Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/3185c4-d724-435d-8277-152d204ebfa3/1/pZDvI7RWydsg0wdCkysBf8VyTlY.mft
File: pZDvI7RWydsg0wdCkysBf8VyTlY.mft (raw, json)
Hash identifier: mZMdFkU2Di7+4AdcEmkEhH8+vx3PsIkiebBALw7+3eU=
Subject key identifier: 60:4D:B7:35:E6:53:D8:D1:53:90:A5:EC:29:43:82:DC:CA:4A:6A:A4
Authority key identifier: A5:90:EF:23:B4:56:C9:DB:20:D3:07:42:93:2B:01:7F:C5:72:4E:56
Certificate issuer: /CN=a590ef23b456c9db20d30742932b017fc5724e56
Certificate serial: 0197C64AC5266FEBC7F47562EE759A8D87E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZDvI7RWydsg0wdCkysBf8VyTlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/3185c4-d724-435d-8277-152d204ebfa3/1/pZDvI7RWydsg0wdCkysBf8VyTlY.mft
Manifest number: 0D72
Signing time: Tue 01 Jul 2025 14:01:18 +0000
Manifest this update: Tue 01 Jul 2025 14:01:18 +0000
Manifest next update: Wed 02 Jul 2025 14:01:18 +0000
Files and hashes: 1: pZDvI7RWydsg0wdCkysBf8VyTlY.crl (hash: UtQ1ohNuRT6zkD3sKAaPk3Cg3LuzmoM9tKPLl/sbiXI=)
2: qkuFYPmd6yVSJeAUkr6iVxoW6uI.roa (hash: 6R5f5Psj0EmX1v5BkourUurygRB3rOnwEBUagdishKo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/3185c4-d724-435d-8277-152d204ebfa3/1/pZDvI7RWydsg0wdCkysBf8VyTlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/3185c4-d724-435d-8277-152d204ebfa3/1/pZDvI7RWydsg0wdCkysBf8VyTlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pZDvI7RWydsg0wdCkysBf8VyTlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:4a:c5:26:6f:eb:c7:f4:75:62:ee:75:9a:8d:87:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a590ef23b456c9db20d30742932b017fc5724e56
Validity
Not Before: Jul 1 14:01:18 2025 GMT
Not After : Jul 2 14:01:18 2025 GMT
Subject: CN=604db735e653d8d15390a5ec294382dcca4a6aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4a:85:0b:db:b1:96:c2:3d:1a:56:cb:80:c9:
50:43:49:ce:c9:70:7b:31:45:fb:cc:bf:be:94:fd:
34:e5:b3:41:45:2c:dc:9b:50:80:62:45:4a:97:20:
3e:69:a2:6c:40:26:20:14:b4:90:4c:d6:ae:e2:6a:
aa:45:55:7c:21:8d:4a:ea:e2:75:53:b9:31:e1:41:
9c:31:11:5f:1d:7e:ad:2e:f7:78:88:a6:6a:ba:01:
72:52:d5:b7:78:93:da:e1:6b:4c:8d:51:f1:58:32:
cb:cf:18:3c:a5:8e:a1:9e:fc:f2:d7:fb:0f:7a:ac:
db:de:25:c1:5c:df:f2:bb:29:8f:4f:b1:50:0d:b6:
82:0a:59:04:bc:24:67:12:b4:1d:e3:8d:2e:86:66:
4d:1d:e0:06:ac:a5:b0:46:b5:2e:28:91:15:1c:c9:
9f:3f:3f:17:39:44:68:39:7e:f2:cf:f3:65:b7:2e:
5d:df:4d:dc:59:87:df:77:96:5b:a0:b3:f6:e4:e7:
a1:1c:74:3c:4e:c3:2b:15:4f:1c:e5:41:9a:91:fe:
64:4b:9c:0b:4c:ad:76:19:31:50:56:a5:70:49:77:
09:cb:98:26:d8:65:c0:89:82:c7:b6:97:7d:fd:64:
7d:75:ba:d1:fa:14:c7:05:a7:1b:07:49:97:a5:0f:
4c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:4D:B7:35:E6:53:D8:D1:53:90:A5:EC:29:43:82:DC:CA:4A:6A:A4
X509v3 Authority Key Identifier:
keyid:A5:90:EF:23:B4:56:C9:DB:20:D3:07:42:93:2B:01:7F:C5:72:4E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZDvI7RWydsg0wdCkysBf8VyTlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3185c4-d724-435d-8277-152d204ebfa3/1/pZDvI7RWydsg0wdCkysBf8VyTlY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3185c4-d724-435d-8277-152d204ebfa3/1/pZDvI7RWydsg0wdCkysBf8VyTlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:1c:ef:f3:25:d8:6b:cd:e1:4c:e4:6b:8f:d1:a1:d0:87:cf:
19:05:ee:74:fc:5e:3f:70:82:73:6d:6c:4b:f4:1c:8d:be:ef:
ff:e8:41:1f:ba:8d:f2:2b:f5:02:e3:dd:41:fb:b2:97:d6:0f:
53:c6:6c:ed:9c:77:ef:11:fd:8d:da:4b:c2:8f:18:96:43:d1:
b5:d3:75:2c:23:55:bb:bf:40:3f:c6:1e:67:8e:55:51:5c:c3:
dc:f4:7b:05:74:e0:00:2e:e3:69:79:d3:9f:f2:51:c0:6c:a1:
cb:2f:a9:19:a8:5d:e2:83:68:66:0d:6c:de:20:1c:ca:42:57:
cb:df:8e:a0:d2:85:7e:bc:c3:75:8b:09:e8:8f:a9:28:f6:01:
8a:31:a8:0a:63:1b:8c:db:30:c0:09:9d:a6:ac:3b:91:75:bf:
8e:f4:35:71:a1:98:74:42:de:f3:5a:50:67:10:c1:73:95:48:
ed:2b:13:79:d3:b3:ee:e0:a2:dc:e3:01:cc:86:8f:27:ad:07:
10:cc:cb:5f:e2:a6:c4:86:6c:1d:0f:6a:9b:1f:f9:4d:2c:6d:
9d:77:85:da:74:0a:29:94:1f:dd:94:8d:36:70:5c:7c:9d:ef:
31:b8:d2:bf:7b:80:c4:60:d5:b1:00:aa:e0:1e:33:67:25:b8:
15:46:42:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGSsUmb+vH9HVi7nWajYfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OTBlZjIzYjQ1NmM5ZGIyMGQzMDc0MjkzMmIwMTdmYzU3
MjRlNTYwHhcNMjUwNzAxMTQwMTE4WhcNMjUwNzAyMTQwMTE4WjAzMTEwLwYDVQQD
Eyg2MDRkYjczNWU2NTNkOGQxNTM5MGE1ZWMyOTQzODJkY2NhNGE2YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUqFC9uxlsI9GlbLgMlQQ0nOyXB7
MUX7zL++lP005bNBRSzcm1CAYkVKlyA+aaJsQCYgFLSQTNau4mqqRVV8IY1K6uJ1
U7kx4UGcMRFfHX6tLvd4iKZqugFyUtW3eJPa4WtMjVHxWDLLzxg8pY6hnvzy1/sP
eqzb3iXBXN/yuymPT7FQDbaCClkEvCRnErQd440uhmZNHeAGrKWwRrUuKJEVHMmf
Pz8XOURoOX7yz/Nlty5d303cWYffd5ZboLP25OehHHQ8TsMrFU8c5UGakf5kS5wL
TK12GTFQVqVwSXcJy5gm2GXAiYLHtpd9/WR9dbrR+hTHBacbB0mXpQ9M5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBNtzXmU9jRU5Cl7ClDgtzKSmqkMB8GA1UdIwQY
MBaAFKWQ7yO0VsnbINMHQpMrAX/Fck5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFpEdkk3Uld5ZHNnMHdkQ2t5c0JmOFZ5VGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zMTg1YzQtZDcyNC00MzVkLTgyNzct
MTUyZDIwNGViZmEzLzEvcFpEdkk3Uld5ZHNnMHdkQ2t5c0JmOFZ5VGxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8zMTg1YzQtZDcyNC00MzVkLTgyNzctMTUyZDIwNGViZmEz
LzEvcFpEdkk3Uld5ZHNnMHdkQ2t5c0JmOFZ5VGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxzv8yXY
a83hTORrj9Gh0IfPGQXudPxeP3CCc21sS/Qcjb7v/+hBH7qN8iv1AuPdQfuyl9YP
U8Zs7Zx37xH9jdpLwo8YlkPRtdN1LCNVu79AP8YeZ45VUVzD3PR7BXTgAC7jaXnT
n/JRwGyhyy+pGahd4oNoZg1s3iAcykJXy9+OoNKFfrzDdYsJ6I+pKPYBijGoCmMb
jNswwAmdpqw7kXW/jvQ1caGYdELe81pQZxDBc5VI7SsTedOz7uCi3OMBzIaPJ60H
EMzLX+KmxIZsHQ9qmx/5TSxtnXeF2nQKKZQf3ZSNNnBcfJ3vMbjSv3uAxGDVsQCq
4B4zZyW4FUZC6g==
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:30:47 2025 by rpki-client