Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: w7uS4HXZZmCT12aQoDIJy0dcfJWcMOQCQde8x6EOoEM=
Subject key identifier: E9:3B:67:D8:AF:E7:AF:B5:83:E0:D2:10:9A:C9:C0:3A:6F:8A:5F:88
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 019770755EC0C0C389EF96EC2C69C047838D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 158D
Signing time: Sat 14 Jun 2025 22:00:29 +0000
Manifest this update: Sat 14 Jun 2025 22:00:29 +0000
Manifest next update: Sun 15 Jun 2025 22:00:29 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: aAL2ZO4ZGOioCEqhockjPlWGBUFouIWA88Hp7Xro/oE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:70:75:5e:c0:c0:c3:89:ef:96:ec:2c:69:c0:47:83:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Jun 14 22:00:29 2025 GMT
Not After : Jun 15 22:00:29 2025 GMT
Subject: CN=e93b67d8afe7afb583e0d2109ac9c03a6f8a5f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:59:85:6a:7a:73:66:11:9a:7f:35:c5:98:74:
9f:ee:c6:14:00:09:7f:48:8f:4a:89:a0:dd:50:f7:
e1:4d:50:56:3e:c6:75:96:65:ee:78:70:75:bd:83:
76:c6:7f:ac:6a:46:e0:da:14:52:19:82:7a:27:73:
81:b7:28:18:6d:2f:8d:b7:55:00:5b:da:f9:57:0d:
90:8a:dc:ac:16:59:13:b2:49:ab:e0:e7:23:81:83:
80:8a:b8:9f:19:dc:34:3d:a9:99:89:44:52:79:f8:
a4:a8:32:9c:19:f9:a0:5d:93:ce:59:42:8e:68:61:
0b:7d:f0:25:8b:94:f2:36:55:d2:2c:d6:49:d8:5a:
3c:62:bf:5e:a0:a1:c5:8d:90:db:7a:17:40:8c:ac:
f7:77:c4:27:c2:d8:41:b1:35:4f:35:9b:ec:ed:c4:
fb:49:31:b2:0c:38:4c:21:33:1c:45:9a:f8:d9:fd:
0f:b0:3b:b6:1a:7a:a0:e6:e0:93:93:df:ed:21:a8:
6e:5b:3e:e6:47:8f:b3:b0:55:e7:32:2b:c3:2e:65:
3e:be:31:cb:aa:9f:f1:eb:cb:17:47:c2:36:3b:71:
a3:ee:57:40:9a:df:40:0c:4e:0d:13:4b:a4:58:2c:
13:d8:6d:be:88:2e:ea:dc:d0:22:35:9d:6f:14:67:
6a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3B:67:D8:AF:E7:AF:B5:83:E0:D2:10:9A:C9:C0:3A:6F:8A:5F:88
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:76:ba:b7:af:7f:a8:d3:aa:88:62:71:f4:14:03:81:5e:09:
0a:b6:f0:12:64:c0:45:19:b8:64:d1:11:3e:bf:2a:98:d3:54:
1b:48:aa:df:4f:22:a5:6e:a9:b3:5c:9b:f4:8a:f3:c8:17:8a:
ba:86:ac:83:7c:ea:bc:c0:1d:b1:fb:43:81:1d:6f:61:88:9f:
7e:65:a6:7f:77:6e:3e:18:67:d3:46:c6:71:4a:cc:f5:8b:f4:
31:d5:bb:30:4b:4f:9e:55:e8:23:88:d0:e0:9d:a1:81:07:23:
33:b8:5c:2d:b0:16:7f:ee:37:1e:0d:fe:25:59:bc:5b:37:28:
35:8b:69:09:81:05:12:9f:73:4e:ea:a1:04:9c:4d:90:a0:7a:
ae:d3:fe:0a:4b:bd:dd:2c:d5:45:5a:19:8f:63:9f:5a:fd:6f:
ec:24:54:3b:eb:b6:d0:37:16:e3:95:fb:6c:a8:75:db:a2:e1:
00:b0:f7:e8:ae:3e:cc:7d:e1:94:58:27:42:51:6a:72:cb:0f:
6d:ae:28:21:54:f0:be:c2:c3:97:7b:a9:e8:79:f2:6a:24:da:
1c:f0:19:33:c6:69:0a:f2:a1:a8:52:37:2f:63:76:ca:69:f7:
6a:5e:bf:75:43:95:c8:6f:70:b2:1b:92:35:81:b2:eb:ff:75:
46:44:ff:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwdV7AwMOJ75bsLGnAR4ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUwNjE0MjIwMDI5WhcNMjUwNjE1MjIwMDI5WjAzMTEwLwYDVQQD
EyhlOTNiNjdkOGFmZTdhZmI1ODNlMGQyMTA5YWM5YzAzYTZmOGE1Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1mFanpzZhGafzXFmHSf7sYUAAl/
SI9KiaDdUPfhTVBWPsZ1lmXueHB1vYN2xn+sakbg2hRSGYJ6J3OBtygYbS+Nt1UA
W9r5Vw2QitysFlkTskmr4OcjgYOAirifGdw0PamZiURSefikqDKcGfmgXZPOWUKO
aGELffAli5TyNlXSLNZJ2Fo8Yr9eoKHFjZDbehdAjKz3d8QnwthBsTVPNZvs7cT7
STGyDDhMITMcRZr42f0PsDu2Gnqg5uCTk9/tIahuWz7mR4+zsFXnMivDLmU+vjHL
qp/x68sXR8I2O3Gj7ldAmt9ADE4NE0ukWCwT2G2+iC7q3NAiNZ1vFGdq2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOk7Z9iv56+1g+DSEJrJwDpvil+IMB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASHa6t69/
qNOqiGJx9BQDgV4JCrbwEmTARRm4ZNERPr8qmNNUG0iq308ipW6ps1yb9IrzyBeK
uoasg3zqvMAdsftDgR1vYYiffmWmf3duPhhn00bGcUrM9Yv0MdW7MEtPnlXoI4jQ
4J2hgQcjM7hcLbAWf+43Hg3+JVm8WzcoNYtpCYEFEp9zTuqhBJxNkKB6rtP+Cku9
3SzVRVoZj2OfWv1v7CRUO+u20DcW45X7bKh126LhALD36K4+zH3hlFgnQlFqcssP
ba4oIVTwvsLDl3up6HnyaiTaHPAZM8ZpCvKhqFI3L2N2ymn3al6/dUOVyG9wshuS
NYGy6/91RkT/Rw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:06:46 2025 by rpki-client