Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/pPAKrld-dFH4jqYEv2ozc0zQMAk.mft
File: pPAKrld-dFH4jqYEv2ozc0zQMAk.mft (raw, json)
Hash identifier: MinMU2txN3cNKwH2ErhqmHOMCVa5M3r01nKqSCcXUc4=
Subject key identifier: 1C:DA:3C:B9:3B:7F:2F:E1:64:79:96:09:BB:A7:FC:6D:78:DF:4E:2D
Authority key identifier: A4:F0:0A:AE:57:7E:74:51:F8:8E:A6:04:BF:6A:33:73:4C:D0:30:09
Certificate issuer: /CN=a4f00aae577e7451f88ea604bf6a33734cd03009
Certificate serial: 019771F671DA072D423D445D221F8C1A3794
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPAKrld-dFH4jqYEv2ozc0zQMAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/pPAKrld-dFH4jqYEv2ozc0zQMAk.mft
Manifest number: 0DF0
Signing time: Sun 15 Jun 2025 05:01:05 +0000
Manifest this update: Sun 15 Jun 2025 05:01:05 +0000
Manifest next update: Mon 16 Jun 2025 05:01:05 +0000
Files and hashes: 1: XRYyvh6J7DkVdKbz1yypWyD6-m0.roa (hash: 6+dNcwPteiKzyDYvKh6xy6mmMEyhqVqNL5Sm9+oU6rA=)
2: pPAKrld-dFH4jqYEv2ozc0zQMAk.crl (hash: V/i1EZN2JZZ6A4QxlH3aLvl/4Qlw8JS+5vPOGyb/PNs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/pPAKrld-dFH4jqYEv2ozc0zQMAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/pPAKrld-dFH4jqYEv2ozc0zQMAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPAKrld-dFH4jqYEv2ozc0zQMAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:71:f6:71:da:07:2d:42:3d:44:5d:22:1f:8c:1a:37:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f00aae577e7451f88ea604bf6a33734cd03009
Validity
Not Before: Jun 15 05:01:05 2025 GMT
Not After : Jun 16 05:01:05 2025 GMT
Subject: CN=1cda3cb93b7f2fe164799609bba7fc6d78df4e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:da:3c:c0:0e:79:ea:64:44:fa:e0:3a:cc:3e:
4d:d6:52:a7:ab:53:bc:c3:2b:8a:23:be:53:7b:57:
ea:84:67:a3:44:c6:1e:66:ee:b8:47:1b:3c:e1:c7:
f2:21:79:f0:8e:70:5a:0a:77:0c:26:71:c4:ff:0b:
23:b2:de:4e:97:3e:e6:ab:f7:e9:6d:27:6c:9d:35:
85:05:de:42:92:3b:86:3c:43:10:fa:e4:08:7a:3b:
d8:70:69:a4:25:f5:65:d3:01:63:ae:84:1b:6e:3e:
3e:cd:f8:db:2a:f6:05:b7:77:66:ae:5c:56:e1:ab:
9f:22:21:d3:f8:bb:59:fc:86:d9:a7:6e:ba:1f:c8:
12:9b:0d:fa:13:95:06:c3:b2:92:1c:a9:9d:9f:58:
15:40:f8:51:86:e4:e2:da:f5:2c:1a:01:fc:c4:18:
33:0d:62:e3:16:2a:ba:79:72:f7:5a:de:4a:f6:b7:
4d:78:78:85:59:10:a8:52:7a:7b:79:f5:d3:99:55:
33:00:e9:94:89:02:a8:3c:16:50:77:af:45:6e:12:
e4:32:0d:19:2c:de:52:06:a1:b7:9e:5d:0b:89:91:
46:5c:2c:6f:90:98:3f:99:ad:b5:c6:db:c1:96:db:
7f:03:40:61:1b:44:c0:0b:5e:f8:6b:a8:1d:0a:c7:
7a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DA:3C:B9:3B:7F:2F:E1:64:79:96:09:BB:A7:FC:6D:78:DF:4E:2D
X509v3 Authority Key Identifier:
keyid:A4:F0:0A:AE:57:7E:74:51:F8:8E:A6:04:BF:6A:33:73:4C:D0:30:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPAKrld-dFH4jqYEv2ozc0zQMAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/pPAKrld-dFH4jqYEv2ozc0zQMAk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/58a94a-9e28-47a5-9fd6-9c91b1c5158a/1/pPAKrld-dFH4jqYEv2ozc0zQMAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:a7:e0:6e:6b:a3:b6:b0:43:3f:23:00:db:26:ee:67:71:3d:
08:31:f9:78:c9:30:ec:97:a7:3f:c9:3c:32:76:4f:87:7f:d2:
48:5c:cd:75:36:f4:81:e9:63:c8:93:8b:0b:41:eb:6c:7a:8b:
48:f2:24:7f:0e:a5:ae:cf:b5:c5:5f:f4:00:3d:57:bf:0a:37:
9c:c9:65:19:f3:75:92:05:ad:d8:c2:2a:13:cd:41:59:0d:6e:
bb:8a:48:d3:09:a6:e0:5e:b7:6c:2e:44:1d:36:3e:da:d6:ad:
e2:57:aa:da:30:00:eb:56:bb:ba:35:0c:6f:4e:df:72:9e:6c:
32:8d:5a:59:95:91:89:21:01:e0:e4:03:a4:22:8d:f9:79:cf:
03:9b:6f:4e:21:6c:ee:d9:e0:fa:b1:86:2a:65:3b:37:ac:d2:
a3:1d:c5:76:4e:b8:bc:1c:db:e8:91:06:6a:bb:d4:f7:5d:32:
e3:b7:b1:ba:30:11:50:80:15:c2:18:3b:48:4c:fd:4a:a0:63:
a1:bc:e8:a5:3a:45:8d:58:4f:d5:f6:1a:47:c5:2e:6f:58:1d:
22:16:49:d4:b8:24:51:00:c5:de:b9:33:08:59:79:c2:01:db:
9d:8a:00:1f:10:56:99:8c:f3:c3:ed:8c:7f:5f:98:5d:d5:1c:
90:29:a0:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdx9nHaBy1CPURdIh+MGjeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjAwYWFlNTc3ZTc0NTFmODhlYTYwNGJmNmEzMzczNGNk
MDMwMDkwHhcNMjUwNjE1MDUwMTA1WhcNMjUwNjE2MDUwMTA1WjAzMTEwLwYDVQQD
EygxY2RhM2NiOTNiN2YyZmUxNjQ3OTk2MDliYmE3ZmM2ZDc4ZGY0ZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdo8wA556mRE+uA6zD5N1lKnq1O8
wyuKI75Te1fqhGejRMYeZu64Rxs84cfyIXnwjnBaCncMJnHE/wsjst5Olz7mq/fp
bSdsnTWFBd5CkjuGPEMQ+uQIejvYcGmkJfVl0wFjroQbbj4+zfjbKvYFt3dmrlxW
4aufIiHT+LtZ/IbZp266H8gSmw36E5UGw7KSHKmdn1gVQPhRhuTi2vUsGgH8xBgz
DWLjFiq6eXL3Wt5K9rdNeHiFWRCoUnp7efXTmVUzAOmUiQKoPBZQd69FbhLkMg0Z
LN5SBqG3nl0LiZFGXCxvkJg/ma21xtvBltt/A0BhG0TAC174a6gdCsd6zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzaPLk7fy/hZHmWCbun/G14304tMB8GA1UdIwQY
MBaAFKTwCq5XfnRR+I6mBL9qM3NM0DAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBBS3JsZC1kRkg0anFZRXYyb3pjMHpRTUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81OGE5NGEtOWUyOC00N2E1LTlmZDYt
OWM5MWIxYzUxNThhLzEvcFBBS3JsZC1kRkg0anFZRXYyb3pjMHpRTUFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81OGE5NGEtOWUyOC00N2E1LTlmZDYtOWM5MWIxYzUxNThh
LzEvcFBBS3JsZC1kRkg0anFZRXYyb3pjMHpRTUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsKfgbmuj
trBDPyMA2ybuZ3E9CDH5eMkw7JenP8k8MnZPh3/SSFzNdTb0geljyJOLC0HrbHqL
SPIkfw6lrs+1xV/0AD1Xvwo3nMllGfN1kgWt2MIqE81BWQ1uu4pI0wmm4F63bC5E
HTY+2tat4leq2jAA61a7ujUMb07fcp5sMo1aWZWRiSEB4OQDpCKN+XnPA5tvTiFs
7tng+rGGKmU7N6zSox3Fdk64vBzb6JEGarvU910y47exujARUIAVwhg7SEz9SqBj
obzopTpFjVhP1fYaR8Uub1gdIhZJ1LgkUQDF3rkzCFl5wgHbnYoAHxBWmYzzw+2M
f1+YXdUckCmgeg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:23:25 2025 by rpki-client