Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
File: PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft (raw, json)
Hash identifier: 2MCMudK/QRiwvoxELQ3RWSpWxjYSIGxhSRX93frJjLo=
Subject key identifier: 4B:11:CA:0F:06:90:55:0D:93:13:EA:D0:C8:41:E4:7E:5A:34:81:D6
Authority key identifier: 3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
Certificate issuer: /CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Certificate serial: 019687DB534BC1137AA9C8BD6B39608BE40D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
Manifest number: 1518
Signing time: Wed 30 Apr 2025 18:00:19 +0000
Manifest this update: Wed 30 Apr 2025 18:00:19 +0000
Manifest next update: Thu 01 May 2025 18:00:19 +0000
Files and hashes: 1: 2AYUWvm8F1To8URav6-hliMLNGM.roa (hash: xtydpTSnQLnPEEmzIm3eQJgTUjiDutczP4OZlZO4Bow=)
2: PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl (hash: 4+lNp36/fnl3mmJ8mzbSAIW1mDKsgdnDsdl4+6lsYm0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 18:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:db:53:4b:c1:13:7a:a9:c8:bd:6b:39:60:8b:e4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Validity
Not Before: Apr 30 18:00:19 2025 GMT
Not After : May 1 18:00:19 2025 GMT
Subject: CN=4b11ca0f0690550d9313ead0c841e47e5a3481d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:66:e3:04:30:72:d8:b8:bb:18:f2:4a:3f:77:
1c:4d:b4:4f:b5:ec:50:3e:f6:b5:97:6e:6d:28:fd:
41:7d:1e:81:46:a0:44:7a:a3:22:a3:a6:25:c6:1f:
65:26:69:e6:d2:7b:16:a6:f1:a1:62:c1:f7:5d:6d:
76:7f:57:df:94:54:7b:0b:a2:8d:62:71:1d:30:a6:
8d:8e:52:72:5d:8e:06:f4:44:09:42:de:16:f9:59:
b1:40:5f:60:ba:a1:a1:d9:cc:e4:f1:a9:95:54:0f:
89:30:e5:5e:b1:c1:8b:b4:3c:7e:d6:df:d2:f7:f8:
8f:ef:b8:16:cb:f3:99:10:50:04:a4:2f:01:00:54:
b6:5b:78:db:4f:7c:77:8b:1c:5d:5e:40:b2:cd:35:
48:8e:42:66:96:26:3b:8a:f0:ac:42:4a:8d:19:d0:
e6:48:53:48:51:07:a9:2c:1f:25:e0:72:be:cf:c1:
be:48:10:2c:2d:6a:92:01:bd:88:2f:85:4f:d3:2b:
c3:64:d0:02:04:cb:45:ca:d6:95:95:7b:e5:78:9c:
db:c4:cf:ea:0f:af:35:87:fd:c1:bb:40:89:c3:03:
59:48:d7:dd:63:ae:b0:36:d6:2b:cc:ae:a7:ab:f0:
36:9c:0d:2d:15:ca:5b:ea:56:b2:b9:1f:8e:08:ec:
5f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:11:CA:0F:06:90:55:0D:93:13:EA:D0:C8:41:E4:7E:5A:34:81:D6
X509v3 Authority Key Identifier:
keyid:3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:8e:aa:89:d1:06:9d:2b:44:61:19:54:de:5c:af:99:87:d1:
02:b7:b0:08:71:0f:18:2a:72:0f:2b:80:1d:e8:a0:1b:90:bf:
b0:ec:4b:ff:e3:16:35:51:04:a6:da:e8:96:08:f7:17:79:4a:
b6:e3:74:16:c6:d2:6a:f1:2b:a2:47:22:35:7c:d2:46:15:03:
bf:a2:c4:4a:c2:a4:79:18:ed:cf:a0:ae:5f:d8:ba:e0:a4:97:
8e:fb:56:f3:13:14:5e:6b:5a:b6:99:d3:ba:89:f0:b1:96:ff:
11:e0:53:5b:98:75:4b:3e:84:5d:d6:a7:af:cb:56:4a:f4:e1:
b1:63:3d:ef:c3:f0:71:e6:c0:bd:15:a5:b2:58:b0:0d:f5:2b:
18:75:c4:de:a0:8d:7f:aa:7d:c0:b0:06:03:6b:50:f3:1c:3d:
60:05:be:8e:30:52:aa:87:dc:4d:fb:07:a8:ab:92:ff:9d:c3:
ab:45:33:83:e2:32:9e:03:d3:05:57:6c:0f:f3:bc:50:07:1b:
b7:30:8f:a4:86:10:29:2d:60:6a:c7:6a:e8:20:df:25:c0:de:
43:41:38:e3:01:da:9a:ac:b7:42:d3:bd:8a:04:12:84:5b:37:
05:16:2c:11:28:db:13:21:bf:8f:3b:77:5f:96:7b:94:c8:fe:
9d:d5:27:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaH21NLwRN6qci9azlgi+QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzBmMWY2NTYzZGU0M2ExMWQzNjQ0OTc1NjY3YzFjMjhl
Nzk1OWUwHhcNMjUwNDMwMTgwMDE5WhcNMjUwNTAxMTgwMDE5WjAzMTEwLwYDVQQD
Eyg0YjExY2EwZjA2OTA1NTBkOTMxM2VhZDBjODQxZTQ3ZTVhMzQ4MWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WbjBDBy2Li7GPJKP3ccTbRPtexQ
Pva1l25tKP1BfR6BRqBEeqMio6Ylxh9lJmnm0nsWpvGhYsH3XW12f1fflFR7C6KN
YnEdMKaNjlJyXY4G9EQJQt4W+VmxQF9guqGh2czk8amVVA+JMOVescGLtDx+1t/S
9/iP77gWy/OZEFAEpC8BAFS2W3jbT3x3ixxdXkCyzTVIjkJmliY7ivCsQkqNGdDm
SFNIUQepLB8l4HK+z8G+SBAsLWqSAb2IL4VP0yvDZNACBMtFytaVlXvleJzbxM/q
D681h/3Bu0CJwwNZSNfdY66wNtYrzK6nq/A2nA0tFcpb6layuR+OCOxfqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsRyg8GkFUNkxPq0MhB5H5aNIHWMB8GA1UdIwQY
MBaAFD1w8fZWPeQ6EdNkSXVmfBwo55WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQt
OGQzMjIyMDcxNWVlLzEvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQtOGQzMjIyMDcxNWVl
LzEvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO46qidEG
nStEYRlU3lyvmYfRArewCHEPGCpyDyuAHeigG5C/sOxL/+MWNVEEptrolgj3F3lK
tuN0FsbSavErokciNXzSRhUDv6LESsKkeRjtz6CuX9i64KSXjvtW8xMUXmtatpnT
uonwsZb/EeBTW5h1Sz6EXdanr8tWSvThsWM978PwcebAvRWlsliwDfUrGHXE3qCN
f6p9wLAGA2tQ8xw9YAW+jjBSqofcTfsHqKuS/53Dq0Uzg+IyngPTBVdsD/O8UAcb
tzCPpIYQKS1gasdq6CDfJcDeQ0E44wHamqy3QtO9igQShFs3BRYsESjbEyG/jzt3
X5Z7lMj+ndUnuA==
-----END CERTIFICATE-----
Generated at Thu May 1 02:53:34 2025 by rpki-client