Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: 22xYAq9BtvZKgS/FhQ5+/t3YcqpUiY7biiv7Ak0CBG0=
Subject key identifier: 59:DD:FB:32:A1:91:EF:F5:82:5A:1D:BB:87:36:C1:06:7E:3C:FC:7C
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 0197B7EAAB19803B5F3570640A22555EB10F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 15B2
Signing time: Sat 28 Jun 2025 19:01:39 +0000
Manifest this update: Sat 28 Jun 2025 19:01:39 +0000
Manifest next update: Sun 29 Jun 2025 19:01:39 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: yGyaHvbhboRTi233QYhiNJsQJUvNNkTIcFWCVkbq52I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:ea:ab:19:80:3b:5f:35:70:64:0a:22:55:5e:b1:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Jun 28 19:01:39 2025 GMT
Not After : Jun 29 19:01:39 2025 GMT
Subject: CN=59ddfb32a191eff5825a1dbb8736c1067e3cfc7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:d9:ee:16:07:d4:00:f2:ec:d9:7f:63:a2:
35:de:10:67:99:9d:c3:04:28:aa:e3:4d:2d:92:86:
53:c7:95:32:7a:69:8d:19:70:2e:b7:ca:84:ca:73:
dd:df:4c:e7:fd:ad:c8:f7:92:69:8c:0e:2f:7c:7d:
c1:39:d4:b0:a2:fe:d9:dd:3e:15:1e:01:7e:81:8d:
ff:d3:54:1b:98:f2:90:91:7c:bb:c0:1d:d4:9f:5e:
e2:a7:a4:7c:a7:c8:17:44:2c:ba:9b:79:07:2d:9d:
f4:fd:74:80:a5:10:da:c8:ab:3c:7b:b6:92:21:f9:
be:c6:9b:3c:16:f2:36:c7:c9:d1:4b:0a:22:5c:12:
3f:e4:f1:a3:31:d1:47:e5:df:85:45:c9:f6:80:a9:
83:ba:d6:7d:52:74:2f:1d:14:45:c7:5a:c6:f9:ae:
9f:0b:b2:88:39:61:55:58:41:09:50:45:1d:be:03:
b3:eb:9a:a1:91:23:8e:56:0b:b6:e4:e6:71:9d:0b:
96:38:ec:c9:d1:65:ec:2a:27:2f:0c:b6:c1:5b:3a:
1b:6d:4b:1b:f2:4e:f1:15:bd:1d:ef:45:d2:b5:3f:
bc:f0:4a:d6:7f:80:3a:30:f4:21:30:9c:f6:0a:73:
8d:2b:c3:64:58:2a:88:48:8d:50:1d:26:0d:87:a9:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DD:FB:32:A1:91:EF:F5:82:5A:1D:BB:87:36:C1:06:7E:3C:FC:7C
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:24:e8:a2:6d:b0:61:c3:3d:85:a4:97:51:af:c1:da:cd:ef:
c9:6f:ea:5e:99:1e:76:4d:2f:ea:76:f5:19:9c:a3:1f:76:a7:
55:e0:a1:0e:3c:52:64:9e:c5:db:4b:f6:f2:c6:58:13:d7:80:
16:72:1e:d1:ba:85:32:49:6b:e1:3a:2a:ea:84:5e:1d:37:19:
04:3f:45:f6:dd:8f:af:ad:b3:55:cd:c5:d6:23:75:18:d8:77:
ae:16:0e:f8:9c:64:90:8b:75:ca:c9:da:8b:2f:88:28:9d:e5:
1b:91:2e:a1:5f:ab:93:9a:f0:95:32:80:5e:cb:b2:c5:b0:99:
00:6d:a8:91:1c:9a:32:ca:9c:4e:02:d1:d3:0a:01:a8:0d:5c:
09:1c:31:93:07:d7:84:ec:e6:f8:e8:97:a8:4c:2e:1c:1c:75:
4b:66:96:18:56:e7:fb:f8:28:27:3c:f3:66:35:b5:0f:28:0c:
6f:5a:eb:5a:d1:32:e5:90:88:4f:88:eb:92:eb:b9:ea:7e:c2:
23:1e:a1:bf:95:79:af:15:b7:be:5e:98:ec:1d:3c:96:f7:48:
cb:12:0e:a2:85:72:41:97:16:60:75:6d:bf:6c:fe:93:11:b3:
35:f5:da:66:68:20:42:69:04:56:ca:ee:4f:62:71:84:f2:d7:
c8:78:2d:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36qsZgDtfNXBkCiJVXrEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUwNjI4MTkwMTM5WhcNMjUwNjI5MTkwMTM5WjAzMTEwLwYDVQQD
Eyg1OWRkZmIzMmExOTFlZmY1ODI1YTFkYmI4NzM2YzEwNjdlM2NmYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskrZ7hYH1ADy7Nl/Y6I13hBnmZ3D
BCiq400tkoZTx5UyemmNGXAut8qEynPd30zn/a3I95JpjA4vfH3BOdSwov7Z3T4V
HgF+gY3/01QbmPKQkXy7wB3Un17ip6R8p8gXRCy6m3kHLZ30/XSApRDayKs8e7aS
Ifm+xps8FvI2x8nRSwoiXBI/5PGjMdFH5d+FRcn2gKmDutZ9UnQvHRRFx1rG+a6f
C7KIOWFVWEEJUEUdvgOz65qhkSOOVgu25OZxnQuWOOzJ0WXsKicvDLbBWzobbUsb
8k7xFb0d70XStT+88ErWf4A6MPQhMJz2CnONK8NkWCqISI1QHSYNh6mSLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnd+zKhke/1glodu4c2wQZ+PPx8MB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACSToom2w
YcM9haSXUa/B2s3vyW/qXpkedk0v6nb1GZyjH3anVeChDjxSZJ7F20v28sZYE9eA
FnIe0bqFMklr4Toq6oReHTcZBD9F9t2Pr62zVc3F1iN1GNh3rhYO+JxkkIt1ysna
iy+IKJ3lG5EuoV+rk5rwlTKAXsuyxbCZAG2okRyaMsqcTgLR0woBqA1cCRwxkwfX
hOzm+OiXqEwuHBx1S2aWGFbn+/goJzzzZjW1DygMb1rrWtEy5ZCIT4jrkuu56n7C
Ix6hv5V5rxW3vl6Y7B08lvdIyxIOooVyQZcWYHVtv2z+kxGzNfXaZmggQmkEVsru
T2JxhPLXyHgtjw==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:02:48 2025 by rpki-client