Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
File: pxErNcd6Sxb761YSHJdNWdVmeEs.mft (raw, json)
Hash identifier: 4iy7TevzCri8MQS9euhIDS1tzxNbLvxQ3Q3hKP7t1io=
Subject key identifier: 29:1F:B1:10:6E:F8:0C:C3:C6:30:73:68:D0:A5:1B:DD:9D:39:09:65
Authority key identifier: A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
Certificate issuer: /CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Certificate serial: 01965492E00BE159BC5130A9C50A15011002
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
Manifest number: 14FC
Signing time: Sun 20 Apr 2025 19:00:33 +0000
Manifest this update: Sun 20 Apr 2025 19:00:33 +0000
Manifest next update: Mon 21 Apr 2025 19:00:33 +0000
Files and hashes: 1: BwH9GKC4b7MR-_mPUkvo5kX6MbM.roa (hash: RyMXzPGYxLYPm9LtvHil8vaRU4zoAb2AHBWbWaC8/jg=)
2: pxErNcd6Sxb761YSHJdNWdVmeEs.crl (hash: Ym3i6JRqSF3h+LfnNQnp7ZqOPvdits3gpUNMBITht9I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 19:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:92:e0:0b:e1:59:bc:51:30:a9:c5:0a:15:01:10:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Validity
Not Before: Apr 20 19:00:33 2025 GMT
Not After : Apr 21 19:00:33 2025 GMT
Subject: CN=291fb1106ef80cc3c6307368d0a51bdd9d390965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0b:48:c9:54:53:ec:66:56:fd:19:83:99:e5:
32:3f:44:9a:31:f5:88:bd:24:d9:46:3f:07:74:44:
ad:be:be:c3:c7:8e:b2:9a:fe:11:b7:9b:52:70:73:
55:bc:a4:09:ca:59:aa:a2:7e:07:3b:cd:89:d0:5c:
e9:77:10:06:a3:c2:5e:19:3f:14:c4:55:99:2a:40:
ea:c4:d8:9d:f0:49:72:41:c4:cd:5b:d2:a5:ba:ed:
69:a7:99:67:9e:2a:e7:30:c2:60:99:b1:e7:9c:f3:
19:20:07:92:5e:b6:08:6a:a8:91:c0:91:6b:19:14:
4e:24:21:da:b9:71:36:a4:39:b6:5c:04:b6:1f:23:
70:c4:e0:ee:ae:17:c6:f3:76:42:b6:2f:98:f8:9e:
87:3c:70:3d:72:2f:42:be:30:74:46:fe:4a:aa:03:
fa:4e:aa:d9:5c:4a:11:30:73:5f:a8:20:44:9d:ff:
fa:bb:2e:4b:dd:d3:e7:f8:59:08:48:e2:4c:3a:c0:
bc:82:27:c5:a0:6b:98:09:b3:49:ad:85:14:92:b2:
92:9b:14:1b:55:cb:cc:b0:5a:55:13:b4:85:42:73:
b2:a5:2d:e0:3e:e1:72:63:90:7c:72:1a:55:c9:59:
88:f0:21:aa:ce:8c:a0:72:60:3c:05:b5:47:e9:0d:
53:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1F:B1:10:6E:F8:0C:C3:C6:30:73:68:D0:A5:1B:DD:9D:39:09:65
X509v3 Authority Key Identifier:
keyid:A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:20:73:ad:ac:e3:c9:6c:88:c4:44:53:00:67:ce:33:a9:64:
7c:43:05:51:6b:07:b2:9c:d5:6d:4c:03:ed:61:c6:42:a9:13:
cc:f1:33:a8:48:04:ac:08:ff:82:83:1a:33:7c:8e:54:73:03:
c5:50:e8:22:fc:30:de:05:53:2d:f7:99:1e:70:c7:a1:8d:c9:
c7:ef:c7:50:ee:8a:68:2f:9b:91:04:89:c5:50:b0:56:bd:41:
b2:c0:6e:46:2d:94:49:3b:7d:cf:e9:40:71:09:4e:a0:df:9f:
e2:01:4d:17:05:cf:1a:e8:dc:99:e6:d6:a8:c1:e3:ec:91:44:
3d:31:e0:ee:40:ba:77:70:69:09:51:90:c4:30:18:1f:6e:ed:
28:5d:8e:55:bd:59:a1:9f:93:0c:ae:a6:38:30:45:78:9c:86:
20:ae:b6:b6:91:2f:0c:99:14:fb:cc:a8:12:29:63:87:68:11:
51:fe:5d:c8:0c:50:2a:89:85:e0:dd:3a:8b:d0:13:89:7b:1f:
2f:ca:a2:e7:fb:11:f7:e8:48:8e:c6:27:49:f0:2a:9e:4b:37:
74:b0:c4:03:2b:33:7d:c4:ff:5a:29:b3:9c:b3:41:52:f6:30:
95:c9:d2:0e:ba:fb:f6:0f:0b:56:9e:d5:9d:63:ef:85:9a:b4:
a0:d8:2c:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkuAL4Vm8UTCpxQoVARACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTEyYjM1Yzc3YTRiMTZmYmViNTYxMjFjOTc0ZDU5ZDU2
Njc4NGIwHhcNMjUwNDIwMTkwMDMzWhcNMjUwNDIxMTkwMDMzWjAzMTEwLwYDVQQD
EygyOTFmYjExMDZlZjgwY2MzYzYzMDczNjhkMGE1MWJkZDlkMzkwOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQtIyVRT7GZW/RmDmeUyP0SaMfWI
vSTZRj8HdEStvr7Dx46ymv4Rt5tScHNVvKQJylmqon4HO82J0FzpdxAGo8JeGT8U
xFWZKkDqxNid8ElyQcTNW9Kluu1pp5lnnirnMMJgmbHnnPMZIAeSXrYIaqiRwJFr
GRROJCHauXE2pDm2XAS2HyNwxODurhfG83ZCti+Y+J6HPHA9ci9CvjB0Rv5KqgP6
TqrZXEoRMHNfqCBEnf/6uy5L3dPn+FkISOJMOsC8gifFoGuYCbNJrYUUkrKSmxQb
VcvMsFpVE7SFQnOypS3gPuFyY5B8chpVyVmI8CGqzoygcmA8BbVH6Q1T9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkfsRBu+AzDxjBzaNClG92dOQllMB8GA1UdIwQY
MBaAFKcRKzXHeksW++tWEhyXTVnVZnhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEt
Nzg4ODQyODIyNWI0LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEtNzg4ODQyODIyNWI0
LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqCBzrazj
yWyIxERTAGfOM6lkfEMFUWsHspzVbUwD7WHGQqkTzPEzqEgErAj/goMaM3yOVHMD
xVDoIvww3gVTLfeZHnDHoY3Jx+/HUO6KaC+bkQSJxVCwVr1BssBuRi2USTt9z+lA
cQlOoN+f4gFNFwXPGujcmebWqMHj7JFEPTHg7kC6d3BpCVGQxDAYH27tKF2OVb1Z
oZ+TDK6mODBFeJyGIK62tpEvDJkU+8yoEiljh2gRUf5dyAxQKomF4N06i9ATiXsf
L8qi5/sR9+hIjsYnSfAqnks3dLDEAyszfcT/WimznLNBUvYwlcnSDrr79g8LVp7V
nWPvhZq0oNgsww==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:47:51 2025 by rpki-client