Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
File: paimkAmtLokJhr3XbGM8GzHwbzo.mft (raw, json)
Hash identifier: mc/lx64/0zPQwIw3WhXGmdWhQ+WxQ3Qw/N2zK0mmK9A=
Subject key identifier: A2:43:1D:00:B8:9C:B7:EF:06:FD:49:BB:9D:F5:72:D6:14:BE:AB:8D
Authority key identifier: A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
Certificate issuer: /CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Certificate serial: 0197598016102683431FDA46664670E1DFF9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
Manifest number: 066D
Signing time: Tue 10 Jun 2025 11:00:55 +0000
Manifest this update: Tue 10 Jun 2025 11:00:55 +0000
Manifest next update: Wed 11 Jun 2025 11:00:55 +0000
Files and hashes: 1: 6FOwPkcLo51Q3D-jQMVy5DzuCjo.roa (hash: ZMfa+VC1JK7r5J2BdtywNHEZxOWql9OfKZrNLteanPw=)
2: paimkAmtLokJhr3XbGM8GzHwbzo.crl (hash: HUkpetsgG1Zh/B/MSO0Pqdq7SAZ8tGmc08wL3IJ+pWo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 11:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:80:16:10:26:83:43:1f:da:46:66:46:70:e1:df:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Validity
Not Before: Jun 10 11:00:55 2025 GMT
Not After : Jun 11 11:00:55 2025 GMT
Subject: CN=a2431d00b89cb7ef06fd49bb9df572d614beab8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:86:ac:fb:15:e5:4f:8c:58:6f:ff:82:ab:9d:
5f:81:6a:88:6b:cb:9d:21:1b:d5:69:25:4d:ab:98:
f1:24:bd:0c:0e:ff:d6:22:fd:9b:e9:6e:f5:35:63:
10:82:6d:d8:5a:26:8d:fb:ac:77:e0:0c:a2:cd:aa:
c7:8a:98:96:fe:86:48:a1:ee:f8:83:14:cc:ed:dc:
fc:7d:c2:bd:c0:31:89:5f:3f:6a:17:c2:6c:2d:2a:
0b:bf:21:02:78:63:6b:e2:9d:ef:af:a4:25:40:ec:
a9:d9:de:cd:83:c0:49:b6:ab:fd:93:8b:d2:bf:ea:
81:81:7a:3c:d5:a0:47:b1:90:a4:c2:6d:ef:5d:92:
a8:7a:93:8e:a1:c3:ce:81:b6:bb:0a:54:06:ca:8c:
dc:e6:05:5c:d8:38:55:40:68:4b:d0:56:d1:9f:df:
f3:08:10:ad:eb:41:31:ed:ca:08:8b:e7:35:c9:a8:
22:93:b8:95:fd:a0:e8:80:a0:23:8f:df:52:d6:48:
9e:20:03:57:bd:a0:6d:61:33:5a:f6:1a:95:50:af:
76:72:f3:2f:36:51:b9:bb:29:ff:03:04:7a:de:ff:
93:e7:2b:d9:78:c8:75:25:aa:9c:8d:24:29:78:2a:
5c:d2:ea:8a:31:ac:e6:c9:4f:4e:9d:e5:e6:9b:f0:
3c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:43:1D:00:B8:9C:B7:EF:06:FD:49:BB:9D:F5:72:D6:14:BE:AB:8D
X509v3 Authority Key Identifier:
keyid:A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:49:b1:78:66:dc:4d:59:5a:16:53:5a:39:31:95:32:3a:12:
47:a3:82:a5:05:5e:00:5e:9f:db:88:5d:92:bc:cc:7d:82:6a:
8f:2b:b8:d8:74:0d:a2:aa:24:89:2e:97:da:f4:c5:52:50:47:
d7:50:aa:fa:c0:b3:67:e3:43:7d:fa:56:2c:14:9d:ae:4f:90:
3c:68:7e:4b:30:88:bb:98:ee:6f:7c:2c:b8:a1:40:9e:4a:08:
4f:69:d4:2a:f5:a8:79:0c:27:85:a4:31:f9:1e:e5:fa:de:4d:
62:b1:ac:d7:38:00:18:15:43:08:46:6d:66:e9:7a:19:4d:a2:
eb:22:9a:2b:cb:3d:9b:cc:63:92:bb:e5:5c:a9:eb:85:9e:c8:
67:81:17:09:f6:6b:75:b1:9c:c2:c2:f0:2c:94:d1:75:3f:02:
9b:e1:9f:97:3d:08:4c:a1:bc:87:d9:ec:29:40:d3:fb:02:5c:
60:78:0f:f6:ca:1b:e5:7e:98:aa:9f:f4:2c:3e:c4:6c:5b:9c:
fb:2f:e0:f1:36:d9:c3:4f:5f:2c:d7:d0:fe:cd:19:34:42:3e:
cf:bb:b8:97:99:fc:f5:f7:89:dc:02:4e:3b:10:c2:46:db:28:
c9:35:ec:46:d4:a4:91:c1:3e:3b:95:a8:87:60:5d:08:50:54:
85:fd:0b:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZgBYQJoNDH9pGZkZw4d/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YThhNjkwMDlhZDJlODkwOTg2YmRkNzZjNjMzYzFiMzFm
MDZmM2EwHhcNMjUwNjEwMTEwMDU1WhcNMjUwNjExMTEwMDU1WjAzMTEwLwYDVQQD
EyhhMjQzMWQwMGI4OWNiN2VmMDZmZDQ5YmI5ZGY1NzJkNjE0YmVhYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoas+xXlT4xYb/+Cq51fgWqIa8ud
IRvVaSVNq5jxJL0MDv/WIv2b6W71NWMQgm3YWiaN+6x34AyizarHipiW/oZIoe74
gxTM7dz8fcK9wDGJXz9qF8JsLSoLvyECeGNr4p3vr6QlQOyp2d7Ng8BJtqv9k4vS
v+qBgXo81aBHsZCkwm3vXZKoepOOocPOgba7ClQGyozc5gVc2DhVQGhL0FbRn9/z
CBCt60Ex7coIi+c1yagik7iV/aDogKAjj99S1kieIANXvaBtYTNa9hqVUK92cvMv
NlG5uyn/AwR63v+T5yvZeMh1JaqcjSQpeCpc0uqKMazmyU9OneXmm/A8tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJDHQC4nLfvBv1Ju531ctYUvquNMB8GA1UdIwQY
MBaAFKWoppAJrS6JCYa912xjPBsx8G86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYt
YjEyZWJmMzQ1YmMzLzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYtYjEyZWJmMzQ1YmMz
LzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjUmxeGbc
TVlaFlNaOTGVMjoSR6OCpQVeAF6f24hdkrzMfYJqjyu42HQNoqokiS6X2vTFUlBH
11Cq+sCzZ+NDffpWLBSdrk+QPGh+SzCIu5jub3wsuKFAnkoIT2nUKvWoeQwnhaQx
+R7l+t5NYrGs1zgAGBVDCEZtZul6GU2i6yKaK8s9m8xjkrvlXKnrhZ7IZ4EXCfZr
dbGcwsLwLJTRdT8Cm+Gflz0ITKG8h9nsKUDT+wJcYHgP9sob5X6Yqp/0LD7EbFuc
+y/g8TbZw09fLNfQ/s0ZNEI+z7u4l5n89feJ3AJOOxDCRtsoyTXsRtSkkcE+O5Wo
h2BdCFBUhf0Lig==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:57:22 2025 by rpki-client