Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File: PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier: yXw/OFDI0B8F51zgzQBddP86qzFKdf0kDMvBJSXqA9Q=
Subject key identifier: 40:EC:C8:A9:15:C4:68:22:7E:97:AF:54:59:F2:92:D7:47:62:D0:0B
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer: /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial: 01975234187B2B4824F60AC500958FBB73A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number: 157F
Signing time: Mon 09 Jun 2025 01:00:35 +0000
Manifest this update: Mon 09 Jun 2025 01:00:35 +0000
Manifest next update: Tue 10 Jun 2025 01:00:35 +0000
Files and hashes: 1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: iz0QfeDVV+D2mUGDcrENoYjNmsIzpUVq2L1atSrPN8g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:52:34:18:7b:2b:48:24:f6:0a:c5:00:95:8f:bb:73:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Validity
Not Before: Jun 9 01:00:35 2025 GMT
Not After : Jun 10 01:00:35 2025 GMT
Subject: CN=40ecc8a915c468227e97af5459f292d74762d00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:7e:f2:84:02:db:8a:df:0d:e2:7a:c6:65:
0a:5e:6d:f6:11:28:c3:1f:23:1c:6a:4b:df:54:f7:
03:ad:cf:09:88:d1:c9:0f:9b:06:9f:77:37:12:d1:
57:a5:d2:b5:d2:4b:94:8a:15:c9:cd:5d:92:d1:8c:
b4:1e:a5:18:8a:a1:54:83:e0:89:05:b2:8c:87:3f:
be:14:f9:02:a6:63:1c:3f:ea:f9:4c:38:8b:6c:1a:
24:e4:a2:b7:5a:a3:b2:52:d3:2b:cb:15:d9:4a:79:
56:60:f0:3a:1d:71:9b:06:73:df:1d:9e:14:d8:f1:
0b:61:7a:2c:54:a2:bd:e8:fb:23:d1:19:02:8c:46:
6d:6c:cb:f7:52:59:cb:e1:e1:33:92:fc:9f:10:b2:
0c:f1:2d:c4:79:d0:f8:c5:a3:76:f7:b1:d6:94:73:
bb:be:01:ef:4d:4b:86:81:fb:85:43:b2:fe:a9:15:
15:6e:93:d7:fe:7c:f0:4b:9a:3e:4f:27:79:d6:96:
1e:e0:91:0c:93:f6:62:36:a7:b4:d0:80:e8:ed:ad:
6b:ff:54:e4:9e:0d:ed:3c:f8:34:11:86:36:59:42:
4d:8b:1d:a5:75:86:75:74:cc:b0:f6:ee:bb:e7:b1:
2f:9f:aa:0f:b7:98:e9:02:38:97:03:ce:9e:ae:b7:
5d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EC:C8:A9:15:C4:68:22:7E:97:AF:54:59:F2:92:D7:47:62:D0:0B
X509v3 Authority Key Identifier:
keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:96:51:02:82:ba:9a:01:6f:24:8e:e1:bb:bd:7a:b6:40:41:
e4:3c:68:6f:05:60:04:7c:98:ac:7f:93:af:b5:2c:72:3b:9e:
fd:78:98:4b:83:81:00:da:93:7f:d6:d7:15:15:9f:b4:88:5e:
a7:5b:7b:bc:94:82:b9:2d:6c:9f:4c:77:a7:9a:08:22:c2:29:
5d:fe:61:ab:a6:f6:59:4b:f2:f9:be:4a:07:25:a8:2d:00:21:
53:be:b0:db:b4:d1:a5:9a:ac:9d:9a:65:88:3d:ca:f1:fd:4e:
0a:28:5d:fd:f9:29:f9:1b:19:a7:ca:ac:69:b8:e4:a0:df:e1:
d2:7a:ca:76:f8:bd:43:89:21:51:ea:b3:01:92:20:ae:20:8d:
fb:8b:58:8e:b0:4c:d6:16:56:63:dc:a6:e1:84:86:4f:03:ae:
79:b9:b1:68:31:87:c1:db:e0:8e:c7:e7:b8:d5:66:67:c1:d0:
f4:cc:be:d2:e2:ec:6e:bd:d7:9e:bb:8d:9c:ea:38:be:b2:c1:
3a:34:d5:7d:14:0d:bb:ef:52:a8:7a:e6:b1:dd:e9:62:a5:b0:
75:56:24:9b:18:37:25:c9:01:1f:76:22:b1:0f:93:94:55:20:
a1:dd:bb:fa:e5:2a:2d:7a:85:5d:e6:10:08:1e:77:98:23:cf:
bf:63:ef:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNBh7K0gk9grFAJWPu3OgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjUwNjA5MDEwMDM1WhcNMjUwNjEwMDEwMDM1WjAzMTEwLwYDVQQD
Eyg0MGVjYzhhOTE1YzQ2ODIyN2U5N2FmNTQ1OWYyOTJkNzQ3NjJkMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgF+8oQC24rfDeJ6xmUKXm32ESjD
HyMcakvfVPcDrc8JiNHJD5sGn3c3EtFXpdK10kuUihXJzV2S0Yy0HqUYiqFUg+CJ
BbKMhz++FPkCpmMcP+r5TDiLbBok5KK3WqOyUtMryxXZSnlWYPA6HXGbBnPfHZ4U
2PELYXosVKK96Psj0RkCjEZtbMv3UlnL4eEzkvyfELIM8S3EedD4xaN297HWlHO7
vgHvTUuGgfuFQ7L+qRUVbpPX/nzwS5o+Tyd51pYe4JEMk/ZiNqe00IDo7a1r/1Tk
ng3tPPg0EYY2WUJNix2ldYZ1dMyw9u6757Evn6oPt5jpAjiXA86errdd0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDsyKkVxGgifpevVFnyktdHYtALMB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZZRAoK6
mgFvJI7hu716tkBB5DxobwVgBHyYrH+Tr7Uscjue/XiYS4OBANqTf9bXFRWftIhe
p1t7vJSCuS1sn0x3p5oIIsIpXf5hq6b2WUvy+b5KByWoLQAhU76w27TRpZqsnZpl
iD3K8f1OCihd/fkp+RsZp8qsabjkoN/h0nrKdvi9Q4khUeqzAZIgriCN+4tYjrBM
1hZWY9ym4YSGTwOuebmxaDGHwdvgjsfnuNVmZ8HQ9My+0uLsbr3XnruNnOo4vrLB
OjTVfRQNu+9SqHrmsd3pYqWwdVYkmxg3JckBH3YisQ+TlFUgod27+uUqLXqFXeYQ
CB53mCPPv2Pvvg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:51:26 2025 by rpki-client