Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: HUASyDBPR9GxfiY8JmUiRdIngnGGEAwwDHbmCpb3zHQ=
Subject key identifier: BB:85:0D:F9:03:C9:B3:BC:55:3F:95:FF:F0:0E:AE:D1:C6:FD:9B:5A
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 0197B7B34AF51F15896CD6417F162E2D7EAE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 15B5
Signing time: Sat 28 Jun 2025 18:01:09 +0000
Manifest this update: Sat 28 Jun 2025 18:01:09 +0000
Manifest next update: Sun 29 Jun 2025 18:01:09 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: Dlm4FCFPtC0Feqmo3ZLw+pje7vXHgI0fgVrUApVMmIA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:4a:f5:1f:15:89:6c:d6:41:7f:16:2e:2d:7e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Jun 28 18:01:09 2025 GMT
Not After : Jun 29 18:01:09 2025 GMT
Subject: CN=bb850df903c9b3bc553f95fff00eaed1c6fd9b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:40:5e:21:4c:4f:34:7d:a4:a0:1e:af:3e:95:
fe:07:3a:68:5e:9a:1d:a7:4e:e3:a3:2a:b0:7c:e1:
c1:d9:1b:29:2a:ae:ad:c0:44:a4:52:ad:56:12:e1:
00:cc:cf:9b:6a:64:84:17:3a:eb:a4:14:e3:87:63:
1f:b9:7c:41:20:99:67:e2:f5:1c:f1:86:23:55:c3:
95:df:dc:42:11:62:4b:9a:6e:10:b7:e0:1b:9a:7f:
f0:ea:6b:04:aa:b2:9a:78:50:29:fe:32:d5:ae:3a:
2a:11:9f:b1:2c:36:60:a5:c9:fe:cc:db:6a:62:aa:
98:aa:de:50:47:ab:b2:8c:67:d9:36:6e:10:8b:6b:
fc:1e:45:1a:d6:d8:cd:e9:7b:2d:30:b9:1d:1a:e3:
36:16:c0:41:03:e0:5a:8e:1f:38:49:e1:13:6d:18:
79:db:43:33:09:b9:a4:f9:2c:42:39:33:0b:20:fa:
5d:65:11:72:1f:db:02:aa:24:81:f5:30:02:4c:04:
03:f1:92:99:45:5e:ca:64:63:a8:dd:f2:40:7b:9d:
9d:44:d1:30:b4:2b:dc:7b:87:91:68:2e:49:be:00:
60:7a:6f:c6:e2:6d:f2:d6:c2:00:a2:8b:d3:34:65:
f2:97:54:9f:ec:00:a3:8a:08:2a:37:8d:16:68:97:
6e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:85:0D:F9:03:C9:B3:BC:55:3F:95:FF:F0:0E:AE:D1:C6:FD:9B:5A
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:c3:87:ca:26:f1:e0:f8:29:5c:ee:17:1b:86:ac:ca:dc:f0:
27:ee:02:ab:a4:e1:ca:d7:ce:1f:84:d4:52:f1:5e:85:54:ca:
22:9a:10:4e:bf:43:c4:e2:7e:a3:83:b2:19:7d:b4:a6:aa:c0:
e2:be:f4:d7:47:5f:ee:23:2a:08:20:33:3d:d9:b4:1f:9a:66:
6f:71:cb:54:6f:69:1b:44:02:fd:17:34:4e:70:ca:d1:87:98:
4b:66:3a:52:18:bd:a0:a1:c4:61:7b:39:16:18:88:a6:2f:52:
d2:c7:a3:81:92:98:72:66:2e:1a:c9:15:f1:bf:5c:d3:f5:88:
ad:63:db:0a:0b:6e:04:86:3c:ce:42:ea:4d:b9:48:c5:1a:c2:
2b:16:61:72:b2:33:7d:b0:84:09:ed:86:0d:33:4b:d4:d3:51:
55:4a:6e:fd:10:26:7f:f9:e9:00:07:3d:05:6c:35:39:45:fc:
ec:e7:73:c4:d3:04:1f:3d:e2:c5:5a:f0:74:24:f4:2e:89:f2:
c7:dd:be:1b:7d:13:dd:74:82:d0:80:2b:3b:93:24:32:59:a7:
ee:2b:c4:4f:b6:23:dc:6f:19:a3:7d:e3:b8:d1:ad:eb:de:75:
11:8f:23:26:5d:dd:16:3e:7b:27:30:e8:e8:43:8e:ca:bc:de:
ff:6e:c7:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s0r1HxWJbNZBfxYuLX6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwNjI4MTgwMTA5WhcNMjUwNjI5MTgwMTA5WjAzMTEwLwYDVQQD
EyhiYjg1MGRmOTAzYzliM2JjNTUzZjk1ZmZmMDBlYWVkMWM2ZmQ5YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEBeIUxPNH2koB6vPpX+BzpoXpod
p07joyqwfOHB2RspKq6twESkUq1WEuEAzM+bamSEFzrrpBTjh2MfuXxBIJln4vUc
8YYjVcOV39xCEWJLmm4Qt+Abmn/w6msEqrKaeFAp/jLVrjoqEZ+xLDZgpcn+zNtq
YqqYqt5QR6uyjGfZNm4Qi2v8HkUa1tjN6XstMLkdGuM2FsBBA+Bajh84SeETbRh5
20MzCbmk+SxCOTMLIPpdZRFyH9sCqiSB9TACTAQD8ZKZRV7KZGOo3fJAe52dRNEw
tCvce4eRaC5JvgBgem/G4m3y1sIAoovTNGXyl1Sf7ACjiggqN40WaJduwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuFDfkDybO8VT+V//AOrtHG/ZtaMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHcOHyibx
4PgpXO4XG4asytzwJ+4Cq6ThytfOH4TUUvFehVTKIpoQTr9DxOJ+o4OyGX20pqrA
4r7010df7iMqCCAzPdm0H5pmb3HLVG9pG0QC/Rc0TnDK0YeYS2Y6Uhi9oKHEYXs5
FhiIpi9S0sejgZKYcmYuGskV8b9c0/WIrWPbCgtuBIY8zkLqTblIxRrCKxZhcrIz
fbCECe2GDTNL1NNRVUpu/RAmf/npAAc9BWw1OUX87OdzxNMEHz3ixVrwdCT0Lony
x92+G30T3XSC0IArO5MkMlmn7ivET7Yj3G8Zo33juNGt6951EY8jJl3dFj57JzDo
6EOOyrze/27HJg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:16:41 2025 by rpki-client