Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
File: PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft (raw, json)
Hash identifier: NscCkCOtjZafDqxIosJtszpqdzBrDvfDl916rn1TTVw=
Subject key identifier: 67:3C:66:1E:B8:56:3C:DE:2F:0A:4C:3D:D3:A8:0C:CA:B1:DA:72:40
Authority key identifier: 3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
Certificate issuer: /CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Certificate serial: 019659826D7E0CE1AC4D68BA851FB7F6B431
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
Manifest number: 1500
Signing time: Mon 21 Apr 2025 18:00:42 +0000
Manifest this update: Mon 21 Apr 2025 18:00:42 +0000
Manifest next update: Tue 22 Apr 2025 18:00:42 +0000
Files and hashes: 1: 2AYUWvm8F1To8URav6-hliMLNGM.roa (hash: xtydpTSnQLnPEEmzIm3eQJgTUjiDutczP4OZlZO4Bow=)
2: PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl (hash: +0M3CxprYY4A/qCokI9/S8efJGS2Ie0LfH7gEYPd/Pc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:82:6d:7e:0c:e1:ac:4d:68:ba:85:1f:b7:f6:b4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Validity
Not Before: Apr 21 18:00:42 2025 GMT
Not After : Apr 22 18:00:42 2025 GMT
Subject: CN=673c661eb8563cde2f0a4c3dd3a80ccab1da7240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2b:05:1d:e5:22:57:9c:b4:ec:6a:bd:af:10:
b1:5a:f8:34:33:5a:be:d3:20:e6:d8:1f:2c:49:79:
b5:72:5d:7b:26:9c:62:a7:1d:73:f4:5f:d7:f5:d3:
d0:67:ff:60:48:14:26:72:c0:a4:f5:55:a6:26:06:
e8:37:17:49:2d:be:9b:1a:fd:59:ed:46:e6:84:57:
76:d4:80:78:71:0a:4c:e6:b7:1a:7e:9e:85:5c:5f:
01:f9:43:84:e4:43:d0:e6:7c:df:00:ff:bc:4d:74:
25:e2:f2:e9:f2:d0:67:4f:cc:3b:af:19:bf:f3:75:
31:ae:8d:51:d8:18:d3:02:4f:47:57:90:0d:5a:09:
c0:c5:4a:0f:32:76:c0:7b:fa:62:29:73:b4:ac:8a:
63:11:2d:43:e4:d9:54:ae:51:97:1c:4c:4c:eb:80:
b1:c3:35:68:05:9d:93:83:51:c1:a6:26:3a:a2:63:
30:f8:31:39:08:4e:92:ba:a2:b3:4e:6b:b8:2c:61:
36:3c:e5:79:f4:81:b4:78:46:96:5a:d4:2f:5f:99:
d7:08:fc:18:97:fb:f7:59:06:68:b9:e7:21:35:78:
81:fc:ab:e8:5f:1c:2b:be:63:55:65:65:a4:59:b7:
c9:57:a0:32:5b:21:60:ce:e3:79:bd:da:ef:3f:5f:
4a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3C:66:1E:B8:56:3C:DE:2F:0A:4C:3D:D3:A8:0C:CA:B1:DA:72:40
X509v3 Authority Key Identifier:
keyid:3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:e2:6d:dc:20:c3:29:5b:ee:25:2e:41:22:02:79:3d:86:54:
82:0b:12:96:4e:fc:9b:33:d5:9f:81:9e:fd:40:c1:de:9e:bd:
e7:a0:20:6b:af:2b:9c:b0:73:59:f4:77:06:e6:ca:99:52:bd:
44:cd:8f:e6:60:22:f2:61:f4:90:8f:57:39:7d:08:f5:87:69:
ab:8b:86:76:cf:40:9f:dc:40:74:eb:fb:68:a8:bc:c0:be:08:
fa:50:5b:1c:80:8f:79:9a:6c:47:a2:44:ad:74:1c:a4:9b:01:
ae:43:41:b4:b9:5b:b7:45:6a:79:43:9b:da:b9:06:75:4f:83:
2f:8a:41:a6:2d:84:71:b4:3c:bf:f5:64:24:67:9f:94:8b:92:
0e:57:c0:06:3c:b1:7d:dd:ba:47:ef:61:e8:83:e0:b4:90:3f:
8e:af:a2:8c:53:f9:45:04:c5:2f:eb:ec:30:85:e4:07:f8:aa:
d2:a1:4c:2c:f3:49:2f:61:15:7a:8d:54:bb:f4:ff:56:c2:3c:
95:2e:40:5d:31:af:37:0f:47:63:4b:4d:17:49:02:df:ae:09:
2c:34:4c:80:0e:ad:cc:d8:16:7b:c8:cb:bd:43:47:2c:1d:8b:
a5:a8:07:1f:d4:cc:18:fc:56:78:d2:fd:7a:00:8d:b7:f9:98:
04:32:28:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgm1+DOGsTWi6hR+39rQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzBmMWY2NTYzZGU0M2ExMWQzNjQ0OTc1NjY3YzFjMjhl
Nzk1OWUwHhcNMjUwNDIxMTgwMDQyWhcNMjUwNDIyMTgwMDQyWjAzMTEwLwYDVQQD
Eyg2NzNjNjYxZWI4NTYzY2RlMmYwYTRjM2RkM2E4MGNjYWIxZGE3MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSsFHeUiV5y07Gq9rxCxWvg0M1q+
0yDm2B8sSXm1cl17Jpxipx1z9F/X9dPQZ/9gSBQmcsCk9VWmJgboNxdJLb6bGv1Z
7UbmhFd21IB4cQpM5rcafp6FXF8B+UOE5EPQ5nzfAP+8TXQl4vLp8tBnT8w7rxm/
83Uxro1R2BjTAk9HV5ANWgnAxUoPMnbAe/piKXO0rIpjES1D5NlUrlGXHExM64Cx
wzVoBZ2Tg1HBpiY6omMw+DE5CE6SuqKzTmu4LGE2POV59IG0eEaWWtQvX5nXCPwY
l/v3WQZouechNXiB/KvoXxwrvmNVZWWkWbfJV6AyWyFgzuN5vdrvP19KIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGc8Zh64VjzeLwpMPdOoDMqx2nJAMB8GA1UdIwQY
MBaAFD1w8fZWPeQ6EdNkSXVmfBwo55WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQt
OGQzMjIyMDcxNWVlLzEvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQtOGQzMjIyMDcxNWVl
LzEvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASOJt3CDD
KVvuJS5BIgJ5PYZUggsSlk78mzPVn4Ge/UDB3p6956Aga68rnLBzWfR3BubKmVK9
RM2P5mAi8mH0kI9XOX0I9Ydpq4uGds9An9xAdOv7aKi8wL4I+lBbHICPeZpsR6JE
rXQcpJsBrkNBtLlbt0VqeUOb2rkGdU+DL4pBpi2EcbQ8v/VkJGeflIuSDlfABjyx
fd26R+9h6IPgtJA/jq+ijFP5RQTFL+vsMIXkB/iq0qFMLPNJL2EVeo1Uu/T/VsI8
lS5AXTGvNw9HY0tNF0kC364JLDRMgA6tzNgWe8jLvUNHLB2LpagHH9TMGPxWeNL9
egCNt/mYBDIoQA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:05:09 2025 by rpki-client