD0BA8723AE760
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
Manifest number: 1276
Signing time: Sat 10 May 2025 09:00:21 +0000
Manifest this update: Sat 10 May 2025 09:00:21 +0000
Manifest next update: Sun 11 May 2025 09:00:21 +0000
Files and hashes: 1: qFZMGyq85ztg5ytAQ7RbzglxnGU.roa (hash: kMRZIxRuZxVhg2DxKXhubRuKlbKba7EMDPUaAyexKng=)
2: xHKa8T09FW9BGXaxduVU-mcddvc.crl (hash: wypFBv+YpDcPCLhdEZ/offjfynU4yyn/njUm80zu7mQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 09:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b9:6c:8e:4a:ee:96:1b:9a:95:dd:0b:a8:72:3a:e7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4729af13d3d156f411976b176e554fa671d76f7
Validity
Not Before: May 10 09:00:21 2025 GMT
Not After : May 11 09:00:21 2025 GMT
Subject: CN=e4b73b9d9e0bd9ce1bb533187bf90cb2530368dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:27:fa:e2:92:4b:69:f8:4d:8d:a3:77:90:e0:
20:19:24:cd:7b:7c:be:ca:1d:88:16:4d:3b:c1:29:
51:e1:8c:bd:27:1f:cb:ac:a5:a8:9c:7e:16:f1:8d:
87:08:89:3c:95:2c:06:d0:41:ba:fe:99:8f:db:c4:
53:c4:4b:6a:2b:c1:11:b9:6c:08:d4:2c:31:cc:9f:
ee:ea:78:b3:c4:9f:2b:95:4a:80:bb:3b:f8:35:57:
58:cb:b2:e5:d2:9e:de:74:cc:14:72:a1:8d:ca:47:
9f:15:38:b0:25:66:b1:1c:a0:4b:38:dd:5d:25:a6:
a3:2e:67:f5:be:dc:88:bf:c9:cd:2c:e9:bb:28:a4:
e5:30:4c:1b:32:97:b4:1f:b5:27:e8:86:6b:26:79:
05:78:86:b7:e1:c1:4c:ef:a5:c4:0d:07:76:81:d0:
4b:f3:4b:45:c3:56:f1:58:6b:9a:c7:16:ef:18:9d:
c1:f5:fa:47:80:04:db:b5:cc:a5:ff:5a:44:2e:77:
32:23:81:29:d3:9f:c2:d8:df:6b:cb:34:c8:cb:35:
71:98:f4:91:18:07:43:0d:6a:73:6f:5f:69:87:6c:
c2:05:10:f6:9a:1a:e4:bd:7b:fa:03:22:51:bc:9e:
01:b6:07:81:40:0e:37:79:80:02:52:d4:2a:b8:92:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B7:3B:9D:9E:0B:D9:CE:1B:B5:33:18:7B:F9:0C:B2:53:03:68:DD
X509v3 Authority Key Identifier:
keyid:C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:9e:3f:1a:b8:0c:b9:84:85:3c:d0:0a:53:44:67:cc:49:ac:
60:fe:b8:2a:79:1a:fa:58:ba:df:94:59:e0:ac:73:e0:6d:6c:
c3:3e:33:01:cb:0c:fd:00:2a:9c:58:10:f2:11:52:c0:c8:e9:
1c:64:d8:62:66:73:db:ed:f2:28:c2:61:4d:7e:bf:fd:96:3d:
b9:8e:ab:ef:32:67:9b:b2:f4:57:d7:9b:92:52:60:e5:f4:1c:
1d:b5:be:e1:a3:31:cf:0e:7c:4f:6a:27:e0:0a:ff:c1:05:b2:
2d:b1:06:7b:26:2e:ea:1b:ce:64:86:94:28:91:6a:99:d0:f0:
91:95:dd:c8:f8:46:4d:0b:72:b9:9d:c9:b6:28:72:de:bd:ba:
97:1d:5a:0e:de:a7:c5:64:da:34:d3:7a:58:84:f4:37:71:f0:
7a:59:09:48:34:6d:d7:92:ec:d8:e3:48:ed:2a:f8:5b:35:1d:
3d:43:b7:b6:1c:c7:2c:57:9a:5b:20:e0:3d:2e:2c:d6:95:f1:
45:ce:75:8f:eb:1f:50:27:d0:82:45:04:94:14:92:54:e9:09:
d0:71:fe:9b:b7:5a:57:16:12:47:92:8e:5a:ea:7f:ec:02:e7:
44:f2:0a:be:11:ca:8f:f4:3f:a5:34:15:27:b3:14:c8:a9:fc:
f4:ac:3a:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5bI5K7pYbmpXdC6hyOudgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NzI5YWYxM2QzZDE1NmY0MTE5NzZiMTc2ZTU1NGZhNjcx
ZDc2ZjcwHhcNMjUwNTEwMDkwMDIxWhcNMjUwNTExMDkwMDIxWjAzMTEwLwYDVQQD
EyhlNGI3M2I5ZDllMGJkOWNlMWJiNTMzMTg3YmY5MGNiMjUzMDM2OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCf64pJLafhNjaN3kOAgGSTNe3y+
yh2IFk07wSlR4Yy9Jx/LrKWonH4W8Y2HCIk8lSwG0EG6/pmP28RTxEtqK8ERuWwI
1CwxzJ/u6nizxJ8rlUqAuzv4NVdYy7Ll0p7edMwUcqGNykefFTiwJWaxHKBLON1d
JaajLmf1vtyIv8nNLOm7KKTlMEwbMpe0H7Un6IZrJnkFeIa34cFM76XEDQd2gdBL
80tFw1bxWGuaxxbvGJ3B9fpHgATbtcyl/1pELncyI4Ep05/C2N9ryzTIyzVxmPSR
GAdDDWpzb19ph2zCBRD2mhrkvXv6AyJRvJ4BtgeBQA43eYACUtQquJKitQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOS3O52eC9nOG7UzGHv5DLJTA2jdMB8GA1UdIwQY
MBaAFMRymvE9PRVvQRl2sXblVPpnHXb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1Nzgt
YjA4OThmYmIxY2FiLzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1NzgtYjA4OThmYmIxY2Fi
LzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF54/GrgM
uYSFPNAKU0RnzEmsYP64Knka+li635RZ4Kxz4G1swz4zAcsM/QAqnFgQ8hFSwMjp
HGTYYmZz2+3yKMJhTX6//ZY9uY6r7zJnm7L0V9ebklJg5fQcHbW+4aMxzw58T2on
4Ar/wQWyLbEGeyYu6hvOZIaUKJFqmdDwkZXdyPhGTQtyuZ3Jtihy3r26lx1aDt6n
xWTaNNN6WIT0N3HwelkJSDRt15Ls2ONI7Sr4WzUdPUO3thzHLFeaWyDgPS4s1pXx
Rc51j+sfUCfQgkUElBSSVOkJ0HH+m7daVxYSR5KOWup/7ALnRPIKvhHKj/Q/pTQV
J7MUyKn89Kw6jw==
-----END CERTIFICATE-----
Generated at Sat May 10 18:24:22 2025 by rpki-client