Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft
File: PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft (raw, json)
Hash identifier: f4LbY3FnNgJrowtqWq7EtF4rhdRBEfNNcCNh3c1o0+4=
Subject key identifier: BD:AC:59:E2:1D:44:33:21:D0:6C:9F:F2:A4:36:F9:DC:1D:82:85:D8
Authority key identifier: 3D:82:F1:FC:E0:08:BC:C7:25:DD:BB:E7:06:74:51:DD:82:05:93:07
Certificate issuer: /CN=3d82f1fce008bcc725ddbbe7067451dd82059307
Certificate serial: 0197B63268C5A7AE6F49D59FF2408C7DB138
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYLx_OAIvMcl3bvnBnRR3YIFkwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft
Manifest number: 07
Signing time: Sat 28 Jun 2025 11:00:46 +0000
Manifest this update: Sat 28 Jun 2025 11:00:46 +0000
Manifest next update: Sun 29 Jun 2025 11:00:46 +0000
Files and hashes: 1: PYLx_OAIvMcl3bvnBnRR3YIFkwc.crl (hash: 2ZFC84vqAewx22s1uUFIVPgkEBw9a7QgRrRdEFCSlqw=)
2: TonV6li5yUkoZ-CnaxO8HKBagJ8.roa (hash: XnEwLGsQ6FECYx0FnlaZRoMgPrGS5ObC7JCUywQQ//c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYLx_OAIvMcl3bvnBnRR3YIFkwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:32:68:c5:a7:ae:6f:49:d5:9f:f2:40:8c:7d:b1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d82f1fce008bcc725ddbbe7067451dd82059307
Validity
Not Before: Jun 28 11:00:46 2025 GMT
Not After : Jun 29 11:00:46 2025 GMT
Subject: CN=bdac59e21d443321d06c9ff2a436f9dc1d8285d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:50:8d:07:83:ee:16:9d:64:af:4e:0d:5c:dd:
99:b9:d7:b3:69:8e:e3:21:f8:91:88:08:3b:81:48:
72:4f:8c:67:48:48:9d:9b:87:bf:88:21:51:e7:eb:
74:d2:f4:1a:0d:00:5a:da:3e:c8:0a:41:f4:20:3b:
f6:51:57:74:2a:90:c1:ce:38:df:c0:18:5b:82:be:
3e:0d:d9:22:51:40:07:27:7e:6f:f0:b4:45:36:93:
1c:c7:1a:6c:49:80:74:fd:29:c6:98:a1:11:2d:c7:
51:ba:e2:36:49:1b:44:35:94:9d:e5:36:a7:bc:a5:
80:98:d3:83:3f:48:a2:45:4e:4b:68:83:ee:f1:73:
b6:7c:42:85:a9:85:f4:9e:64:e3:fc:f2:05:ce:a6:
05:e6:5e:2d:e2:12:f1:58:b5:2c:85:fb:5f:78:2e:
5b:19:f0:06:04:01:cd:d2:17:cb:dc:ec:c5:b4:8b:
21:1a:de:6c:70:76:1d:66:58:17:13:8e:a4:5f:e6:
00:a8:e7:c7:9e:fd:d6:75:65:eb:3d:ff:56:05:46:
43:2e:ef:81:ae:69:02:ad:45:bd:f3:04:7c:54:4a:
6b:f4:fb:95:bb:17:c8:30:1a:a5:93:00:ef:ab:a2:
d9:12:f3:da:40:a0:21:b3:ab:07:15:e7:10:ba:34:
ad:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AC:59:E2:1D:44:33:21:D0:6C:9F:F2:A4:36:F9:DC:1D:82:85:D8
X509v3 Authority Key Identifier:
keyid:3D:82:F1:FC:E0:08:BC:C7:25:DD:BB:E7:06:74:51:DD:82:05:93:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYLx_OAIvMcl3bvnBnRR3YIFkwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:9e:cc:b4:e8:00:a9:01:8c:f3:7f:6d:0b:57:66:09:06:24:
9d:dd:14:d2:41:36:a3:0d:06:e7:18:33:d7:d4:24:a8:24:b3:
21:d3:13:10:94:48:bd:f8:3d:4b:39:ac:30:1f:ce:8d:1f:9e:
c2:8b:5e:a8:76:1d:3b:82:c7:90:0e:3b:6a:27:61:6d:a0:2e:
83:90:96:87:1a:48:bb:db:6d:ba:94:fa:ce:b0:a9:c5:75:70:
91:8d:3d:7b:cf:cd:17:6f:56:b8:cd:c1:83:d1:75:15:81:6a:
c9:55:83:fd:15:fe:23:c9:7a:bb:db:cf:76:6c:7c:ff:de:5c:
3b:97:2a:6f:f8:ca:d4:4d:de:18:92:eb:f1:f5:62:5d:ef:04:
9c:87:3f:07:ef:91:aa:9d:b6:0a:87:e6:7c:d2:af:56:7d:e3:
a0:35:d2:1c:1c:fb:4a:38:4d:a0:f0:bb:34:4a:71:80:b1:08:
26:86:18:dd:a8:f7:da:a8:44:5a:c3:77:17:f9:39:9a:44:fa:
3a:ad:57:44:a6:5c:d1:75:fa:01:d1:d7:27:a3:7d:88:c0:b9:
8d:5f:91:75:67:9c:a7:75:75:54:9b:35:7a:33:1b:c6:ab:3a:
82:8f:d9:17:78:74:3b:08:d4:46:65:02:f1:e3:19:78:38:42:
9f:72:dd:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MmjFp65vSdWf8kCMfbE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODJmMWZjZTAwOGJjYzcyNWRkYmJlNzA2NzQ1MWRkODIw
NTkzMDcwHhcNMjUwNjI4MTEwMDQ2WhcNMjUwNjI5MTEwMDQ2WjAzMTEwLwYDVQQD
EyhiZGFjNTllMjFkNDQzMzIxZDA2YzlmZjJhNDM2ZjlkYzFkODI4NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1CNB4PuFp1kr04NXN2ZudezaY7j
IfiRiAg7gUhyT4xnSEidm4e/iCFR5+t00vQaDQBa2j7ICkH0IDv2UVd0KpDBzjjf
wBhbgr4+DdkiUUAHJ35v8LRFNpMcxxpsSYB0/SnGmKERLcdRuuI2SRtENZSd5Tan
vKWAmNODP0iiRU5LaIPu8XO2fEKFqYX0nmTj/PIFzqYF5l4t4hLxWLUshftfeC5b
GfAGBAHN0hfL3OzFtIshGt5scHYdZlgXE46kX+YAqOfHnv3WdWXrPf9WBUZDLu+B
rmkCrUW98wR8VEpr9PuVuxfIMBqlkwDvq6LZEvPaQKAhs6sHFecQujSt+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2sWeIdRDMh0Gyf8qQ2+dwdgoXYMB8GA1UdIwQY
MBaAFD2C8fzgCLzHJd275wZ0Ud2CBZMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlMeF9PQUl2TWNsM2J2bkJuUlIzWUlGa3djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85YzRhNzctMGM3ZS00OTRjLWEyMzEt
YmYxZTk5YzBjZjNmLzEvUFlMeF9PQUl2TWNsM2J2bkJuUlIzWUlGa3djLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85YzRhNzctMGM3ZS00OTRjLWEyMzEtYmYxZTk5YzBjZjNm
LzEvUFlMeF9PQUl2TWNsM2J2bkJuUlIzWUlGa3djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJZ7MtOgA
qQGM839tC1dmCQYknd0U0kE2ow0G5xgz19QkqCSzIdMTEJRIvfg9SzmsMB/OjR+e
woteqHYdO4LHkA47aidhbaAug5CWhxpIu9ttupT6zrCpxXVwkY09e8/NF29WuM3B
g9F1FYFqyVWD/RX+I8l6u9vPdmx8/95cO5cqb/jK1E3eGJLr8fViXe8EnIc/B++R
qp22CofmfNKvVn3joDXSHBz7SjhNoPC7NEpxgLEIJoYY3aj32qhEWsN3F/k5mkT6
Oq1XRKZc0XX6AdHXJ6N9iMC5jV+RdWecp3V1VJs1ejMbxqs6go/ZF3h0OwjURmUC
8eMZeDhCn3LdTA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:07:21 2025 by rpki-client