Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
File: PqU6yajcRG-34BE7aLOOlwwZ98w.mft (raw, json)
Hash identifier: BzrTaXyD7+DhkzBqsGoh6LgdRKdPsCbvrnRlGmyCGvk=
Subject key identifier: 4D:43:62:D6:D8:AD:BA:51:D0:88:06:EC:37:4C:6D:A6:AA:DC:83:A9
Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Certificate serial: 0196753048591E6E7BD7D21154E300E1AAFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
Manifest number: 149C
Signing time: Sun 27 Apr 2025 03:00:20 +0000
Manifest this update: Sun 27 Apr 2025 03:00:20 +0000
Manifest next update: Mon 28 Apr 2025 03:00:20 +0000
Files and hashes: 1: PqU6yajcRG-34BE7aLOOlwwZ98w.crl (hash: Fd9KaaHsIbrSEc1L2p1oiSUpryMdGJVY4rx5gzrVe+g=)
2: ZFcvFlhDWryyoXWXMpIDlrIOANM.roa (hash: vf4LDljSHDeogKMO6SAS7Y9xTDtYGGINc31+p97CZuM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 03:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:30:48:59:1e:6e:7b:d7:d2:11:54:e3:00:e1:aa:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Validity
Not Before: Apr 27 03:00:20 2025 GMT
Not After : Apr 28 03:00:20 2025 GMT
Subject: CN=4d4362d6d8adba51d08806ec374c6da6aadc83a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f9:fa:5f:6b:4d:92:75:b6:d5:a1:79:3c:fc:
9e:ea:eb:b8:60:eb:76:50:90:65:8e:83:2f:a4:8c:
12:79:f7:81:a4:1d:4e:5e:10:0b:59:33:05:38:6c:
a4:7e:82:f6:75:2b:91:44:da:c9:4c:bf:e3:2d:c9:
a5:5f:6a:bb:0a:45:e6:33:8c:dc:2c:14:40:cc:00:
6b:48:ea:1b:dd:ca:49:d0:87:64:42:c4:51:de:c1:
14:cd:86:bd:9f:27:bc:c0:16:d8:2d:84:fb:93:a6:
73:27:9d:b2:71:66:1e:15:ff:e3:b4:48:e2:d0:31:
2c:ea:a4:37:27:e3:22:cf:5a:1d:36:0d:8f:74:26:
68:89:5e:83:4b:78:e4:cd:8c:61:2e:1f:e4:25:c8:
7a:c3:8e:80:42:c5:a1:cf:80:6a:07:b5:c6:6a:7f:
31:25:5e:38:3e:d3:3d:ff:e6:ef:35:ea:09:d5:95:
29:33:4b:8f:7c:fa:2e:0a:ce:3b:8e:1e:8a:54:d6:
9c:70:0f:84:14:37:66:2a:d4:6e:f1:67:65:dc:7d:
f6:83:17:d5:0d:77:1a:7f:61:64:45:90:5f:6f:ba:
51:0e:0a:8b:73:bb:1d:56:c7:90:f4:d9:2a:f8:0d:
ee:2d:47:13:8a:ad:4a:51:5c:44:81:38:ae:fa:e6:
05:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:43:62:D6:D8:AD:BA:51:D0:88:06:EC:37:4C:6D:A6:AA:DC:83:A9
X509v3 Authority Key Identifier:
keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:25:59:e2:ed:cb:85:f5:98:26:be:c8:21:55:50:df:7b:ae:
69:64:42:24:05:2a:3f:74:be:5d:24:05:99:01:e9:74:a5:35:
85:36:c5:f7:87:ad:31:7d:f9:d9:82:91:fe:c3:2a:7f:66:28:
10:3d:f1:3c:2b:8c:33:4a:76:42:6b:3f:d0:1d:63:ad:43:ef:
91:88:3a:05:3c:65:bf:4f:23:d8:f0:77:0c:60:9c:7f:01:16:
99:7a:90:3f:87:f3:8a:e5:2c:57:7e:45:19:c3:00:ed:5b:c2:
a6:af:64:f2:76:d1:16:44:d0:86:7f:90:59:04:bf:7b:54:0f:
aa:3b:69:4e:f3:6c:fa:6a:12:5f:3e:39:e6:ca:00:a4:55:f7:
fe:73:2f:62:d9:1c:42:f7:bd:32:c2:86:b1:2f:cd:63:dd:60:
2d:53:f3:0e:0b:8d:63:74:0e:6b:6d:d8:9b:2f:6f:26:bb:34:
5a:2f:0e:7d:29:7c:66:13:79:57:21:31:0f:ee:fe:26:43:b9:
fe:32:a9:c1:7d:d7:d7:ce:c4:70:1d:71:15:e4:d1:15:d5:6b:
9a:df:d5:4d:91:42:67:dc:6f:f3:38:2c:b2:b7:71:d3:31:c1:
ce:a8:f6:46:8e:6c:22:12:07:77:1b:7b:f0:96:98:b5:67:c5:
9e:05:10:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1MEhZHm5719IRVOMA4ar7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTUzYWM5YThkYzQ0NmZiN2UwMTEzYjY4YjM4ZTk3MGMx
OWY3Y2MwHhcNMjUwNDI3MDMwMDIwWhcNMjUwNDI4MDMwMDIwWjAzMTEwLwYDVQQD
Eyg0ZDQzNjJkNmQ4YWRiYTUxZDA4ODA2ZWMzNzRjNmRhNmFhZGM4M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPn6X2tNknW21aF5PPye6uu4YOt2
UJBljoMvpIwSefeBpB1OXhALWTMFOGykfoL2dSuRRNrJTL/jLcmlX2q7CkXmM4zc
LBRAzABrSOob3cpJ0IdkQsRR3sEUzYa9nye8wBbYLYT7k6ZzJ52ycWYeFf/jtEji
0DEs6qQ3J+Miz1odNg2PdCZoiV6DS3jkzYxhLh/kJch6w46AQsWhz4BqB7XGan8x
JV44PtM9/+bvNeoJ1ZUpM0uPfPouCs47jh6KVNaccA+EFDdmKtRu8Wdl3H32gxfV
DXcaf2FkRZBfb7pRDgqLc7sdVseQ9Nkq+A3uLUcTiq1KUVxEgTiu+uYFmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1DYtbYrbpR0IgG7DdMbaaq3IOpMB8GA1UdIwQY
MBaAFD6lOsmo3ERvt+ARO2izjpcMGffMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjct
MzUxYzIxMTkyYzY1LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjctMzUxYzIxMTkyYzY1
LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuyVZ4u3L
hfWYJr7IIVVQ33uuaWRCJAUqP3S+XSQFmQHpdKU1hTbF94etMX352YKR/sMqf2Yo
ED3xPCuMM0p2Qms/0B1jrUPvkYg6BTxlv08j2PB3DGCcfwEWmXqQP4fziuUsV35F
GcMA7VvCpq9k8nbRFkTQhn+QWQS/e1QPqjtpTvNs+moSXz455soApFX3/nMvYtkc
Qve9MsKGsS/NY91gLVPzDguNY3QOa23Ymy9vJrs0Wi8OfSl8ZhN5VyExD+7+JkO5
/jKpwX3X187EcB1xFeTRFdVrmt/VTZFCZ9xv8zgssrdx0zHBzqj2Ro5sIhIHdxt7
8JaYtWfFngUQyA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:22:31 2025 by rpki-client