Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
File: pavEOvztcvuSd4covuVxxnj1OFM.mft (raw, json)
Hash identifier: 2j6k1Smtw1Q7zb0OdkJ7IH/OEok9yj5O7YLDuwS7DdE=
Subject key identifier: 61:9A:4B:F4:D5:84:EB:68:83:CD:2F:42:AA:AB:97:53:1B:B2:1C:E8
Authority key identifier: A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53
Certificate issuer: /CN=a5abc43afced72fb92778728bee571c678f53853
Certificate serial: 01960B677F28047BD5B1AFCA7AC481E92033
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
Manifest number: 14D9
Signing time: Sun 06 Apr 2025 14:00:54 +0000
Manifest this update: Sun 06 Apr 2025 14:00:54 +0000
Manifest next update: Mon 07 Apr 2025 14:00:54 +0000
Files and hashes: 1: XTYDavgtknOlnwhLwE8YM7gzGNo.roa (hash: PldFwC0OKAPE16YsYJiSJ7/6hQNZV4y5TLuWK0kyNJ0=)
2: pavEOvztcvuSd4covuVxxnj1OFM.crl (hash: 5Z2W0mJY53NK/LSSBNReZMh5lXvyVNSDB/HiF/FVo/g=)
3: sSPz7KsWNIMKyyRHlSkiZwosgKw.roa (hash: wjM7pq8MRvpOQBEJDje34R/IkWbdszEvqnHRsuBbId4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0b:67:7f:28:04:7b:d5:b1:af:ca:7a:c4:81:e9:20:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5abc43afced72fb92778728bee571c678f53853
Validity
Not Before: Apr 6 14:00:54 2025 GMT
Not After : Apr 7 14:00:54 2025 GMT
Subject: CN=619a4bf4d584eb6883cd2f42aaab97531bb21ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:46:b9:00:76:e7:9f:92:f9:fc:78:a4:cb:
c2:0d:fc:09:b3:b6:26:86:50:38:ea:82:0b:7b:54:
b6:25:24:2f:5b:86:8f:75:3c:6a:ac:53:b5:c0:45:
3c:81:00:27:b5:96:82:71:56:a6:54:3f:46:f9:54:
64:1b:85:69:a3:8b:38:42:9a:7d:c5:a5:6a:5f:93:
6f:67:0f:4a:25:7b:ae:77:75:04:7f:f9:5e:59:63:
d5:d9:3b:13:58:1b:ec:18:2e:0e:2a:0f:b3:96:81:
42:45:3b:51:ef:19:1b:97:9b:8d:58:ef:6c:d1:03:
68:2a:23:03:ce:4a:27:2e:b9:dd:91:12:8d:1e:3d:
41:68:67:d6:d7:20:48:a6:8f:d3:87:82:c9:aa:32:
da:bc:a2:7b:45:dc:25:bc:17:25:9a:f2:69:ab:26:
83:bc:d5:35:7c:db:fa:93:ed:d0:82:84:2c:bd:17:
a4:38:64:83:38:81:54:f7:aa:d4:96:8a:0c:8f:43:
b4:6a:d3:11:01:8b:07:28:8e:f5:b9:38:12:e3:f7:
81:40:96:40:1d:d4:41:cb:db:18:2a:0d:b5:30:ac:
66:7d:a5:e2:c8:bf:11:07:c4:90:1d:d4:d3:e8:f1:
1a:82:33:20:cf:3c:e4:65:f3:e9:97:9f:eb:45:7d:
ff:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9A:4B:F4:D5:84:EB:68:83:CD:2F:42:AA:AB:97:53:1B:B2:1C:E8
X509v3 Authority Key Identifier:
keyid:A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:40:16:18:73:60:6c:08:ef:94:51:ac:6b:3d:fc:86:3b:52:
8f:fa:2c:2c:e6:8b:4f:4d:40:f6:a3:fd:6d:ce:81:7f:5c:49:
c8:ec:44:19:fd:03:ae:74:0d:ad:7c:d3:1f:86:cc:df:61:0c:
78:da:03:b3:e9:85:d0:0f:f2:27:f6:3a:69:d6:eb:9f:a3:79:
a8:41:7f:0d:bd:10:97:9b:cc:97:40:57:46:0e:4b:ec:41:a9:
a6:ec:b9:d8:72:11:a6:41:aa:b3:f3:7a:94:06:cf:fc:d0:01:
a4:44:1e:65:08:e0:b2:9c:b9:63:d9:7f:e2:62:71:e4:d9:a4:
4e:5f:8d:53:f1:59:de:4d:5b:b3:b5:ef:f4:ae:ce:49:ec:6a:
16:cd:fc:67:00:a5:9d:4a:a0:a4:f5:ce:bd:f8:78:19:12:ed:
72:c9:7c:11:dd:db:3b:c1:d6:f5:5c:4b:ab:7f:da:27:b2:61:
ec:39:3d:45:17:18:7b:3c:3c:99:fd:c1:03:68:7f:20:03:de:
00:4a:3a:00:27:c9:9a:28:bd:df:ac:d8:05:89:11:08:81:23:
b1:7d:fa:b7:3e:9f:32:d6:11:2b:29:db:74:e5:18:4e:fe:6c:
0a:30:d5:05:f5:68:9b:ef:84:14:cb:68:17:32:3b:0a:7d:63:
42:c6:49:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYLZ38oBHvVsa/KesSB6SAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWJjNDNhZmNlZDcyZmI5Mjc3ODcyOGJlZTU3MWM2Nzhm
NTM4NTMwHhcNMjUwNDA2MTQwMDU0WhcNMjUwNDA3MTQwMDU0WjAzMTEwLwYDVQQD
Eyg2MTlhNGJmNGQ1ODRlYjY4ODNjZDJmNDJhYWFiOTc1MzFiYjIxY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR5GuQB255+S+fx4pMvCDfwJs7Ym
hlA46oILe1S2JSQvW4aPdTxqrFO1wEU8gQAntZaCcVamVD9G+VRkG4Vpo4s4Qpp9
xaVqX5NvZw9KJXuud3UEf/leWWPV2TsTWBvsGC4OKg+zloFCRTtR7xkbl5uNWO9s
0QNoKiMDzkonLrndkRKNHj1BaGfW1yBIpo/Th4LJqjLavKJ7RdwlvBclmvJpqyaD
vNU1fNv6k+3QgoQsvRekOGSDOIFU96rUlooMj0O0atMRAYsHKI71uTgS4/eBQJZA
HdRBy9sYKg21MKxmfaXiyL8RB8SQHdTT6PEagjMgzzzkZfPpl5/rRX3/wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGaS/TVhOtog80vQqqrl1MbshzoMB8GA1UdIwQY
MBaAFKWrxDr87XL7kneHKL7lccZ49ThTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9lOWI3NmEtMTBiMy00N2MwLWE1MTct
YjVlOTFmYzY1MDUxLzEvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9lOWI3NmEtMTBiMy00N2MwLWE1MTctYjVlOTFmYzY1MDUx
LzEvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdkAWGHNg
bAjvlFGsaz38hjtSj/osLOaLT01A9qP9bc6Bf1xJyOxEGf0DrnQNrXzTH4bM32EM
eNoDs+mF0A/yJ/Y6adbrn6N5qEF/Db0Ql5vMl0BXRg5L7EGppuy52HIRpkGqs/N6
lAbP/NABpEQeZQjgspy5Y9l/4mJx5NmkTl+NU/FZ3k1bs7Xv9K7OSexqFs38ZwCl
nUqgpPXOvfh4GRLtcsl8Ed3bO8HW9VxLq3/aJ7Jh7Dk9RRcYezw8mf3BA2h/IAPe
AEo6ACfJmii936zYBYkRCIEjsX36tz6fMtYRKynbdOUYTv5sCjDVBfVom++EFMto
FzI7Cn1jQsZJQQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:46:44 2025 by rpki-client