
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
File: PqU6yajcRG-34BE7aLOOlwwZ98w.mft (raw, json)
Hash identifier: JiTSAw3zI5ELzBYnobQmHp7fSQpmapqsqUMh4252oMM=
Subject key identifier: 68:2C:43:A5:F4:E2:1A:EE:47:53:59:06:75:77:49:76:76:0B:5A:0A
Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Certificate serial: 019A51BE54568F771C3177B7D2D2E1CB404D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
Manifest number: 169C
Signing time: Wed 05 Nov 2025 02:00:19 +0000
Manifest this update: Wed 05 Nov 2025 02:00:19 +0000
Manifest next update: Thu 06 Nov 2025 02:00:19 +0000
Files and hashes: 1: PqU6yajcRG-34BE7aLOOlwwZ98w.crl (hash: fX6NAWkfOSAE7iptfEFB34U6AQi6DimUt4RB/djImKw=)
2: ZFcvFlhDWryyoXWXMpIDlrIOANM.roa (hash: vf4LDljSHDeogKMO6SAS7Y9xTDtYGGINc31+p97CZuM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:be:54:56:8f:77:1c:31:77:b7:d2:d2:e1:cb:40:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Validity
Not Before: Nov 5 02:00:19 2025 GMT
Not After : Nov 6 02:00:19 2025 GMT
Subject: CN=682c43a5f4e21aee4753590675774976760b5a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:1b:3b:7a:45:d5:87:f5:55:15:34:78:5a:
00:94:7a:0d:8c:e5:18:32:93:fe:a1:f3:d4:59:76:
6f:e3:39:d9:6e:76:dd:c2:9d:80:63:4e:26:79:ce:
4d:b1:45:62:f4:3b:ab:16:ea:5c:a7:a5:83:61:f6:
9c:1b:d6:81:90:4f:48:7e:ef:c6:8a:1d:37:ac:b9:
1f:b5:fa:63:4d:df:93:74:b4:56:58:f4:a0:48:80:
23:ba:7d:77:76:17:fe:81:8a:84:b0:82:88:de:33:
e0:04:e2:e7:be:59:b8:d5:a7:37:17:6f:f7:03:9a:
08:20:f3:92:6c:63:91:68:d5:30:d2:8a:98:69:17:
a3:42:41:9e:fc:d7:e6:4c:d2:51:c4:76:34:54:3d:
94:a0:7a:f8:8b:03:71:13:ec:c3:bd:9c:36:1a:31:
ad:ed:4f:b1:f8:97:d3:a2:26:1f:b0:9f:36:d9:48:
7b:58:28:b4:ec:25:79:60:36:f7:4d:d9:63:7e:e1:
e1:f0:e1:1f:f4:cd:b1:09:9f:32:4e:14:23:b6:89:
2d:e4:1f:51:e4:3b:50:ae:e3:69:98:87:2d:c7:78:
db:f7:26:9b:59:36:8d:9d:e2:0f:ee:d9:ed:e9:26:
07:cf:0d:f0:9b:d8:b5:e3:00:0f:b9:51:b7:a2:44:
41:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2C:43:A5:F4:E2:1A:EE:47:53:59:06:75:77:49:76:76:0B:5A:0A
X509v3 Authority Key Identifier:
keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:f2:85:a5:fe:26:02:07:4d:52:0a:c1:7b:a9:42:c1:3f:f2:
4d:ec:83:d8:59:a0:53:12:08:01:45:dc:82:c2:a6:aa:d6:b1:
f5:9e:e6:ff:56:ad:9c:f7:ea:61:e2:9b:76:32:53:94:fd:71:
13:e1:17:48:06:51:7c:60:54:fe:75:f5:05:29:6f:ee:ef:eb:
c3:26:6d:62:38:d4:44:1e:22:45:ae:57:11:42:39:a5:e9:a2:
d7:13:96:23:31:91:0d:55:e4:92:0f:d4:91:53:dc:a8:f3:ac:
99:31:4c:31:5a:c5:9b:03:9c:72:cd:cf:4b:1e:a4:c8:ca:62:
48:9b:23:69:51:f6:5d:80:cb:17:e7:ae:9b:71:38:d1:d5:3e:
39:bf:9c:f0:d4:f9:af:a8:46:63:a6:6e:46:3f:a3:c2:1f:d5:
a3:69:90:78:59:0b:bb:85:81:81:b9:c1:fd:61:39:8f:a5:5e:
75:b0:8d:d3:9c:f5:83:22:53:ad:9b:50:27:bf:07:09:cb:6e:
8b:20:b3:02:39:7a:27:b4:01:bd:4f:0b:f6:18:84:03:3c:21:
6d:47:c8:29:e9:70:13:5b:c8:1f:54:1b:9d:29:d1:9c:ef:e8:
81:19:86:e8:c9:9d:85:4c:83:ae:2c:78:31:26:b1:65:72:92:
c9:82:e4:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvlRWj3ccMXe30tLhy0BNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTUzYWM5YThkYzQ0NmZiN2UwMTEzYjY4YjM4ZTk3MGMx
OWY3Y2MwHhcNMjUxMTA1MDIwMDE5WhcNMjUxMTA2MDIwMDE5WjAzMTEwLwYDVQQD
Eyg2ODJjNDNhNWY0ZTIxYWVlNDc1MzU5MDY3NTc3NDk3Njc2MGI1YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc4bO3pF1Yf1VRU0eFoAlHoNjOUY
MpP+ofPUWXZv4znZbnbdwp2AY04mec5NsUVi9DurFupcp6WDYfacG9aBkE9Ifu/G
ih03rLkftfpjTd+TdLRWWPSgSIAjun13dhf+gYqEsIKI3jPgBOLnvlm41ac3F2/3
A5oIIPOSbGORaNUw0oqYaRejQkGe/NfmTNJRxHY0VD2UoHr4iwNxE+zDvZw2GjGt
7U+x+JfToiYfsJ822Uh7WCi07CV5YDb3TdljfuHh8OEf9M2xCZ8yThQjtokt5B9R
5DtQruNpmIctx3jb9yabWTaNneIP7tnt6SYHzw3wm9i14wAPuVG3okRBuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgsQ6X04hruR1NZBnV3SXZ2C1oKMB8GA1UdIwQY
MBaAFD6lOsmo3ERvt+ARO2izjpcMGffMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjct
MzUxYzIxMTkyYzY1LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjctMzUxYzIxMTkyYzY1
LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmfKFpf4m
AgdNUgrBe6lCwT/yTeyD2FmgUxIIAUXcgsKmqtax9Z7m/1atnPfqYeKbdjJTlP1x
E+EXSAZRfGBU/nX1BSlv7u/rwyZtYjjURB4iRa5XEUI5pemi1xOWIzGRDVXkkg/U
kVPcqPOsmTFMMVrFmwOccs3PSx6kyMpiSJsjaVH2XYDLF+eum3E40dU+Ob+c8NT5
r6hGY6ZuRj+jwh/Vo2mQeFkLu4WBgbnB/WE5j6VedbCN05z1gyJTrZtQJ78HCctu
iyCzAjl6J7QBvU8L9hiEAzwhbUfIKelwE1vIH1QbnSnRnO/ogRmG6MmdhUyDrix4
MSaxZXKSyYLkUA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:51:57 2025 by rpki-client