Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft
File: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft (raw, json)
Hash identifier: rJtcopxZQxkymC/xMHtpkgE+z57/ayTUJ8ZOcv3R4sQ=
Subject key identifier: B3:14:8C:0D:79:13:5E:9E:B2:9D:5F:38:16:47:E3:53:E3:2B:F5:EE
Authority key identifier: C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E
Certificate issuer: /CN=A91443440000/serialNumber=C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E
Certificate serial: 587DD76CC310ED1BB378638A7BD32878E29527AE
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft
Manifest number: 01C5
Signing time: Thu 28 Aug 2025 19:52:40 +0000
Manifest this update: Thu 28 Aug 2025 19:47:40 +0000
Manifest next update: Fri 29 Aug 2025 21:04:40 +0000
Files and hashes: 1: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl (hash: ms0k9sN5bFS1t+YlP64krqNdHzz4r6z6VSeSB5zfdQY=)
2: 3136302e33302e32352e302f32342d3234203d3e20313533313736.roa (hash: sWQMzSPI6Bg4G4IKisjp9DHougwIrJ9n/xHdiIfWjWY=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7d:d7:6c:c3:10:ed:1b:b3:78:63:8a:7b:d3:28:78:e2:95:27:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91443440000, serialNumber=C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E
Validity
Not Before: Aug 28 19:47:40 2025 GMT
Not After : Aug 29 21:04:40 2025 GMT
Subject: CN=B3148C0D79135E9EB29D5F381647E353E32BF5EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:81:52:f4:26:62:0b:73:d6:26:98:14:0c:ca:
fe:6d:f6:9c:93:c1:f8:85:a5:c3:ee:b1:95:cf:39:
1e:d6:c1:72:e3:5f:fe:03:2e:90:b7:aa:4b:c9:b1:
74:b3:a2:fe:b4:76:01:b8:21:cf:8b:d8:d3:c3:5d:
ef:ef:6d:65:5c:90:70:c7:6e:bd:e8:b1:76:5e:51:
5e:1e:b9:04:81:32:23:0d:7b:dd:f6:ea:cf:c3:6a:
5b:9c:d6:1b:3a:4e:eb:ce:bb:98:8e:d8:ca:2f:41:
68:d3:56:cc:1d:ba:b4:eb:2a:ed:2f:77:25:fd:47:
ec:b9:5d:4b:05:cd:f6:56:7c:06:19:37:16:65:be:
c3:03:ee:f3:fb:10:4e:95:61:00:cf:9f:b1:6d:d3:
4b:7e:52:7e:2b:ba:30:82:db:32:a4:ff:c5:d8:ba:
e6:0a:08:b8:f7:ed:41:7b:15:ab:d8:f7:86:8e:f3:
56:7e:4f:c5:6e:43:b1:1d:36:ab:8b:14:5e:bb:fb:
7c:22:e8:a1:90:60:41:b0:3f:35:20:57:8d:06:b1:
eb:5b:18:9e:b4:32:c5:f8:f1:b6:c4:e2:a6:19:8e:
d4:cd:db:50:bc:bf:97:27:ae:ad:7c:ff:52:ae:0f:
74:e4:31:52:b0:f0:26:1b:28:a6:cf:26:72:7a:2c:
43:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:14:8C:0D:79:13:5E:9E:B2:9D:5F:38:16:47:E3:53:E3:2B:F5:EE
X509v3 Authority Key Identifier:
keyid:C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:3f:6e:95:c7:e4:23:1b:5d:b9:e8:9e:02:a5:83:ee:a3:05:
64:13:71:94:58:98:78:79:c3:16:86:9f:98:a2:5c:06:36:2b:
ab:79:f4:36:24:cb:92:21:81:aa:92:c0:d5:99:9b:11:27:68:
5d:35:7b:42:5b:c5:23:c2:b4:fe:6e:bb:60:7a:1b:ef:2c:07:
97:e0:9c:8d:44:eb:a8:75:0f:04:59:23:bc:ea:64:9d:45:7b:
9b:f5:f6:36:1d:ab:e7:78:cd:76:42:bf:76:9b:de:e7:44:40:
13:60:3e:96:c3:1a:44:6d:db:26:32:89:0c:4a:cd:04:bf:b7:
b5:d3:58:95:5f:70:f5:7e:0d:e7:10:d8:5e:98:8e:e2:98:58:
c4:f0:f1:34:ba:b1:ad:68:c5:49:a7:8f:68:d6:3b:72:76:c9:
69:ea:72:88:b4:9a:4e:8d:8b:57:87:f8:7b:14:4d:40:eb:db:
e2:38:ca:c3:f2:44:7c:70:eb:35:05:7b:eb:13:83:16:c1:72:
c6:c5:63:37:d3:d6:f7:36:c5:9a:b9:ab:b7:5b:49:36:c0:25:
e8:55:44:58:a6:f5:93:0c:cf:5a:09:93:0d:7f:61:e8:ba:ca:
84:61:25:32:0e:90:ee:a2:e1:b9:ac:24:c0:69:d1:9b:47:d8:
0a:94:2a:a8
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUWH3XbMMQ7RuzeGOKe9MoeOKVJ64wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDQzNDQwMDAwMTEwLwYDVQQFEyhDNEU2QzNEQUVC
NzRCRTQ1MjA3RUI4MERFREYxRkZENTRCQzAwMTlFMB4XDTI1MDgyODE5NDc0MFoX
DTI1MDgyOTIxMDQ0MFowMzExMC8GA1UEAxMoQjMxNDhDMEQ3OTEzNUU5RUIyOUQ1
RjM4MTY0N0UzNTNFMzJCRjVFRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyBUvQmYgtz1iaYFAzK/m32nJPB+IWlw+6xlc85HtbBcuNf/gMukLeqS8mx
dLOi/rR2Abghz4vY08Nd7+9tZVyQcMduveixdl5RXh65BIEyIw173fbqz8NqW5zW
GzpO6867mI7Yyi9BaNNWzB26tOsq7S93Jf1H7LldSwXN9lZ8Bhk3FmW+wwPu8/sQ
TpVhAM+fsW3TS35Sfiu6MILbMqT/xdi65goIuPftQXsVq9j3ho7zVn5PxW5DsR02
q4sUXrv7fCLooZBgQbA/NSBXjQax61sYnrQyxfjxtsTiphmO1M3bULy/lyeurXz/
Uq4PdOQxUrDwJhsops8mcnosQ0MCAwEAAaOCAmEwggJdMB0GA1UdDgQWBBSzFIwN
eRNenrKdXzgWR+NT4yv17jAfBgNVHSMEGDAWgBTE5sPa63S+RSB+uA3t8f/VS8AB
njAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84ZDVjZDE0ZS01
ZjYzLTRmMWMtOTRlMy0yNzA1MGMyNjY0ODAvMi9DNEU2QzNEQUVCNzRCRTQ1MjA3
RUI4MERFREYxRkZENTRCQzAwMTlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB
BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0EyNEYy
MDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi94T2JEMnV0MHZrVWdmcmdON2ZIXzFV
dkFBWjQuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGQ1Y2QxNGUt
NWY2My00ZjFjLTk0ZTMtMjcwNTBjMjY2NDgwLzIvQzRFNkMzREFFQjc0QkU0NTIw
N0VCODBERURGMUZGRDU0QkMwMDE5RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF
BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAH8/bpXH5CMbXbnongKl
g+6jBWQTcZRYmHh5wxaGn5iiXAY2K6t59DYky5IhgaqSwNWZmxEnaF01e0JbxSPC
tP5uu2B6G+8sB5fgnI1E66h1DwRZI7zqZJ1Fe5v19jYdq+d4zXZCv3ab3udEQBNg
PpbDGkRt2yYyiQxKzQS/t7XTWJVfcPV+DecQ2F6YjuKYWMTw8TS6sa1oxUmnj2jW
O3J2yWnqcoi0mk6Ni1eH+HsUTUDr2+I4ysPyRHxw6zUFe+sTgxbBcsbFYzfT1vc2
xZq5q7dbSTbAJehVRFim9ZMMz1oJkw1/Yei6yoRhJTIOkO6i4bmsJMBp0ZtH2AqU
Kqg=
-----END CERTIFICATE-----
Generated at Thu Sep 4 13:56:10 2025 by rpki-client