Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
File: _XF_OrY5RaG-c5wrOiWJvqVd224.mft (raw, json)
Hash identifier: OkNIXsGvdSIXlxvndoCmBOH+IYY0jBcvmDjY9gA89PY=
Subject key identifier: 67:B7:D2:88:C9:AE:DE:79:B8:DD:DD:2B:4D:21:FC:0A:28:F5:E4:2F
Authority key identifier: FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E
Certificate issuer: /CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e
Certificate serial: 0196C27005B66BD5B66AFF79C09AD7EF0BF4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
Manifest number: 0AE8
Signing time: Mon 12 May 2025 03:00:43 +0000
Manifest this update: Mon 12 May 2025 03:00:43 +0000
Manifest next update: Tue 13 May 2025 03:00:43 +0000
Files and hashes: 1: _XF_OrY5RaG-c5wrOiWJvqVd224.crl (hash: MTL1YI1QOjEwn6Sl+B1uH4VVjt4xpR3uTQmv3JwkKQY=)
2: gzdyy5qInnSa0M6b956pVUzgC-k.roa (hash: 2Ow3V4pucXvBImXLn02gpmIFTSdf3VU+/V7SnyCKOjI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c2:70:05:b6:6b:d5:b6:6a:ff:79:c0:9a:d7:ef:0b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e
Validity
Not Before: May 12 03:00:43 2025 GMT
Not After : May 13 03:00:43 2025 GMT
Subject: CN=67b7d288c9aede79b8dddd2b4d21fc0a28f5e42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5a:24:ab:1c:84:14:83:37:80:0d:0a:c6:70:
be:16:ec:b5:5c:ad:c7:ab:8c:59:b7:5d:66:54:8a:
21:58:43:27:c3:c4:4d:1e:52:c6:2b:06:3a:6b:fb:
07:b2:d1:d5:30:f9:04:43:6f:c8:8f:19:04:84:46:
1d:c9:a7:3b:ec:7a:b8:56:c4:c5:88:52:77:b6:07:
1b:89:ac:a5:40:ee:51:ea:8d:44:94:fe:db:43:c9:
b8:19:85:b2:37:3f:ad:31:e7:65:60:f0:3c:70:9a:
52:53:b8:d8:99:4e:3c:21:e1:81:26:d4:fe:cc:be:
d0:8f:0b:d4:57:65:b2:2b:f8:9f:8e:26:46:50:17:
a2:d7:ba:f1:fa:9b:c8:8e:6b:9d:e8:60:ed:48:6f:
a1:c7:ac:2b:ea:81:74:95:ae:be:47:bf:ab:25:fc:
d5:45:57:3d:34:7e:d7:30:6a:f4:54:de:e4:d5:f2:
6c:e4:1b:d2:1a:bd:e0:f0:97:08:d3:89:f6:2c:56:
9b:f3:d0:6d:20:f5:46:c1:5d:1a:5a:75:cb:8b:f7:
fb:69:dd:5f:cd:d5:6b:44:47:68:a9:be:79:16:f1:
ad:63:79:f6:d0:e8:80:03:3d:36:8e:12:cd:c3:b6:
a6:bc:0f:22:d4:60:0f:fa:8f:e4:d6:41:8e:2f:5f:
88:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B7:D2:88:C9:AE:DE:79:B8:DD:DD:2B:4D:21:FC:0A:28:F5:E4:2F
X509v3 Authority Key Identifier:
keyid:FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:ab:92:6d:22:87:b5:bc:db:93:ba:48:23:e5:c5:76:8c:ca:
de:8f:46:05:42:36:00:86:05:78:be:c9:b9:b7:f8:04:81:e3:
cb:e4:47:aa:88:9a:91:44:c8:2b:8d:16:d4:62:8e:a5:13:85:
24:d0:1e:1b:6d:71:17:eb:ab:5d:37:d7:e9:4d:03:67:56:dc:
12:e7:1f:0a:7a:42:34:d2:2d:52:24:b2:a3:05:74:8d:a5:73:
c0:f2:30:ac:32:0d:eb:b0:8d:4a:c0:96:13:ba:a4:a8:30:df:
9a:c4:e3:53:21:24:56:62:91:84:ab:86:c9:23:8d:62:2b:ca:
57:8d:07:a6:e0:15:69:91:62:d1:fb:06:9a:13:4b:ea:92:04:
ec:02:79:ff:59:d3:5f:de:72:09:c1:a8:4c:11:72:fd:a3:84:
01:7f:c1:06:fd:25:5e:1c:32:31:c9:4d:19:6c:51:fa:2d:2e:
33:a6:80:45:0c:64:93:08:ed:04:a9:52:80:a3:6c:5a:8e:11:
ac:9f:43:35:c1:45:48:db:7c:f9:d8:2f:f4:65:ac:55:45:fa:
7d:f9:e9:1c:57:2b:77:29:5b:8d:9d:47:e5:51:03:7f:eb:1e:
3f:4e:70:86:f9:38:db:8f:ac:a5:b9:81:6d:ed:80:23:01:c4:
48:95:89:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbCcAW2a9W2av95wJrX7wv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzE3ZjNhYjYzOTQ1YTFiZTczOWMyYjNhMjU4OWJlYTU1
ZGRiNmUwHhcNMjUwNTEyMDMwMDQzWhcNMjUwNTEzMDMwMDQzWjAzMTEwLwYDVQQD
Eyg2N2I3ZDI4OGM5YWVkZTc5YjhkZGRkMmI0ZDIxZmMwYTI4ZjVlNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFokqxyEFIM3gA0KxnC+Fuy1XK3H
q4xZt11mVIohWEMnw8RNHlLGKwY6a/sHstHVMPkEQ2/IjxkEhEYdyac77Hq4VsTF
iFJ3tgcbiaylQO5R6o1ElP7bQ8m4GYWyNz+tMedlYPA8cJpSU7jYmU48IeGBJtT+
zL7QjwvUV2WyK/ifjiZGUBei17rx+pvIjmud6GDtSG+hx6wr6oF0la6+R7+rJfzV
RVc9NH7XMGr0VN7k1fJs5BvSGr3g8JcI04n2LFab89BtIPVGwV0aWnXLi/f7ad1f
zdVrREdoqb55FvGtY3n20OiAAz02jhLNw7amvA8i1GAP+o/k1kGOL1+IiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGe30ojJrt55uN3dK00h/Aoo9eQvMB8GA1UdIwQY
MBaAFP1xfzq2OUWhvnOcKzolib6lXdtuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAt
OTMxNTA1ZmY0MWM1LzEvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yZjBhNjYtMTYzNC00MGZiLTk5YjAtOTMxNTA1ZmY0MWM1
LzEvX1hGX09yWTVSYUctYzV3ck9pV0p2cVZkMjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6uSbSKH
tbzbk7pII+XFdozK3o9GBUI2AIYFeL7Jubf4BIHjy+RHqoiakUTIK40W1GKOpROF
JNAeG21xF+urXTfX6U0DZ1bcEucfCnpCNNItUiSyowV0jaVzwPIwrDIN67CNSsCW
E7qkqDDfmsTjUyEkVmKRhKuGySONYivKV40HpuAVaZFi0fsGmhNL6pIE7AJ5/1nT
X95yCcGoTBFy/aOEAX/BBv0lXhwyMclNGWxR+i0uM6aARQxkkwjtBKlSgKNsWo4R
rJ9DNcFFSNt8+dgv9GWsVUX6ffnpHFcrdylbjZ1H5VEDf+seP05whvk424+spbmB
be2AIwHESJWJKA==
-----END CERTIFICATE-----
Generated at Mon May 12 05:30:42 2025 by rpki-client