Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
File: XYHR_0WxVHwAqEtG75nsot-9Rbw.mft (raw, json)
Hash identifier: D4Rf9I5n0IEYJ+ONQF3exJQYVBqagK4zZ+2NRh6lonk=
Subject key identifier: 85:E1:38:F7:2C:78:76:32:8D:2D:94:38:DE:A5:E1:36:96:67:AC:B0
Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Certificate serial: 0196C427ABD201809C095FBB474CDCC33B9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
Manifest number: 153A
Signing time: Mon 12 May 2025 11:00:56 +0000
Manifest this update: Mon 12 May 2025 11:00:56 +0000
Manifest next update: Tue 13 May 2025 11:00:56 +0000
Files and hashes: 1: C-JYvDSVCc5Zd_4Sd7FiFR4ridU.roa (hash: Fud1edK7T1C6PqdOPqDnlVWq4JxXY+eiVXIDYHC1t50=)
2: XYHR_0WxVHwAqEtG75nsot-9Rbw.crl (hash: szAad4iwHoopsSkCVPsTsTKO/mfB4ecih1R2+zLQN7E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:27:ab:d2:01:80:9c:09:5f:bb:47:4c:dc:c3:3b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Validity
Not Before: May 12 11:00:56 2025 GMT
Not After : May 13 11:00:56 2025 GMT
Subject: CN=85e138f72c7876328d2d9438dea5e1369667acb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:7c:39:01:9f:e8:00:c2:12:ac:b9:85:7c:
76:1b:34:5c:72:5b:cc:3b:ce:12:5f:7c:52:12:cc:
5a:d7:5f:53:c2:60:43:a0:71:2f:f3:6e:59:52:3d:
46:02:e4:4f:d9:ad:b6:09:a4:3d:7b:89:22:88:00:
e5:a1:31:90:7e:12:88:94:69:67:b4:cd:32:f7:0e:
1b:9e:6b:af:ca:01:ee:f0:ee:19:76:a4:6d:aa:14:
f5:c1:f4:2d:83:79:00:4b:76:76:f9:dd:8f:9a:8c:
f6:12:f6:d9:2e:f0:fc:9f:64:d1:ca:9a:a2:d0:8f:
e7:8b:c0:52:ab:43:98:b2:25:ec:43:34:8f:58:dc:
07:e4:1f:5f:b4:ca:c4:9e:24:49:81:11:a1:26:4b:
01:c6:b0:64:68:e8:79:a1:48:a0:7e:a6:c4:b2:4f:
e1:df:cc:72:fa:7f:65:be:7a:bd:ab:31:f0:53:36:
dc:6f:b8:18:73:52:74:5a:c3:3a:c4:a4:ad:b8:68:
86:e6:ce:c3:06:f1:5a:f1:2c:77:1a:99:eb:8f:e1:
9e:fb:45:99:9c:5c:ac:a9:d3:9a:4b:3a:cf:fc:f7:
56:33:99:52:30:6a:85:8a:c6:79:5e:af:97:4d:35:
83:96:83:b1:88:a6:9b:7f:45:7f:a8:b9:12:c7:77:
6a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E1:38:F7:2C:78:76:32:8D:2D:94:38:DE:A5:E1:36:96:67:AC:B0
X509v3 Authority Key Identifier:
keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:3c:3e:c0:65:94:f4:92:8b:f0:68:de:24:1a:e5:49:39:1a:
d6:a4:ef:40:fa:44:b5:4a:26:95:f8:4f:08:94:a9:45:25:94:
9a:87:11:11:1e:90:00:1c:6b:3f:ae:84:ec:2e:7e:65:e8:06:
37:f4:7a:a0:3e:57:48:ca:55:2d:1c:c8:6b:e7:d9:bb:5a:e5:
eb:a8:dd:b9:18:12:4d:d2:5d:41:3d:6d:a1:64:ad:0c:ea:1a:
10:78:f8:ed:e2:02:27:30:ca:d4:91:23:80:39:c8:ac:c0:f3:
0c:26:7f:51:ab:ef:2d:6d:0d:7e:35:41:85:a7:3f:83:cb:50:
b8:ce:a5:87:1e:08:f8:f6:6c:10:2b:20:10:85:34:5e:71:b3:
d1:fb:4b:e8:0b:e5:02:bb:68:2c:73:d4:56:6f:27:9d:83:26:
88:d8:81:68:a5:b7:d6:87:f8:41:23:bd:a5:59:85:6d:6a:11:
ad:e5:01:20:17:86:67:64:f5:21:2e:4e:45:be:dc:95:84:5d:
00:fd:11:94:7d:7b:73:11:69:f2:1c:6b:e2:2f:bd:6c:13:97:
3a:66:6a:ba:fb:4a:f7:50:a7:3c:d1:77:36:fd:4d:7c:0d:18:
e8:e7:59:68:ec:ab:e2:08:e9:cd:62:6b:aa:a9:7e:2d:8d:ba:
e0:d2:f0:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbEJ6vSAYCcCV+7R0zcwzucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi
ZDQ1YmMwHhcNMjUwNTEyMTEwMDU2WhcNMjUwNTEzMTEwMDU2WjAzMTEwLwYDVQQD
Eyg4NWUxMzhmNzJjNzg3NjMyOGQyZDk0MzhkZWE1ZTEzNjk2NjdhY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGN8OQGf6ADCEqy5hXx2GzRcclvM
O84SX3xSEsxa119TwmBDoHEv825ZUj1GAuRP2a22CaQ9e4kiiADloTGQfhKIlGln
tM0y9w4bnmuvygHu8O4ZdqRtqhT1wfQtg3kAS3Z2+d2Pmoz2EvbZLvD8n2TRypqi
0I/ni8BSq0OYsiXsQzSPWNwH5B9ftMrEniRJgRGhJksBxrBkaOh5oUigfqbEsk/h
38xy+n9lvnq9qzHwUzbcb7gYc1J0WsM6xKStuGiG5s7DBvFa8Sx3Gpnrj+Ge+0WZ
nFysqdOaSzrP/PdWM5lSMGqFisZ5Xq+XTTWDloOxiKabf0V/qLkSx3dqjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXhOPcseHYyjS2UON6l4TaWZ6ywMB8GA1UdIwQY
MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt
ZWU4MGEyZDI5NTJkLzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk
LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFTw+wGWU
9JKL8GjeJBrlSTka1qTvQPpEtUomlfhPCJSpRSWUmocRER6QABxrP66E7C5+ZegG
N/R6oD5XSMpVLRzIa+fZu1rl66jduRgSTdJdQT1toWStDOoaEHj47eICJzDK1JEj
gDnIrMDzDCZ/UavvLW0NfjVBhac/g8tQuM6lhx4I+PZsECsgEIU0XnGz0ftL6Avl
ArtoLHPUVm8nnYMmiNiBaKW31of4QSO9pVmFbWoRreUBIBeGZ2T1IS5ORb7clYRd
AP0RlH17cxFp8hxr4i+9bBOXOmZquvtK91CnPNF3Nv1NfA0Y6OdZaOyr4gjpzWJr
qql+LY264NLwgw==
-----END CERTIFICATE-----
Generated at Mon May 12 14:53:16 2025 by rpki-client