Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File: Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier: EcUloQs5tTQLGQulsMYPhIibmWgahOG2L1tYP9+Ib54=
Subject key identifier: 83:B3:39:E1:AA:C6:CD:6E:69:18:9D:2B:1C:5F:0E:E6:27:C2:9C:09
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer: /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial: 0197B633003CE241485E966EF3CA67A7415D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number: 0460
Signing time: Sat 28 Jun 2025 11:01:25 +0000
Manifest this update: Sat 28 Jun 2025 11:01:25 +0000
Manifest next update: Sun 29 Jun 2025 11:01:25 +0000
Files and hashes: 1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: V5idMj2PBJiu6fWfZVFe5+DYiRqRJRuABV/2AmZniIM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:33:00:3c:e2:41:48:5e:96:6e:f3:ca:67:a7:41:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Validity
Not Before: Jun 28 11:01:25 2025 GMT
Not After : Jun 29 11:01:25 2025 GMT
Subject: CN=83b339e1aac6cd6e69189d2b1c5f0ee627c29c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:89:ea:32:b4:d9:cc:44:e4:70:41:33:ac:82:
da:68:75:b6:ec:32:07:9b:ad:e6:bb:01:8a:34:a9:
3b:9d:77:ed:c8:ba:52:3a:88:d6:a0:08:a3:8b:c7:
8b:53:5c:58:25:ee:6c:f2:c6:31:70:84:01:76:6c:
62:c1:21:b1:aa:d0:3f:c2:81:37:7c:c0:8e:2b:51:
da:05:c7:f3:85:3b:d9:2d:92:45:e9:6c:4c:3d:7d:
31:a5:5a:ae:25:6e:58:de:35:5c:7b:24:12:f7:92:
43:c0:52:c7:46:13:ca:8b:da:c7:0a:91:4e:e9:44:
cc:c0:2a:16:03:4b:aa:ec:6a:3d:4a:7e:76:05:94:
38:76:0d:68:92:79:8a:c1:0e:a7:b0:00:5c:f7:06:
bd:2b:a0:d5:df:78:db:ad:8c:5a:d9:3d:18:70:ee:
21:10:64:fc:8e:f6:56:c7:c7:63:dd:ba:f2:1c:ba:
a5:ed:69:03:d1:5f:05:8c:4c:4d:39:35:e2:4c:a5:
57:9b:9a:83:eb:29:a8:e7:1e:18:a9:4f:63:ea:47:
db:1d:7b:41:2b:bd:88:88:46:3d:61:e0:dc:16:e1:
5a:5a:bb:31:38:20:2c:6e:18:c2:50:34:60:d3:87:
96:73:fb:bb:a2:22:a6:85:79:fc:9d:af:44:20:7e:
55:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B3:39:E1:AA:C6:CD:6E:69:18:9D:2B:1C:5F:0E:E6:27:C2:9C:09
X509v3 Authority Key Identifier:
keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:63:fa:31:89:d2:a6:e2:8a:7b:71:8a:68:9b:53:8b:8f:f1:
1f:fd:ee:45:a5:52:5d:f7:4c:bd:7d:e2:ff:29:09:80:f3:86:
03:a8:e5:51:be:db:90:13:cd:58:c1:d9:10:7a:89:ca:43:03:
e0:cc:69:ed:e8:23:46:d7:a7:e5:60:19:85:f4:bf:fd:b2:c7:
5f:fd:5f:e8:64:df:10:4d:58:50:c0:59:94:36:10:8f:ca:aa:
a9:5b:0b:f8:90:ea:b4:57:85:02:c5:bf:57:72:a1:39:af:75:
23:7c:62:6f:15:d8:84:d0:fb:6a:37:36:94:13:c1:fa:b1:14:
80:dd:07:a6:e4:41:5b:15:92:a0:ba:e2:ff:e6:dc:02:63:11:
d4:de:78:6f:60:40:66:70:d5:66:90:ff:62:2d:d1:0a:fb:a8:
29:59:d2:ef:a1:4c:ed:e1:75:43:63:78:cc:2c:61:cf:ef:c7:
ec:39:91:00:c2:ee:03:23:30:e2:2b:86:90:79:d6:18:66:b8:
ac:b4:d0:f8:c6:a0:e6:56:ee:2e:42:08:fd:eb:88:66:14:dc:
b3:10:c8:57:77:ac:4e:5e:e2:c6:d4:6e:ff:bf:40:9c:5f:f9:
35:5a:71:fa:c9:b3:1c:93:bd:73:aa:0e:a3:95:70:e4:42:c7:
4e:ce:a7:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MwA84kFIXpZu88pnp0FdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjUwNjI4MTEwMTI1WhcNMjUwNjI5MTEwMTI1WjAzMTEwLwYDVQQD
Eyg4M2IzMzllMWFhYzZjZDZlNjkxODlkMmIxYzVmMGVlNjI3YzI5YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6InqMrTZzETkcEEzrILaaHW27DIH
m63muwGKNKk7nXftyLpSOojWoAiji8eLU1xYJe5s8sYxcIQBdmxiwSGxqtA/woE3
fMCOK1HaBcfzhTvZLZJF6WxMPX0xpVquJW5Y3jVceyQS95JDwFLHRhPKi9rHCpFO
6UTMwCoWA0uq7Go9Sn52BZQ4dg1oknmKwQ6nsABc9wa9K6DV33jbrYxa2T0YcO4h
EGT8jvZWx8dj3bryHLql7WkD0V8FjExNOTXiTKVXm5qD6ymo5x4YqU9j6kfbHXtB
K72IiEY9YeDcFuFaWrsxOCAsbhjCUDRg04eWc/u7oiKmhXn8na9EIH5VBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOzOeGqxs1uaRidKxxfDuYnwpwJMB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl2P6MYnS
puKKe3GKaJtTi4/xH/3uRaVSXfdMvX3i/ykJgPOGA6jlUb7bkBPNWMHZEHqJykMD
4Mxp7egjRten5WAZhfS//bLHX/1f6GTfEE1YUMBZlDYQj8qqqVsL+JDqtFeFAsW/
V3KhOa91I3xibxXYhND7ajc2lBPB+rEUgN0HpuRBWxWSoLri/+bcAmMR1N54b2BA
ZnDVZpD/Yi3RCvuoKVnS76FM7eF1Q2N4zCxhz+/H7DmRAMLuAyMw4iuGkHnWGGa4
rLTQ+Mag5lbuLkII/euIZhTcsxDIV3esTl7ixtRu/79AnF/5NVpx+smzHJO9c6oO
o5Vw5ELHTs6n7w==
-----END CERTIFICATE-----
Generated at Sat Jun 28 19:26:18 2025 by rpki-client