Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: sUOnS9ZmQBFNYJqH+8vAyjj0oWlR4NGq1nraZKHnuRw=
Subject key identifier: 92:A4:25:EB:35:BB:69:E0:6F:89:38:FB:04:76:DF:71:C3:97:3A:E8
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 0196564A7BA7F886844F6CB6118DDBC7DDE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 14FE
Signing time: Mon 21 Apr 2025 03:00:43 +0000
Manifest this update: Mon 21 Apr 2025 03:00:43 +0000
Manifest next update: Tue 22 Apr 2025 03:00:43 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: d2UzjB+zMGftk4FRiSu5LJ9TIdlCx2Fp/b58tOFibLo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:4a:7b:a7:f8:86:84:4f:6c:b6:11:8d:db:c7:dd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Apr 21 03:00:43 2025 GMT
Not After : Apr 22 03:00:43 2025 GMT
Subject: CN=92a425eb35bb69e06f8938fb0476df71c3973ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d2:1b:ab:b1:f1:e8:2b:60:35:9f:63:47:29:
8b:9b:e4:2f:d7:19:fe:d7:69:4b:cc:7e:0f:46:62:
2d:2f:32:5b:ba:ef:fe:62:c4:3d:92:07:7d:44:f6:
81:c6:61:bb:84:75:c6:ea:5e:01:4b:e6:1a:3a:70:
a7:db:28:6d:12:28:50:52:1e:20:77:56:49:87:9f:
75:4b:d0:e3:67:0e:7d:4d:97:2e:db:fd:65:45:3f:
72:2f:da:6b:9e:42:a3:28:c6:10:1b:c5:58:83:d2:
25:57:bd:b8:59:ba:93:44:1b:ce:12:ea:4d:c2:d7:
db:ac:77:14:6b:17:ef:d1:9e:3c:35:fc:57:c1:e0:
2a:03:7b:c7:83:8a:9a:ae:6c:85:4f:df:3d:9d:2f:
72:f7:a3:5e:95:43:38:d5:0b:2d:71:bd:7d:ed:0e:
ba:db:aa:44:bf:a3:30:f5:d0:be:a5:20:b2:28:f2:
b0:5c:57:4e:7f:17:2e:23:94:52:a1:b8:ab:e0:82:
cd:7a:c0:08:42:8b:25:f8:bd:d4:5c:02:53:e8:46:
1a:a9:02:3a:40:25:cb:ec:a2:e2:15:58:a8:e8:38:
e3:35:6c:ae:31:e3:59:f6:8a:d1:d7:42:71:f1:52:
2f:1d:67:a8:98:e0:ed:e7:51:a3:b5:11:ca:2f:c7:
30:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A4:25:EB:35:BB:69:E0:6F:89:38:FB:04:76:DF:71:C3:97:3A:E8
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:a6:2c:78:34:b1:04:57:31:09:24:06:46:88:b5:63:9c:7b:
0f:89:1a:e1:26:a2:d8:51:5c:bc:50:be:47:62:f0:bd:6e:46:
4f:c8:b0:ea:b4:bf:6c:0a:5f:bf:66:36:e8:0b:f4:ba:8a:ca:
5a:ae:28:b1:c3:74:47:a8:67:b7:bd:cc:69:bf:4e:c3:67:37:
2c:b3:eb:38:6a:9b:c3:c0:80:4b:ef:42:2c:e8:0b:b8:26:d2:
10:2d:00:3e:af:41:ef:da:24:93:2c:c6:db:90:2b:57:5f:82:
ff:6f:bf:b1:2c:99:97:19:81:25:46:4f:8a:07:b2:f6:76:a1:
4a:df:f1:ed:a6:da:16:ed:cc:59:cb:95:65:aa:27:82:91:c9:
18:d5:59:e3:44:3f:83:1f:52:0e:fa:66:50:f3:49:b5:83:52:
e3:80:b9:f9:ca:d0:25:cd:d8:eb:45:4e:53:a4:80:a9:8e:e8:
18:77:20:7e:d9:0e:6c:b0:67:e7:e8:70:7d:94:d7:9f:e6:5c:
66:4a:bb:37:70:12:7a:f1:68:7f:a2:bb:41:14:29:9c:31:47:
1c:3f:9c:ac:11:fc:a5:cb:8f:bc:0a:62:97:11:16:14:70:8a:
36:26:bb:d0:e1:8c:1b:d6:69:15:bd:56:67:7a:20:91:62:b1:
41:03:fd:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWSnun+IaET2y2EY3bx93jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwNDIxMDMwMDQzWhcNMjUwNDIyMDMwMDQzWjAzMTEwLwYDVQQD
Eyg5MmE0MjVlYjM1YmI2OWUwNmY4OTM4ZmIwNDc2ZGY3MWMzOTczYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldIbq7Hx6CtgNZ9jRymLm+Qv1xn+
12lLzH4PRmItLzJbuu/+YsQ9kgd9RPaBxmG7hHXG6l4BS+YaOnCn2yhtEihQUh4g
d1ZJh591S9DjZw59TZcu2/1lRT9yL9prnkKjKMYQG8VYg9IlV724WbqTRBvOEupN
wtfbrHcUaxfv0Z48NfxXweAqA3vHg4qarmyFT989nS9y96NelUM41Qstcb197Q66
26pEv6Mw9dC+pSCyKPKwXFdOfxcuI5RSobir4ILNesAIQosl+L3UXAJT6EYaqQI6
QCXL7KLiFVio6DjjNWyuMeNZ9orR10Jx8VIvHWeomODt51GjtRHKL8cwQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKkJes1u2ngb4k4+wR233HDlzroMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh6YseDSx
BFcxCSQGRoi1Y5x7D4ka4Sai2FFcvFC+R2LwvW5GT8iw6rS/bApfv2Y26Av0uorK
Wq4oscN0R6hnt73Mab9Ow2c3LLPrOGqbw8CAS+9CLOgLuCbSEC0APq9B79okkyzG
25ArV1+C/2+/sSyZlxmBJUZPigey9nahSt/x7abaFu3MWcuVZaongpHJGNVZ40Q/
gx9SDvpmUPNJtYNS44C5+crQJc3Y60VOU6SAqY7oGHcgftkObLBn5+hwfZTXn+Zc
Zkq7N3ASevFof6K7QRQpnDFHHD+crBH8pcuPvApilxEWFHCKNia70OGMG9ZpFb1W
Z3ogkWKxQQP9AA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:09:11 2025 by rpki-client