Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
File: 2pxnKeHomJmE3YAtGpDonOL-Nzw.mft (raw, json)
Hash identifier: /2WpTZiN7Bg7jo7ncgqwKQcvnHaecqj/fF/5sHO4MZQ=
Subject key identifier: 5C:31:61:82:53:23:BA:A4:19:74:1B:45:EC:A3:FE:E2:FC:E2:94:13
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 01969DBE7F8D0642647D7537606DCF0BD88A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
Manifest number: 1523
Signing time: Mon 05 May 2025 00:00:29 +0000
Manifest this update: Mon 05 May 2025 00:00:29 +0000
Manifest next update: Tue 06 May 2025 00:00:29 +0000
Files and hashes: 1: 24_mmtOlkG05yQ7mb26MLLzNTPk.roa (hash: NN9FJFjMrEoXgY4DCGNqxgbjsbFf0mQojMZSGAkFQFg=)
2: 2pxnKeHomJmE3YAtGpDonOL-Nzw.crl (hash: ndcRh9BwHhKRm9Awql1Ij9gZ+38LyPsiD2vQNDH4+X4=)
3: bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa (hash: vuvSrc/xAi8bu4mOjDMbPo9yb6kp8ev2fK1dkeS76Yo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 00:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9d:be:7f:8d:06:42:64:7d:75:37:60:6d:cf:0b:d8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: May 5 00:00:29 2025 GMT
Not After : May 6 00:00:29 2025 GMT
Subject: CN=5c3161825323baa419741b45eca3fee2fce29413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5c:44:83:44:1b:6d:78:80:3d:88:e8:dd:5a:
42:b9:dc:46:d1:79:04:01:64:ba:e1:c8:4c:2a:c7:
90:c7:e0:16:04:05:2d:93:77:a8:90:98:7e:8f:2e:
77:d9:59:0f:5e:22:7c:ea:fd:da:bc:6f:23:2f:e1:
49:ee:04:ab:4d:bf:d8:bb:ed:72:ec:89:a5:82:52:
6e:e3:e4:05:92:2a:33:02:eb:c9:23:6c:a0:1c:af:
f7:eb:5c:87:7d:a3:36:8a:b1:b1:d4:7f:a6:2a:d1:
b7:e0:1f:7d:0d:b8:ee:5f:f0:04:76:a7:40:35:5d:
2e:97:f7:9d:29:a0:5c:59:70:bf:d2:a1:bc:a5:87:
0a:87:21:a8:ba:39:25:19:f0:2c:4e:7d:ed:02:15:
b1:49:2e:19:d6:9f:ba:c0:35:1c:ea:8d:7c:1c:88:
84:d5:5c:67:c9:1a:a1:6b:c2:28:4c:f9:a8:82:d0:
34:ed:67:3d:6f:97:5c:6e:ec:62:87:33:9d:d0:7b:
96:20:3a:fb:21:a1:d2:42:77:b6:72:84:72:2a:2f:
ef:c2:60:c6:42:eb:e4:87:ea:c7:9a:d9:f7:c7:d2:
3a:8c:4b:88:e5:79:57:d9:05:21:be:4f:35:b4:5a:
83:d9:fc:4a:71:2b:f9:93:b5:2f:7b:84:25:16:5e:
47:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:31:61:82:53:23:BA:A4:19:74:1B:45:EC:A3:FE:E2:FC:E2:94:13
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:00:f7:49:df:1b:68:94:ee:f4:6d:2a:0d:eb:36:2e:18:20:
39:e5:69:cb:41:13:85:7b:ff:d9:37:c5:3c:a2:ba:5e:ec:c7:
35:4d:f3:3e:4a:7f:0e:f6:00:03:18:92:93:37:e4:65:4a:8d:
50:d1:38:3e:9a:22:b4:b8:ef:18:2c:cf:01:c9:fa:a7:82:59:
dd:4b:f8:89:95:37:2b:34:4e:bf:63:fd:3f:fc:47:11:74:59:
cb:de:12:b6:68:1a:12:f4:03:02:7d:51:a2:b4:31:ac:ce:af:
d8:ed:f8:d9:66:60:4a:d0:68:2b:5e:de:10:79:cc:b0:a3:9c:
45:4f:81:6a:a0:b2:60:54:4e:65:2e:e0:b7:5a:08:24:b5:8f:
af:28:ae:27:d4:b5:c8:66:8b:3b:88:d4:68:f4:7e:7e:28:f4:
ac:68:a9:e3:a6:3a:53:a9:e0:1a:df:2f:08:82:81:fd:e0:bf:
c1:ff:87:c2:67:0d:5f:96:03:b5:a7:5f:04:32:a3:d8:98:0f:
f9:00:69:c0:09:0a:8a:58:d1:8f:ae:b3:a4:a6:28:6c:a6:0f:
30:ef:28:0e:fd:f0:b2:e2:5f:1e:c2:f5:7e:5e:60:31:75:d5:
34:42:a0:5a:52:18:ce:2f:dd:d7:ac:d0:21:3d:02:0f:29:1e:
55:55:04:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZadvn+NBkJkfXU3YG3PC9iKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjUwNTA1MDAwMDI5WhcNMjUwNTA2MDAwMDI5WjAzMTEwLwYDVQQD
Eyg1YzMxNjE4MjUzMjNiYWE0MTk3NDFiNDVlY2EzZmVlMmZjZTI5NDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVxEg0QbbXiAPYjo3VpCudxG0XkE
AWS64chMKseQx+AWBAUtk3eokJh+jy532VkPXiJ86v3avG8jL+FJ7gSrTb/Yu+1y
7ImlglJu4+QFkiozAuvJI2ygHK/361yHfaM2irGx1H+mKtG34B99DbjuX/AEdqdA
NV0ul/edKaBcWXC/0qG8pYcKhyGoujklGfAsTn3tAhWxSS4Z1p+6wDUc6o18HIiE
1VxnyRqha8IoTPmogtA07Wc9b5dcbuxihzOd0HuWIDr7IaHSQne2coRyKi/vwmDG
Quvkh+rHmtn3x9I6jEuI5XlX2QUhvk81tFqD2fxKcSv5k7Uve4QlFl5HUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwxYYJTI7qkGXQbReyj/uL84pQTMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQD3Sd8b
aJTu9G0qDes2LhggOeVpy0EThXv/2TfFPKK6XuzHNU3zPkp/DvYAAxiSkzfkZUqN
UNE4PpoitLjvGCzPAcn6p4JZ3Uv4iZU3KzROv2P9P/xHEXRZy94StmgaEvQDAn1R
orQxrM6v2O342WZgStBoK17eEHnMsKOcRU+BaqCyYFROZS7gt1oIJLWPryiuJ9S1
yGaLO4jUaPR+fij0rGip46Y6U6ngGt8vCIKB/eC/wf+HwmcNX5YDtadfBDKj2JgP
+QBpwAkKiljRj66zpKYobKYPMO8oDv3wsuJfHsL1fl5gMXXVNEKgWlIYzi/d16zQ
IT0CDykeVVUEJg==
-----END CERTIFICATE-----
Generated at Mon May 5 09:58:19 2025 by rpki-client