Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json)
Hash identifier: gU9jRHVnq3POjngFUxR3FcvulWchiGN+AUOxkFLAHTs=
Subject key identifier: DE:3C:47:07:6E:A5:5E:B2:26:76:D5:B9:AD:2B:D6:64:44:D6:17:A2
Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Certificate serial: 0196A2402DDE212FB34CD34534A3B025659D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
Manifest number: 0424
Signing time: Mon 05 May 2025 21:00:37 +0000
Manifest this update: Mon 05 May 2025 21:00:37 +0000
Manifest next update: Tue 06 May 2025 21:00:37 +0000
Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=)
2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: 5l4KY9VtklepDXWEwlzYnZfHCJpMUHb14+9vGVHiZaM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 21:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a2:40:2d:de:21:2f:b3:4c:d3:45:34:a3:b0:25:65:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071
Validity
Not Before: May 5 21:00:37 2025 GMT
Not After : May 6 21:00:37 2025 GMT
Subject: CN=de3c47076ea55eb22676d5b9ad2bd66444d617a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1c:ac:90:df:01:8e:50:28:32:42:c6:f6:a5:
d1:50:a8:65:b5:3d:9d:cc:d6:bd:a8:9a:f7:65:8f:
96:37:ed:64:56:90:92:08:05:c4:6a:a8:0c:73:da:
59:06:37:07:f8:41:0d:22:71:50:f3:85:9d:5a:d3:
2d:20:ce:e2:96:6b:9e:fe:09:28:37:02:71:fc:5b:
e8:61:05:61:cc:25:eb:9e:07:9d:02:2a:b9:b6:d8:
84:fc:92:e1:58:9d:65:17:05:61:d0:86:2b:b7:54:
0d:c6:b1:0d:b0:b7:3b:f5:84:c8:7f:c2:da:22:5f:
21:03:c6:9a:f8:73:5d:84:d8:a8:a8:9a:0e:b5:13:
7e:68:9e:02:54:a5:11:aa:1c:29:a0:cd:f3:b3:21:
97:81:89:fe:f5:5d:1e:38:d6:d8:26:da:a2:c7:97:
18:54:8c:97:f1:37:54:8f:53:82:de:cf:f2:bb:4c:
68:0e:05:9b:f1:45:05:63:88:00:54:e3:ae:db:c8:
d8:7c:af:ed:e2:c5:69:2d:ab:1e:3e:2a:18:1b:b4:
9b:bc:d2:3f:6e:82:15:50:2f:1f:91:01:6f:1e:12:
e3:da:f1:f7:1b:d0:2d:cd:72:8c:86:ab:7a:b3:ea:
f4:fa:d5:bd:b9:74:44:ac:af:c5:1f:6e:e8:15:ba:
c4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3C:47:07:6E:A5:5E:B2:26:76:D5:B9:AD:2B:D6:64:44:D6:17:A2
X509v3 Authority Key Identifier:
keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:5e:19:8e:49:d3:d4:67:53:10:b1:1a:89:d8:d2:ff:88:40:
48:b7:b5:73:90:d3:fc:b8:dd:11:f0:18:0f:ed:1a:48:ca:58:
45:0b:30:d4:56:d1:88:3f:39:8d:76:0e:96:a6:60:d0:8f:d1:
77:73:4a:b3:d4:8f:6f:8e:1e:fa:8d:33:e5:b3:4b:7a:c6:82:
dc:77:25:38:94:5e:d5:f6:a3:79:9d:59:d8:49:fc:b7:66:d0:
56:45:e6:64:90:09:f4:bb:4d:12:a3:20:8f:00:f6:31:50:c2:
5a:2c:c2:a3:74:df:49:cd:c0:ad:6b:34:fd:54:2c:6d:78:f2:
ac:fc:60:16:b5:a5:c2:43:d2:6c:8c:b6:9e:04:e9:af:d0:ec:
03:9d:fc:6a:96:9d:09:8b:9f:3d:69:21:a8:90:85:88:65:c4:
45:5b:0d:6b:ac:71:d4:4e:a0:de:d1:7a:11:92:5f:76:a6:4e:
4c:0d:40:ec:a6:0d:5b:c9:38:32:95:bc:59:45:85:af:ef:28:
a0:b4:5a:8c:6c:c8:d6:16:ec:c2:21:89:bb:9d:01:78:4b:10:
51:0d:55:9e:27:d2:04:d8:b4:01:29:58:f9:d7:58:96:6c:96:
af:62:8a:44:69:22:b9:5d:eb:79:a1:01:cc:e2:a4:2e:6e:6f:
7f:ee:21:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaiQC3eIS+zTNNFNKOwJWWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5
MDUwNzEwHhcNMjUwNTA1MjEwMDM3WhcNMjUwNTA2MjEwMDM3WjAzMTEwLwYDVQQD
EyhkZTNjNDcwNzZlYTU1ZWIyMjY3NmQ1YjlhZDJiZDY2NDQ0ZDYxN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ByskN8BjlAoMkLG9qXRUKhltT2d
zNa9qJr3ZY+WN+1kVpCSCAXEaqgMc9pZBjcH+EENInFQ84WdWtMtIM7ilmue/gko
NwJx/FvoYQVhzCXrngedAiq5ttiE/JLhWJ1lFwVh0IYrt1QNxrENsLc79YTIf8La
Il8hA8aa+HNdhNioqJoOtRN+aJ4CVKURqhwpoM3zsyGXgYn+9V0eONbYJtqix5cY
VIyX8TdUj1OC3s/yu0xoDgWb8UUFY4gAVOOu28jYfK/t4sVpLasePioYG7SbvNI/
boIVUC8fkQFvHhLj2vH3G9AtzXKMhqt6s+r0+tW9uXRErK/FH27oFbrEfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN48RwdupV6yJnbVua0r1mRE1heiMB8GA1UdIwQY
MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt
NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy
LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiV4ZjknT
1GdTELEaidjS/4hASLe1c5DT/LjdEfAYD+0aSMpYRQsw1FbRiD85jXYOlqZg0I/R
d3NKs9SPb44e+o0z5bNLesaC3HclOJRe1fajeZ1Z2En8t2bQVkXmZJAJ9LtNEqMg
jwD2MVDCWizCo3TfSc3ArWs0/VQsbXjyrPxgFrWlwkPSbIy2ngTpr9DsA538apad
CYufPWkhqJCFiGXERVsNa6xx1E6g3tF6EZJfdqZOTA1A7KYNW8k4MpW8WUWFr+8o
oLRajGzI1hbswiGJu50BeEsQUQ1VnifSBNi0ASlY+ddYlmyWr2KKRGkiuV3reaEB
zOKkLm5vf+4hXA==
-----END CERTIFICATE-----
Generated at Tue May 6 06:22:03 2025 by rpki-client