Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File: pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier: it5CQHwgptGIKWQ7LpMM4GDnf0bJIb24+pDpSzx5WZ4=
Subject key identifier: F4:0B:8D:CD:25:25:C5:5F:F8:01:DE:1C:4E:93:0F:2B:0F:5C:2E:38
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer: /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial: 01967E6A5F1835600A5F9F2D15C79F2B5017
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number: 01E0
Signing time: Mon 28 Apr 2025 22:00:22 +0000
Manifest this update: Mon 28 Apr 2025 22:00:22 +0000
Manifest next update: Tue 29 Apr 2025 22:00:22 +0000
Files and hashes: 1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: RNGWFFt2cwGynj9B+Szf+6+CI8Ohylult3Mg2fZsRxM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:6a:5f:18:35:60:0a:5f:9f:2d:15:c7:9f:2b:50:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Validity
Not Before: Apr 28 22:00:22 2025 GMT
Not After : Apr 29 22:00:22 2025 GMT
Subject: CN=f40b8dcd2525c55ff801de1c4e930f2b0f5c2e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:59:ec:0b:7d:11:91:0e:a3:fb:de:4d:ab:0d:
ee:5a:e6:ab:fa:87:32:e5:d2:fd:65:56:37:7e:42:
d8:00:79:e7:c5:5b:7d:e1:47:e1:26:c8:0f:0f:25:
94:5b:9e:0f:88:c3:ea:a5:19:01:e2:88:fb:1c:df:
f3:66:74:4a:90:08:58:f5:6b:a3:f9:d3:9c:5e:67:
4b:44:74:49:50:f1:28:3c:54:ae:f5:2f:6a:4b:a9:
5f:d8:22:ca:c6:4d:b3:68:38:11:ca:91:40:91:15:
14:a3:2d:3a:0d:42:d7:b8:60:ed:0e:a4:b9:54:0c:
65:54:50:69:20:9f:20:dd:20:80:fb:97:f7:9a:65:
b1:fa:dc:eb:4c:73:68:19:1b:fc:59:9a:8d:0d:8b:
30:cc:a1:81:a8:5e:1b:d7:95:97:59:19:ec:8c:13:
82:76:e1:90:1f:4b:30:15:37:d3:de:b8:e9:25:73:
38:26:a9:b7:a6:48:ce:97:a0:05:00:cc:78:f0:4b:
5e:78:bc:e9:2b:33:98:68:b0:1a:e7:f0:af:00:b0:
3b:c0:0e:c5:c9:15:9f:89:91:b5:fc:e8:be:18:f6:
98:89:29:2a:92:07:95:90:e0:2a:90:33:ba:cd:14:
b3:a0:23:5c:82:d1:ee:69:76:df:00:e6:24:4f:65:
3d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0B:8D:CD:25:25:C5:5F:F8:01:DE:1C:4E:93:0F:2B:0F:5C:2E:38
X509v3 Authority Key Identifier:
keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:5e:1b:79:c2:c6:14:16:f2:4e:c9:a8:b5:74:b9:71:d7:9e:
db:9b:75:ce:1e:4b:33:1a:48:e4:6a:e6:05:04:08:2c:75:4e:
5f:4c:5f:10:7b:d4:a6:31:2a:f9:15:af:ae:35:be:26:ec:a1:
35:22:cc:5b:20:37:5f:35:8e:e5:00:29:6f:77:db:cf:7f:d8:
c0:8b:59:e1:fd:43:cc:00:ae:da:ee:31:1a:65:56:10:35:89:
76:f2:7e:f4:a1:3e:97:ff:a6:26:83:9b:4e:c4:f5:f2:de:b5:
1d:36:8e:de:44:9e:e1:66:bb:53:8d:0e:00:62:61:d8:f6:a8:
bc:db:8d:2f:5e:76:4f:e4:f5:a6:01:17:c1:b2:45:ea:95:f7:
54:53:38:27:53:a2:5b:57:c1:aa:2a:f5:fa:b4:c0:75:43:db:
ea:a5:aa:e2:d1:92:35:84:17:03:4b:f1:5d:db:9c:c1:d7:73:
73:3a:bc:fa:50:7f:d9:1a:9e:00:8b:1e:9c:bd:e6:78:5f:1d:
1e:45:b5:78:b3:1a:2f:f6:e2:a7:66:20:6a:7c:69:0c:d2:8e:
08:0e:78:53:82:bd:6d:36:f6:ee:52:b5:e9:ee:2e:fe:af:32:
5a:1d:7a:d0:69:16:f3:89:d3:54:3e:de:90:d2:ac:e1:77:9a:
d1:92:68:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+al8YNWAKX58tFcefK1AXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUwNDI4MjIwMDIyWhcNMjUwNDI5MjIwMDIyWjAzMTEwLwYDVQQD
EyhmNDBiOGRjZDI1MjVjNTVmZjgwMWRlMWM0ZTkzMGYyYjBmNWMyZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1nsC30RkQ6j+95Nqw3uWuar+ocy
5dL9ZVY3fkLYAHnnxVt94UfhJsgPDyWUW54PiMPqpRkB4oj7HN/zZnRKkAhY9Wuj
+dOcXmdLRHRJUPEoPFSu9S9qS6lf2CLKxk2zaDgRypFAkRUUoy06DULXuGDtDqS5
VAxlVFBpIJ8g3SCA+5f3mmWx+tzrTHNoGRv8WZqNDYswzKGBqF4b15WXWRnsjBOC
duGQH0swFTfT3rjpJXM4Jqm3pkjOl6AFAMx48EteeLzpKzOYaLAa5/CvALA7wA7F
yRWfiZG1/Oi+GPaYiSkqkgeVkOAqkDO6zRSzoCNcgtHuaXbfAOYkT2U9OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQLjc0lJcVf+AHeHE6TDysPXC44MB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY14becLG
FBbyTsmotXS5cdee25t1zh5LMxpI5GrmBQQILHVOX0xfEHvUpjEq+RWvrjW+Juyh
NSLMWyA3XzWO5QApb3fbz3/YwItZ4f1DzACu2u4xGmVWEDWJdvJ+9KE+l/+mJoOb
TsT18t61HTaO3kSe4Wa7U40OAGJh2PaovNuNL152T+T1pgEXwbJF6pX3VFM4J1Oi
W1fBqir1+rTAdUPb6qWq4tGSNYQXA0vxXducwddzczq8+lB/2RqeAIsenL3meF8d
HkW1eLMaL/bip2YganxpDNKOCA54U4K9bTb27lK16e4u/q8yWh160GkW84nTVD7e
kNKs4Xea0ZJo/w==
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:55:21 2025 by rpki-client