Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
File: pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json)
Hash identifier: xjjXu3F4FPJ6YC8mqD+eT8OovxKWJmlOyaXRAcal1xA=
Subject key identifier: 71:C1:7E:69:4A:56:B5:ED:AE:10:F4:39:6A:90:22:7B:43:4A:E9:7D
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial: 01974C690820113FC1290BDB537EED90778D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
Manifest number: 0858
Signing time: Sat 07 Jun 2025 22:00:41 +0000
Manifest this update: Sat 07 Jun 2025 22:00:41 +0000
Manifest next update: Sun 08 Jun 2025 22:00:41 +0000
Files and hashes: 1: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: wkMi4lzLAXBBtIcOoOVAZ/xajFiq3SWa0o+7xm+VUHs=)
2: rWk5sIUEQt5GM5tD9jvlVGxlmoc.roa (hash: bdSHmybqlxfqe2LDlmT/vhR2hatifsBsFgj+STLVUXQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 22:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4c:69:08:20:11:3f:c1:29:0b:db:53:7e:ed:90:77:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
Validity
Not Before: Jun 7 22:00:41 2025 GMT
Not After : Jun 8 22:00:41 2025 GMT
Subject: CN=71c17e694a56b5edae10f4396a90227b434ae97d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a2:61:91:e7:78:54:0d:ae:f1:5b:01:77:50:
fb:95:86:59:cb:c8:4f:33:c5:40:ba:fe:56:5c:f0:
79:a1:da:db:09:ae:5b:ff:c8:23:a8:84:c1:c0:a6:
1a:d4:66:b4:b7:f6:5b:c7:34:8e:bf:92:38:d2:21:
6b:e0:78:20:2e:e6:42:18:67:75:c3:63:71:3e:57:
8b:9f:aa:40:67:79:b9:c1:b8:37:3d:aa:e2:02:04:
c2:92:84:ca:85:4b:a4:c3:70:c0:70:dc:23:24:79:
39:d5:83:be:f3:4b:77:7a:57:d4:1c:a6:68:f1:a6:
ee:cd:6f:ad:d1:9a:07:89:48:01:ca:7c:46:7c:f0:
18:bd:e5:3e:f1:64:51:1d:36:07:f0:4e:55:93:82:
c0:95:aa:c3:fe:eb:d3:a2:cd:2e:c8:01:68:22:2f:
a3:0c:88:88:3a:f4:8b:f2:7f:05:89:dc:36:40:21:
02:6d:3d:f5:85:30:a7:10:e8:77:ca:ee:38:a0:98:
2e:e2:10:4a:d0:93:46:39:93:b5:59:7b:fe:b6:2f:
64:20:f4:f8:d2:08:e9:95:99:61:c0:19:4a:72:8b:
0f:1d:95:1d:7f:bc:bb:7a:ef:28:67:17:8a:ba:02:
ea:c1:0a:5b:b8:04:b7:a7:c5:cd:32:57:3a:b5:ee:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C1:7E:69:4A:56:B5:ED:AE:10:F4:39:6A:90:22:7B:43:4A:E9:7D
X509v3 Authority Key Identifier:
keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:92:60:51:71:a8:45:26:5f:f1:6e:fc:d7:b7:26:1b:76:fd:
f7:c9:e4:2f:9b:04:18:70:d7:91:fb:0b:6c:93:8a:60:10:a9:
de:9a:9a:27:73:ee:f1:a4:02:da:4c:04:64:c0:34:9a:71:a4:
1d:b8:1a:00:e6:3a:8f:54:3e:19:0d:f7:97:17:ca:cf:2a:64:
5b:5f:fc:77:1b:86:19:6c:e9:f6:ec:67:f2:5e:e6:6c:f0:b1:
17:07:c6:0c:f7:6a:61:76:20:25:65:58:61:c9:95:79:ce:63:
be:cc:f5:79:67:0c:82:e3:55:a3:8a:38:b6:fb:b0:82:e4:49:
c1:cd:df:62:5e:3f:4b:12:d6:ac:43:94:bc:cd:49:96:8f:2b:
2b:88:1a:5d:84:81:a8:28:79:ce:d5:e7:35:ab:2f:ad:2b:d0:
fa:70:f4:f1:d0:05:55:62:51:04:bd:22:48:53:39:87:1e:7e:
c0:10:83:da:1a:7a:a3:a2:86:ff:d4:a2:94:c6:f6:e3:18:3d:
79:7f:cf:50:e8:fc:47:ee:7b:e0:fc:58:75:40:4a:e1:63:a3:
32:48:e7:23:c3:03:5d:6f:45:b2:74:f9:00:e0:0e:48:43:e6:
34:3e:19:94:ee:3b:db:57:d0:e9:e3:d9:06:af:ec:53:1c:e8:
91:ca:78:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaQggET/BKQvbU37tkHeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjUwNjA3MjIwMDQxWhcNMjUwNjA4MjIwMDQxWjAzMTEwLwYDVQQD
Eyg3MWMxN2U2OTRhNTZiNWVkYWUxMGY0Mzk2YTkwMjI3YjQzNGFlOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqJhked4VA2u8VsBd1D7lYZZy8hP
M8VAuv5WXPB5odrbCa5b/8gjqITBwKYa1Ga0t/ZbxzSOv5I40iFr4HggLuZCGGd1
w2NxPleLn6pAZ3m5wbg3PariAgTCkoTKhUukw3DAcNwjJHk51YO+80t3elfUHKZo
8abuzW+t0ZoHiUgBynxGfPAYveU+8WRRHTYH8E5Vk4LAlarD/uvTos0uyAFoIi+j
DIiIOvSL8n8Fidw2QCECbT31hTCnEOh3yu44oJgu4hBK0JNGOZO1WXv+ti9kIPT4
0gjplZlhwBlKcosPHZUdf7y7eu8oZxeKugLqwQpbuAS3p8XNMlc6te4FzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHBfmlKVrXtrhD0OWqQIntDSul9MB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADpJgUXGo
RSZf8W7817cmG3b998nkL5sEGHDXkfsLbJOKYBCp3pqaJ3Pu8aQC2kwEZMA0mnGk
HbgaAOY6j1Q+GQ33lxfKzypkW1/8dxuGGWzp9uxn8l7mbPCxFwfGDPdqYXYgJWVY
YcmVec5jvsz1eWcMguNVo4o4tvuwguRJwc3fYl4/SxLWrEOUvM1Jlo8rK4gaXYSB
qCh5ztXnNasvrSvQ+nD08dAFVWJRBL0iSFM5hx5+wBCD2hp6o6KG/9SilMb24xg9
eX/PUOj8R+574PxYdUBK4WOjMkjnI8MDXW9FsnT5AOAOSEPmND4ZlO4721fQ6ePZ
Bq/sUxzokcp45Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:47:55 2025 by rpki-client