Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: Gt22/0bDtbW0hEwU+zAflofbCqHhVuQb7rD4nWnpMSU=
Subject key identifier: 4A:89:47:0D:5D:0E:24:A4:4D:DC:9C:77:D3:79:FF:23:E6:72:68:24
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 0196C081B5F5198A66149B792B716ED6CA5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 1535
Signing time: Sun 11 May 2025 18:00:48 +0000
Manifest this update: Sun 11 May 2025 18:00:48 +0000
Manifest next update: Mon 12 May 2025 18:00:48 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: uqJ0xQjNsK7lZSEavj/nd2wjNZcxLaDMzw16lqtqluQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 18:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:81:b5:f5:19:8a:66:14:9b:79:2b:71:6e:d6:ca:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: May 11 18:00:48 2025 GMT
Not After : May 12 18:00:48 2025 GMT
Subject: CN=4a89470d5d0e24a44ddc9c77d379ff23e6726824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:48:86:1c:0d:95:5d:d5:8c:73:1a:27:00:
9e:bf:48:6f:1d:b7:98:f4:34:5a:ee:f7:11:8b:a1:
ac:dd:f9:ba:c5:a0:1a:cc:94:b9:50:cc:db:52:59:
ae:6b:7d:b2:2e:85:ad:7d:3a:0c:6c:05:5c:b7:97:
15:63:0e:fe:1b:6f:86:2b:bd:c3:4c:8d:d4:49:1f:
77:46:6e:e1:c6:db:a3:de:4f:3c:69:53:54:fd:55:
72:2f:80:3f:3f:ef:44:9f:5e:55:90:70:35:59:2e:
1d:52:00:94:43:ff:93:e3:bb:fb:69:b1:53:dd:85:
97:a7:56:dd:dc:d5:bb:65:5b:bf:4d:84:fc:99:c8:
ad:3b:73:55:dc:d5:b7:3d:4e:d1:bb:da:a8:a7:b0:
6f:95:46:75:72:11:24:a4:ec:e3:0d:c8:38:3b:f7:
39:82:a8:e1:43:d0:98:2d:e0:f8:05:71:41:9c:82:
63:5e:9a:f6:c7:5a:d9:58:df:70:28:aa:8c:a5:17:
2e:d4:fe:cc:3a:53:49:38:dc:5a:52:32:d6:39:f6:
ba:c0:ba:e7:4a:c7:67:7e:5b:d8:a5:99:3f:83:00:
aa:58:2a:c2:16:e9:bc:3e:98:05:5b:3a:cd:97:dc:
75:24:46:37:93:5a:75:55:92:89:81:18:d8:f5:51:
b0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:89:47:0D:5D:0E:24:A4:4D:DC:9C:77:D3:79:FF:23:E6:72:68:24
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:ea:7e:fb:0d:f9:1b:ca:dd:0e:0c:0e:06:4e:aa:2b:84:ec:
5e:47:59:8d:26:72:4d:25:4a:04:ab:f9:92:be:8c:1f:c5:51:
68:33:c2:bc:cc:27:83:08:f9:af:d5:4e:64:c4:e1:1a:06:82:
63:23:94:25:ca:f9:34:62:21:c8:a5:d6:e7:57:6f:d2:bd:4a:
10:cf:97:f4:19:2e:82:4d:7d:2c:c4:bf:84:ca:87:c2:3a:c7:
4e:67:3f:38:b7:88:78:03:4e:87:b5:38:0c:d0:85:23:06:8a:
db:26:ef:78:45:21:f4:5e:0a:e0:9f:b9:85:af:f5:0f:28:96:
51:f5:1a:80:f0:a8:b0:47:cb:ed:d9:e2:d9:88:16:7f:92:a7:
c6:81:49:57:6d:c2:36:3a:0d:95:a2:f5:d9:70:58:8c:0d:78:
25:74:b6:20:c4:8e:bf:84:6c:9c:bf:b2:50:3c:99:32:c9:0e:
8a:c9:ba:74:48:72:a4:4c:35:d1:61:3c:fb:48:25:15:65:96:
5a:af:0d:e2:37:69:8f:5e:30:ce:af:71:79:04:40:46:91:6c:
e1:04:db:f2:75:27:36:53:3d:6d:ca:17:ad:8d:5e:f8:22:1d:
8c:ea:1a:28:cd:28:3a:7a:a3:0a:0c:f1:7c:03:cf:b8:12:9b:
89:d6:b3:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAgbX1GYpmFJt5K3Fu1spdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwNTExMTgwMDQ4WhcNMjUwNTEyMTgwMDQ4WjAzMTEwLwYDVQQD
Eyg0YTg5NDcwZDVkMGUyNGE0NGRkYzljNzdkMzc5ZmYyM2U2NzI2ODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNlIhhwNlV3VjHMaJwCev0hvHbeY
9DRa7vcRi6Gs3fm6xaAazJS5UMzbUlmua32yLoWtfToMbAVct5cVYw7+G2+GK73D
TI3USR93Rm7hxtuj3k88aVNU/VVyL4A/P+9En15VkHA1WS4dUgCUQ/+T47v7abFT
3YWXp1bd3NW7ZVu/TYT8mcitO3NV3NW3PU7Ru9qop7BvlUZ1chEkpOzjDcg4O/c5
gqjhQ9CYLeD4BXFBnIJjXpr2x1rZWN9wKKqMpRcu1P7MOlNJONxaUjLWOfa6wLrn
SsdnflvYpZk/gwCqWCrCFum8PpgFWzrNl9x1JEY3k1p1VZKJgRjY9VGwawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqJRw1dDiSkTdycd9N5/yPmcmgkMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJOp++w35
G8rdDgwOBk6qK4TsXkdZjSZyTSVKBKv5kr6MH8VRaDPCvMwngwj5r9VOZMThGgaC
YyOUJcr5NGIhyKXW51dv0r1KEM+X9Bkugk19LMS/hMqHwjrHTmc/OLeIeANOh7U4
DNCFIwaK2ybveEUh9F4K4J+5ha/1DyiWUfUagPCosEfL7dni2YgWf5KnxoFJV23C
NjoNlaL12XBYjA14JXS2IMSOv4RsnL+yUDyZMskOism6dEhypEw10WE8+0glFWWW
Wq8N4jdpj14wzq9xeQRARpFs4QTb8nUnNlM9bcoXrY1e+CIdjOoaKM0oOnqjCgzx
fAPPuBKbidaz7A==
-----END CERTIFICATE-----
Generated at Mon May 12 03:51:18 2025 by rpki-client