Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
File: PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft (raw, json)
Hash identifier: tFZEOPW4u0q74TKiz/9UxjyRdffr4kXH2cpRZxDW0+Q=
Subject key identifier: DB:16:D8:34:F8:78:C8:D9:6A:47:18:2A:35:EF:7F:DB:4D:34:62:20
Authority key identifier: 3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
Certificate issuer: /CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Certificate serial: 0197B70EDDBD8CC068240A45A03D62C8BD12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
Manifest number: 15B5
Signing time: Sat 28 Jun 2025 15:01:34 +0000
Manifest this update: Sat 28 Jun 2025 15:01:34 +0000
Manifest next update: Sun 29 Jun 2025 15:01:34 +0000
Files and hashes: 1: 2AYUWvm8F1To8URav6-hliMLNGM.roa (hash: xtydpTSnQLnPEEmzIm3eQJgTUjiDutczP4OZlZO4Bow=)
2: PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl (hash: MEDR9h1Z7/yaPHozUxvNFUXoM0MxcfkOoxiDmAqUCVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:0e:dd:bd:8c:c0:68:24:0a:45:a0:3d:62:c8:bd:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Validity
Not Before: Jun 28 15:01:34 2025 GMT
Not After : Jun 29 15:01:34 2025 GMT
Subject: CN=db16d834f878c8d96a47182a35ef7fdb4d346220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:64:a5:7e:f5:b9:83:d7:b6:a1:2c:04:a9:
b3:7b:45:f6:6f:97:38:f8:75:f8:66:af:2b:df:93:
42:ce:b0:f1:43:ea:3d:1a:e0:33:11:83:9a:26:fc:
6b:9a:c4:7a:14:c4:99:59:1e:25:e5:69:59:94:e6:
97:1c:32:5e:b8:c1:44:dc:c7:c1:83:02:1f:15:7c:
f8:62:18:52:fa:8c:9d:b1:2d:8a:90:b4:98:eb:72:
33:0d:2b:e8:72:f7:d9:84:1e:93:a5:f3:f5:01:c7:
f1:48:a9:c7:0e:90:32:c8:8f:73:6c:60:29:1b:7c:
25:39:c5:4f:0a:01:68:78:7d:a1:23:e6:3d:4a:15:
8d:78:8d:2c:72:06:1f:78:36:cd:8a:39:7a:f8:cd:
50:fd:b9:d0:a4:5b:f2:b7:8c:44:6c:9c:1b:38:de:
d1:49:9c:98:95:97:f8:29:2c:19:fc:da:df:93:1d:
d6:05:20:c0:77:95:ec:36:aa:31:c6:31:5f:5f:77:
1d:ec:24:92:03:43:0f:39:81:d3:b1:df:91:22:6e:
95:5c:ae:5a:0b:86:a9:25:65:35:9a:73:fc:f4:b1:
e1:b5:9c:b7:45:9a:57:07:cb:90:c8:5e:45:a7:ca:
3d:80:d6:d2:18:7c:dc:8a:f8:7b:0c:37:de:2f:be:
df:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:16:D8:34:F8:78:C8:D9:6A:47:18:2A:35:EF:7F:DB:4D:34:62:20
X509v3 Authority Key Identifier:
keyid:3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:d9:85:24:e1:da:4f:78:ca:6b:ce:f0:b7:95:29:b6:cc:67:
8e:ac:62:4d:81:f6:00:d1:dc:36:1b:5c:b5:cb:c0:a2:a0:5e:
a1:e1:11:8e:72:34:70:e8:be:3a:ee:33:05:da:72:20:47:7c:
9c:a3:1d:aa:24:bd:96:37:a3:c1:ef:f1:ab:46:29:22:73:0e:
31:53:45:f5:35:03:56:72:30:35:c3:c2:2d:91:11:14:48:17:
37:cd:52:2e:aa:72:00:51:53:b5:d1:55:19:7b:23:56:77:b3:
7b:96:a1:a1:50:62:ae:59:56:69:61:8a:99:af:a1:3b:a7:5a:
c2:e1:b3:0d:bc:0f:cf:46:9e:12:ce:3b:2c:dc:75:60:42:83:
e2:10:29:27:68:a3:1c:60:35:60:9c:43:3c:fe:39:6c:22:97:
fe:15:55:cb:ce:9d:ae:38:d8:ab:49:73:c4:2e:59:3d:53:a1:
5a:00:79:16:0f:58:73:fc:ef:9e:dd:05:8e:95:e1:f2:cd:96:
7c:de:0c:4d:cd:50:23:73:bd:55:38:fd:7f:05:b3:96:3d:dc:
75:ba:5f:03:97:f2:12:8e:04:73:8a:4e:5c:ad:7e:55:47:9a:
48:7c:bb:63:85:97:30:ee:ff:c0:c5:05:87:d5:2e:ee:c2:f1:
60:39:c7:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dt29jMBoJApFoD1iyL0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzBmMWY2NTYzZGU0M2ExMWQzNjQ0OTc1NjY3YzFjMjhl
Nzk1OWUwHhcNMjUwNjI4MTUwMTM0WhcNMjUwNjI5MTUwMTM0WjAzMTEwLwYDVQQD
EyhkYjE2ZDgzNGY4NzhjOGQ5NmE0NzE4MmEzNWVmN2ZkYjRkMzQ2MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb1kpX71uYPXtqEsBKmze0X2b5c4
+HX4Zq8r35NCzrDxQ+o9GuAzEYOaJvxrmsR6FMSZWR4l5WlZlOaXHDJeuMFE3MfB
gwIfFXz4YhhS+oydsS2KkLSY63IzDSvocvfZhB6TpfP1AcfxSKnHDpAyyI9zbGAp
G3wlOcVPCgFoeH2hI+Y9ShWNeI0scgYfeDbNijl6+M1Q/bnQpFvyt4xEbJwbON7R
SZyYlZf4KSwZ/Nrfkx3WBSDAd5XsNqoxxjFfX3cd7CSSA0MPOYHTsd+RIm6VXK5a
C4apJWU1mnP89LHhtZy3RZpXB8uQyF5Fp8o9gNbSGHzcivh7DDfeL77fLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsW2DT4eMjZakcYKjXvf9tNNGIgMB8GA1UdIwQY
MBaAFD1w8fZWPeQ6EdNkSXVmfBwo55WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQt
OGQzMjIyMDcxNWVlLzEvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82YzA3NWUtNjI2My00ZmYzLWEyNmQtOGQzMjIyMDcxNWVl
LzEvUFhEeDlsWTk1RG9SMDJSSmRXWjhIQ2pubFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKtmFJOHa
T3jKa87wt5UptsxnjqxiTYH2ANHcNhtctcvAoqBeoeERjnI0cOi+Ou4zBdpyIEd8
nKMdqiS9ljejwe/xq0YpInMOMVNF9TUDVnIwNcPCLZERFEgXN81SLqpyAFFTtdFV
GXsjVneze5ahoVBirllWaWGKma+hO6dawuGzDbwPz0aeEs47LNx1YEKD4hApJ2ij
HGA1YJxDPP45bCKX/hVVy86drjjYq0lzxC5ZPVOhWgB5Fg9Yc/zvnt0FjpXh8s2W
fN4MTc1QI3O9VTj9fwWzlj3cdbpfA5fyEo4Ec4pOXK1+VUeaSHy7Y4WXMO7/wMUF
h9Uu7sLxYDnHaw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 22:58:01 2025 by rpki-client