Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
File: PnFWq-5roji5BzFd-cVShlrc2ug.mft (raw, json)
Hash identifier: thfMDJKpkP4Is8Yu/32sGX7WCeejhft17Lh0RjlK8i0=
Subject key identifier: AA:2D:3A:F3:4E:C3:56:CA:FC:85:CF:6A:A6:A6:5A:32:FA:E4:E8:C4
Authority key identifier: 3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
Certificate issuer: /CN=3e7156abee6ba238b907315df9c552865adcdae8
Certificate serial: 0197B7EA6282170D743FA1FA4C8714D17D3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
Manifest number: 0827
Signing time: Sat 28 Jun 2025 19:01:20 +0000
Manifest this update: Sat 28 Jun 2025 19:01:20 +0000
Manifest next update: Sun 29 Jun 2025 19:01:20 +0000
Files and hashes: 1: PnFWq-5roji5BzFd-cVShlrc2ug.crl (hash: yYN0Gn3PZ/brO0hgu79m8Ij4EpWvGyMP7RI9fn3PLy4=)
2: QWM4nrBr-pa9JzWD2Zz8wHHbmCU.roa (hash: VKweVNYicugh0mCYY3yIR2LnHnKsWIZPY+G4TQfXJ6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:62:82:17:0d:74:3f:a1:fa:4c:87:14:d1:7d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7156abee6ba238b907315df9c552865adcdae8
Validity
Not Before: Jun 28 19:01:20 2025 GMT
Not After : Jun 29 19:01:20 2025 GMT
Subject: CN=aa2d3af34ec356cafc85cf6aa6a65a32fae4e8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:71:c3:ae:2f:bb:86:12:3a:bd:b5:3e:fb:
8a:d7:5c:6a:c8:ec:99:e3:02:26:42:04:79:61:74:
f9:89:72:05:b9:f5:e1:6a:f3:27:30:88:f0:3b:bf:
6e:6d:9e:8b:a6:99:3a:ef:29:7f:2a:df:d7:d1:aa:
a9:2a:1b:24:3a:6e:30:6a:2d:8f:ca:2b:08:1e:05:
d5:e5:93:ca:1d:22:ea:e5:d3:06:56:7c:b3:4d:e4:
c7:c5:be:18:0c:7a:f0:1f:6f:8b:cc:40:ff:fa:31:
d4:ad:30:37:ac:85:bf:be:1b:3b:13:cd:33:cb:82:
16:93:0a:61:b7:c2:c0:84:15:4d:ec:43:2c:34:ae:
78:83:3f:bd:a8:cf:be:65:52:be:95:b7:30:ed:78:
6a:51:15:eb:93:c5:d2:ad:cb:d3:7b:cf:85:08:6a:
e3:6b:9b:8a:22:f4:57:47:4e:06:05:96:a9:6b:4f:
12:2b:d1:81:c2:5e:26:17:eb:de:48:dc:6e:3d:16:
74:a8:23:9e:90:b0:9f:43:d0:da:82:be:ee:ec:19:
3a:e6:65:be:70:a5:f5:4a:41:8d:bc:8f:82:95:83:
59:07:53:2b:d9:f2:ba:ce:49:32:b5:f0:c0:c1:b1:
ea:ba:d1:67:e5:c4:77:d7:72:c7:6d:6d:34:47:11:
72:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2D:3A:F3:4E:C3:56:CA:FC:85:CF:6A:A6:A6:5A:32:FA:E4:E8:C4
X509v3 Authority Key Identifier:
keyid:3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:1e:31:93:ca:d6:95:41:34:16:ab:8a:c4:ca:bd:02:83:2c:
15:1d:08:10:67:3f:6a:1d:0e:ff:22:56:28:88:7a:3d:6a:ad:
12:6a:36:2c:0f:85:dc:97:4e:fa:ea:52:49:f0:76:9a:95:90:
07:b0:32:3e:8c:54:ed:d4:c0:3a:00:33:81:32:c6:be:25:10:
36:65:63:04:d7:0f:3e:f8:a6:2e:a4:27:0a:4d:36:40:3d:cf:
a0:0b:bd:3c:39:fd:1e:c2:a0:09:8a:ed:74:35:c0:85:36:e5:
79:d9:d6:75:c5:e3:d4:b3:a0:7b:dc:86:f9:56:99:c9:ac:51:
ed:53:38:8b:45:a4:51:76:ae:5e:8c:bb:1a:44:f1:a6:f8:ca:
9f:7e:eb:b4:d3:c3:be:3b:d1:23:f7:fd:9e:1d:f4:c2:cd:94:
e0:48:9f:75:cc:15:65:52:ab:63:13:a6:3c:94:f2:b4:45:de:
ae:53:aa:9f:22:32:40:a9:92:cc:a6:63:a8:0e:77:45:02:7a:
ce:d2:10:ea:8a:ad:c9:43:12:18:4d:96:01:87:af:72:57:c6:
79:61:fc:a8:e1:22:03:64:f3:cd:ec:a7:de:b7:eb:fd:ed:ff:
1e:c3:c4:05:61:eb:05:ad:38:fd:98:b1:5f:39:8d:c0:7c:4a:
38:8a:23:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36mKCFw10P6H6TIcU0X07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzE1NmFiZWU2YmEyMzhiOTA3MzE1ZGY5YzU1Mjg2NWFk
Y2RhZTgwHhcNMjUwNjI4MTkwMTIwWhcNMjUwNjI5MTkwMTIwWjAzMTEwLwYDVQQD
EyhhYTJkM2FmMzRlYzM1NmNhZmM4NWNmNmFhNmE2NWEzMmZhZTRlOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRlxw64vu4YSOr21PvuK11xqyOyZ
4wImQgR5YXT5iXIFufXhavMnMIjwO79ubZ6Lppk67yl/Kt/X0aqpKhskOm4wai2P
yisIHgXV5ZPKHSLq5dMGVnyzTeTHxb4YDHrwH2+LzED/+jHUrTA3rIW/vhs7E80z
y4IWkwpht8LAhBVN7EMsNK54gz+9qM++ZVK+lbcw7XhqURXrk8XSrcvTe8+FCGrj
a5uKIvRXR04GBZapa08SK9GBwl4mF+veSNxuPRZ0qCOekLCfQ9Dagr7u7Bk65mW+
cKX1SkGNvI+ClYNZB1Mr2fK6zkkytfDAwbHqutFn5cR313LHbW00RxFyfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKotOvNOw1bK/IXPaqamWjL65OjEMB8GA1UdIwQY
MBaAFD5xVqvua6I4uQcxXfnFUoZa3NroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3Zjkt
NThmMmQ0NGZmMjgxLzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3ZjktNThmMmQ0NGZmMjgx
LzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMx4xk8rW
lUE0FquKxMq9AoMsFR0IEGc/ah0O/yJWKIh6PWqtEmo2LA+F3JdO+upSSfB2mpWQ
B7AyPoxU7dTAOgAzgTLGviUQNmVjBNcPPvimLqQnCk02QD3PoAu9PDn9HsKgCYrt
dDXAhTblednWdcXj1LOge9yG+VaZyaxR7VM4i0WkUXauXoy7GkTxpvjKn37rtNPD
vjvRI/f9nh30ws2U4EifdcwVZVKrYxOmPJTytEXerlOqnyIyQKmSzKZjqA53RQJ6
ztIQ6oqtyUMSGE2WAYevclfGeWH8qOEiA2Tzzeyn3rfr/e3/HsPEBWHrBa04/Zix
XzmNwHxKOIoj9Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:27:41 2025 by rpki-client