Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: +7HPsxv9T97ACXoD5FbJ3QJKYJODgtj0YX2IAkSoQ9E=
Subject key identifier: 8B:68:A4:43:69:E5:06:90:B6:70:3F:E0:A5:1E:DA:02:52:4D:AA:55
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 01974D7BDF9E29A3EB8EF0F9EDD691972245
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 157E
Signing time: Sun 08 Jun 2025 03:00:53 +0000
Manifest this update: Sun 08 Jun 2025 03:00:53 +0000
Manifest next update: Mon 09 Jun 2025 03:00:53 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: 1EE7ze6Y+CEdDXzJpMeFfSE3RGG9dudmfGAJy3Ek5oE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4d:7b:df:9e:29:a3:eb:8e:f0:f9:ed:d6:91:97:22:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Jun 8 03:00:53 2025 GMT
Not After : Jun 9 03:00:53 2025 GMT
Subject: CN=8b68a44369e50690b6703fe0a51eda02524daa55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d1:3a:b4:71:bf:92:a2:3c:f8:29:ec:ca:a1:
ac:46:83:e0:a0:c6:84:ab:cf:d6:1f:7a:7f:27:c5:
79:05:54:d3:93:73:67:97:c2:ce:e6:cc:15:e7:35:
ba:1a:3c:be:a7:54:ec:f4:8e:f9:6e:c5:41:eb:85:
c6:c3:de:0e:fa:c7:fe:5c:eb:54:b1:8e:11:1d:4f:
90:c2:29:c5:bb:b2:c2:f5:a2:c3:37:ea:9c:60:76:
3d:78:01:e6:6a:13:05:00:0c:85:a2:b2:c0:e6:31:
5e:77:14:06:fe:96:91:98:6d:8e:e8:24:d4:c0:28:
f4:41:f8:24:61:e5:d1:61:22:da:f2:3e:70:c8:6f:
e3:c1:1a:66:57:f0:b8:1b:56:4e:ba:67:52:88:6d:
0b:cf:43:26:2d:8e:40:39:27:32:90:03:01:16:1a:
2c:35:a3:9b:c1:fc:1b:0c:1f:d8:ec:60:18:05:07:
ea:3f:46:43:2a:f7:d4:24:1f:ed:08:18:92:05:53:
0b:66:dd:cd:77:57:57:6b:60:fa:5e:d2:0e:f9:a1:
2c:45:55:d8:ff:37:05:27:df:38:ed:81:65:33:75:
14:bc:d2:ee:5b:1a:cc:20:ca:80:1f:d7:b4:e8:09:
51:fb:b7:87:4d:28:4a:cf:f2:64:f8:62:b7:5c:39:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:68:A4:43:69:E5:06:90:B6:70:3F:E0:A5:1E:DA:02:52:4D:AA:55
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:d2:82:65:4d:10:88:74:51:1f:b4:f8:7e:fe:75:e5:1b:3d:
27:08:b1:ec:69:35:60:95:f5:59:35:7e:f6:59:70:f1:c7:41:
96:2b:73:15:0d:d2:9c:70:93:94:9b:5d:fb:6b:4b:dc:56:08:
78:a1:6c:11:46:4d:a2:91:77:2c:32:06:7f:18:98:e8:10:87:
d0:d4:7e:b1:2b:36:21:1d:fb:0c:71:78:bb:9d:c3:c1:90:e6:
d6:95:1c:8c:c1:8e:d9:01:92:a0:48:d3:20:52:20:de:1f:44:
8c:b4:ff:27:13:79:70:b2:0a:69:5e:5b:6d:74:d1:c6:5b:50:
a6:76:0b:3b:4b:80:96:41:6f:d6:01:75:b5:9a:5c:60:76:81:
5c:e1:25:2b:64:46:bd:bc:77:b7:67:0d:96:a4:c1:fe:80:a9:
59:67:b5:56:89:67:80:58:f0:c0:4c:70:7d:3b:69:83:ce:e5:
22:c0:50:af:11:bc:37:90:ff:85:b2:56:03:5b:95:e2:6b:5a:
cd:ae:75:59:b7:1f:bc:4e:38:d8:8b:c8:6e:68:b4:43:2c:45:
ab:5f:e3:fa:0f:d4:b0:57:ba:a7:4f:a4:9d:f1:3c:c6:41:3d:
30:27:e0:5e:9a:cb:b7:4d:ad:15:d4:f4:25:96:3e:f2:78:e3:
04:83:80:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNe9+eKaPrjvD57daRlyJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwNjA4MDMwMDUzWhcNMjUwNjA5MDMwMDUzWjAzMTEwLwYDVQQD
Eyg4YjY4YTQ0MzY5ZTUwNjkwYjY3MDNmZTBhNTFlZGEwMjUyNGRhYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNE6tHG/kqI8+CnsyqGsRoPgoMaE
q8/WH3p/J8V5BVTTk3Nnl8LO5swV5zW6Gjy+p1Ts9I75bsVB64XGw94O+sf+XOtU
sY4RHU+QwinFu7LC9aLDN+qcYHY9eAHmahMFAAyForLA5jFedxQG/paRmG2O6CTU
wCj0QfgkYeXRYSLa8j5wyG/jwRpmV/C4G1ZOumdSiG0Lz0MmLY5AOScykAMBFhos
NaObwfwbDB/Y7GAYBQfqP0ZDKvfUJB/tCBiSBVMLZt3Nd1dXa2D6XtIO+aEsRVXY
/zcFJ9847YFlM3UUvNLuWxrMIMqAH9e06AlR+7eHTShKz/Jk+GK3XDkC0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItopENp5QaQtnA/4KUe2gJSTapVMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ9KCZU0Q
iHRRH7T4fv515Rs9Jwix7Gk1YJX1WTV+9llw8cdBlitzFQ3SnHCTlJtd+2tL3FYI
eKFsEUZNopF3LDIGfxiY6BCH0NR+sSs2IR37DHF4u53DwZDm1pUcjMGO2QGSoEjT
IFIg3h9EjLT/JxN5cLIKaV5bbXTRxltQpnYLO0uAlkFv1gF1tZpcYHaBXOElK2RG
vbx3t2cNlqTB/oCpWWe1VolngFjwwExwfTtpg87lIsBQrxG8N5D/hbJWA1uV4mta
za51WbcfvE442IvIbmi0QyxFq1/j+g/UsFe6p0+knfE8xkE9MCfgXprLt02tFdT0
JZY+8njjBIOARw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:52:59 2025 by rpki-client