Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
File: PqU6yajcRG-34BE7aLOOlwwZ98w.mft (raw, json)
Hash identifier: EPXaErYLmCEA4irXpx46qAydv5yk3Z5G/1srcxuMXic=
Subject key identifier: A4:77:98:96:1D:90:77:7F:A0:B2:23:6C:27:A1:C7:95:70:EB:1A:B9
Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Certificate serial: 019A53ACB563ACBD17365EE962711B042049
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
Manifest number: 169D
Signing time: Wed 05 Nov 2025 11:00:18 +0000
Manifest this update: Wed 05 Nov 2025 11:00:18 +0000
Manifest next update: Thu 06 Nov 2025 11:00:18 +0000
Files and hashes: 1: PqU6yajcRG-34BE7aLOOlwwZ98w.crl (hash: Av3E7iXAaOsot58i+DtqbE57sPcc+OIKdH/AB8i3nV4=)
2: ZFcvFlhDWryyoXWXMpIDlrIOANM.roa (hash: vf4LDljSHDeogKMO6SAS7Y9xTDtYGGINc31+p97CZuM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 11:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:ac:b5:63:ac:bd:17:36:5e:e9:62:71:1b:04:20:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Validity
Not Before: Nov 5 11:00:18 2025 GMT
Not After : Nov 6 11:00:18 2025 GMT
Subject: CN=a47798961d90777fa0b2236c27a1c79570eb1ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:c3:6c:4d:55:66:4b:2d:7d:55:cc:99:a7:
3b:8b:6d:74:7a:f5:e8:cc:1c:7a:d5:e4:a7:45:19:
be:3b:0a:93:ea:6f:d0:54:8c:47:c0:5f:83:3c:e0:
ba:90:96:d6:3d:6b:c3:16:d2:14:25:f5:ba:a8:67:
7c:6c:ff:c8:52:b2:db:2a:87:e7:7b:49:48:34:1e:
50:71:a8:c3:5e:2e:37:dc:66:3d:d1:63:a6:9b:a5:
5f:95:48:2e:db:bc:ed:8e:9e:c7:41:ab:80:d2:41:
57:4e:c1:e4:5e:e9:fd:10:f8:66:21:94:22:ff:51:
7a:6c:7b:c9:c6:33:42:79:f9:3c:41:ed:38:50:d7:
d3:32:cb:a9:50:2d:f1:a9:69:c6:22:94:cd:8a:f8:
61:bc:2b:89:c5:2f:c9:5c:7d:2a:5b:4f:b3:d3:aa:
6e:b2:2e:80:2a:4c:52:42:8e:ad:28:3e:e1:d7:60:
15:3c:db:d8:bd:dc:a2:e5:4d:1d:5c:83:c2:ee:22:
11:a7:6f:8e:5c:e9:d8:b4:a1:d3:c0:16:0c:9b:cc:
c7:d8:d9:f5:b5:c8:c5:5d:7e:bf:b5:8a:95:b4:20:
fe:8d:fb:d4:c0:96:bc:01:90:dc:74:9a:f0:4f:10:
3e:68:3a:c6:ff:78:e6:18:5f:1e:8e:8b:a9:aa:94:
4d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:77:98:96:1D:90:77:7F:A0:B2:23:6C:27:A1:C7:95:70:EB:1A:B9
X509v3 Authority Key Identifier:
keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:e6:58:17:fa:c1:c8:e8:d4:f6:d9:d3:d4:91:9b:ea:f9:eb:
57:9c:d7:e9:69:4d:72:20:7f:61:ed:6c:2e:4a:67:65:52:a9:
de:2e:15:9b:fe:1d:01:37:7e:06:fe:e7:35:3d:f7:18:ac:f7:
88:38:b8:88:4c:2c:01:aa:d6:38:eb:8b:fa:d2:7d:af:e4:08:
97:01:f8:bd:d4:15:21:91:56:b5:21:d1:63:44:a4:42:46:bc:
41:cd:8d:f0:f8:b5:20:19:00:f3:72:97:e0:1d:12:d6:2c:dd:
a5:11:92:e0:ec:41:5c:e7:31:20:49:f8:fa:7b:79:43:e6:c3:
b8:0e:61:00:de:1b:62:5c:c4:08:eb:24:4b:86:53:71:6c:80:
db:1c:78:1e:10:ae:72:2d:63:09:99:93:49:00:cd:b4:bc:d1:
10:e1:59:1c:c7:32:79:61:f3:34:e5:93:95:c9:e3:5b:72:44:
bf:61:2c:bb:56:3d:4f:29:40:50:f7:63:dd:1d:21:0b:8a:c1:
2c:6b:f9:e0:64:b2:7e:8d:6c:01:78:01:19:5f:cb:80:d1:a5:
e1:a4:4f:bc:1b:81:3a:b9:7a:f4:d5:2c:0d:b0:61:c4:66:13:
ab:7d:92:cb:6f:a0:6b:d8:20:df:c3:cb:bd:9d:56:24:76:47:
8b:e9:72:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTrLVjrL0XNl7pYnEbBCBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTUzYWM5YThkYzQ0NmZiN2UwMTEzYjY4YjM4ZTk3MGMx
OWY3Y2MwHhcNMjUxMTA1MTEwMDE4WhcNMjUxMTA2MTEwMDE4WjAzMTEwLwYDVQQD
EyhhNDc3OTg5NjFkOTA3NzdmYTBiMjIzNmMyN2ExYzc5NTcwZWIxYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4zDbE1VZkstfVXMmac7i210evXo
zBx61eSnRRm+OwqT6m/QVIxHwF+DPOC6kJbWPWvDFtIUJfW6qGd8bP/IUrLbKofn
e0lINB5QcajDXi433GY90WOmm6VflUgu27ztjp7HQauA0kFXTsHkXun9EPhmIZQi
/1F6bHvJxjNCefk8Qe04UNfTMsupUC3xqWnGIpTNivhhvCuJxS/JXH0qW0+z06pu
si6AKkxSQo6tKD7h12AVPNvYvdyi5U0dXIPC7iIRp2+OXOnYtKHTwBYMm8zH2Nn1
tcjFXX6/tYqVtCD+jfvUwJa8AZDcdJrwTxA+aDrG/3jmGF8ejoupqpRNJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKR3mJYdkHd/oLIjbCehx5Vw6xq5MB8GA1UdIwQY
MBaAFD6lOsmo3ERvt+ARO2izjpcMGffMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjct
MzUxYzIxMTkyYzY1LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjctMzUxYzIxMTkyYzY1
LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn+ZYF/rB
yOjU9tnT1JGb6vnrV5zX6WlNciB/Ye1sLkpnZVKp3i4Vm/4dATd+Bv7nNT33GKz3
iDi4iEwsAarWOOuL+tJ9r+QIlwH4vdQVIZFWtSHRY0SkQka8Qc2N8Pi1IBkA83KX
4B0S1izdpRGS4OxBXOcxIEn4+nt5Q+bDuA5hAN4bYlzECOskS4ZTcWyA2xx4HhCu
ci1jCZmTSQDNtLzREOFZHMcyeWHzNOWTlcnjW3JEv2Esu1Y9TylAUPdj3R0hC4rB
LGv54GSyfo1sAXgBGV/LgNGl4aRPvBuBOrl69NUsDbBhxGYTq32Sy2+ga9gg38PL
vZ1WJHZHi+ly9g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:05:04 2025 by rpki-client