Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.mft
File: PidqxRoTJAHbTNdB2GalRiKg0Vw.mft (raw, json)
Hash identifier: hU51oO+wdS0r3YvPrSjPk0FXO6daRFOz4PVe2VK2Wrg=
Subject key identifier: 28:41:B6:3E:70:87:D7:E1:0D:47:D5:C4:73:81:57:E4:BC:BE:2A:CA
Authority key identifier: 3E:27:6A:C5:1A:13:24:01:DB:4C:D7:41:D8:66:A5:46:22:A0:D1:5C
Certificate issuer: /CN=3e276ac51a132401db4cd741d866a54622a0d15c
Certificate serial: 019A4DAB0FDEC06D280AFA45B11CBC7BB86B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PidqxRoTJAHbTNdB2GalRiKg0Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.mft
Manifest number: 142F
Signing time: Tue 04 Nov 2025 07:00:47 +0000
Manifest this update: Tue 04 Nov 2025 07:00:47 +0000
Manifest next update: Wed 05 Nov 2025 07:00:47 +0000
Files and hashes: 1: PidqxRoTJAHbTNdB2GalRiKg0Vw.crl (hash: OMFR6TVV+WR2aD5aawkM0f9uuzCH4LzKBtGF7wChZyw=)
2: mmsyAnMHt_dbYyNaAmRzOf1ER00.roa (hash: Z0B0gLnq6WYbQAuekKr8EymO3fzsvhfiIyL1pWQiz74=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PidqxRoTJAHbTNdB2GalRiKg0Vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:ab:0f:de:c0:6d:28:0a:fa:45:b1:1c:bc:7b:b8:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e276ac51a132401db4cd741d866a54622a0d15c
Validity
Not Before: Nov 4 07:00:47 2025 GMT
Not After : Nov 5 07:00:47 2025 GMT
Subject: CN=2841b63e7087d7e10d47d5c4738157e4bcbe2aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b9:f4:c6:92:21:ab:0e:dc:30:6c:7a:e9:f6:
ed:b8:7d:fe:8b:9a:88:18:ac:c5:44:42:e9:02:e1:
a7:d1:db:03:4a:5a:68:e3:ff:40:11:7b:b8:de:a8:
4c:f4:c0:e3:f9:bb:89:b6:ef:8b:b0:ab:bc:5b:f6:
87:87:58:da:e3:40:10:48:17:e0:ff:9d:b1:d9:57:
b2:0d:f2:24:ab:2b:e8:7e:00:6a:00:df:d3:bc:d6:
e2:8f:35:bc:a7:2a:cb:aa:f8:ff:2d:5f:12:6c:09:
8a:0d:11:28:81:b1:e4:34:0e:a3:ba:da:09:76:8e:
b7:4d:ab:47:81:db:7c:0c:49:e0:ca:72:d8:68:54:
56:2f:30:4b:5e:5d:0a:ac:69:c7:1e:6c:e8:98:6f:
ce:04:d9:e9:0a:e5:70:bb:13:ba:db:28:05:7e:f4:
c7:d0:1e:f5:ea:d6:ef:78:65:af:1e:2b:96:f9:cb:
80:98:a5:7d:5f:1b:1f:7e:a7:96:ef:dc:a8:b2:4a:
4e:81:b6:7f:22:3f:eb:8c:9e:75:47:f2:f9:01:59:
4d:33:54:a7:67:bf:89:d5:34:c8:a4:83:1d:76:e3:
51:6f:2c:ac:32:b2:a9:b2:eb:19:3c:67:39:53:f7:
0d:d2:0f:57:f6:fe:21:33:c2:c4:7b:3e:20:f5:55:
6f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:41:B6:3E:70:87:D7:E1:0D:47:D5:C4:73:81:57:E4:BC:BE:2A:CA
X509v3 Authority Key Identifier:
keyid:3E:27:6A:C5:1A:13:24:01:DB:4C:D7:41:D8:66:A5:46:22:A0:D1:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PidqxRoTJAHbTNdB2GalRiKg0Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:69:e6:e4:0a:ac:8c:3a:78:18:31:32:03:45:42:2c:54:97:
91:e1:9c:9c:1f:1f:11:bb:3d:5f:12:cc:a1:8a:01:cd:45:7c:
95:5a:ed:67:3f:24:b9:14:b6:31:38:d9:a9:8e:0a:32:03:1f:
48:ba:10:e2:82:18:d8:8b:43:4a:bb:1d:54:60:90:02:98:51:
c9:bc:90:32:58:30:3b:1b:db:09:24:c2:12:ac:d2:15:19:15:
aa:d6:ae:0b:f2:89:51:a2:08:71:27:0e:c0:64:5e:08:c6:21:
72:46:64:df:84:04:ec:b2:fc:c8:99:60:9d:42:ab:a2:64:4e:
70:c1:ab:10:f9:f8:f1:46:83:ad:2d:b0:2c:51:95:80:ef:e2:
1c:a6:19:34:b9:4c:a3:11:ba:8c:dd:77:ba:72:27:6f:2d:9f:
16:24:cf:a2:f1:7c:d7:b2:a4:e5:99:8d:b5:f5:96:8e:5a:81:
77:0d:6c:a2:7f:e1:95:5e:79:ae:9b:70:03:2e:ed:3b:e2:15:
80:dd:04:c2:cd:13:3b:35:ca:73:b2:a9:0e:3a:e3:dc:9f:35:
9b:16:aa:30:7c:0b:65:05:87:d0:cf:7b:50:fc:59:7d:37:1c:
10:d0:f7:d7:7d:07:9c:be:5a:aa:4f:6f:e7:47:5c:22:bb:37:
2e:2a:b5:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqw/ewG0oCvpFsRy8e7hrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjc2YWM1MWExMzI0MDFkYjRjZDc0MWQ4NjZhNTQ2MjJh
MGQxNWMwHhcNMjUxMTA0MDcwMDQ3WhcNMjUxMTA1MDcwMDQ3WjAzMTEwLwYDVQQD
EygyODQxYjYzZTcwODdkN2UxMGQ0N2Q1YzQ3MzgxNTdlNGJjYmUyYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ln0xpIhqw7cMGx66fbtuH3+i5qI
GKzFRELpAuGn0dsDSlpo4/9AEXu43qhM9MDj+buJtu+LsKu8W/aHh1ja40AQSBfg
/52x2VeyDfIkqyvofgBqAN/TvNbijzW8pyrLqvj/LV8SbAmKDREogbHkNA6jutoJ
do63TatHgdt8DEngynLYaFRWLzBLXl0KrGnHHmzomG/OBNnpCuVwuxO62ygFfvTH
0B716tbveGWvHiuW+cuAmKV9XxsffqeW79yoskpOgbZ/Ij/rjJ51R/L5AVlNM1Sn
Z7+J1TTIpIMdduNRbyysMrKpsusZPGc5U/cN0g9X9v4hM8LEez4g9VVvVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChBtj5wh9fhDUfVxHOBV+S8virKMB8GA1UdIwQY
MBaAFD4nasUaEyQB20zXQdhmpUYioNFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlkcXhSb1RKQUhiVE5kQjJHYWxSaUtnMFZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Y2FjMWUtODMxZC00ZDllLTlhMjIt
MWVlZjExYThkZGRmLzEvUGlkcXhSb1RKQUhiVE5kQjJHYWxSaUtnMFZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Y2FjMWUtODMxZC00ZDllLTlhMjItMWVlZjExYThkZGRm
LzEvUGlkcXhSb1RKQUhiVE5kQjJHYWxSaUtnMFZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2nm5Aqs
jDp4GDEyA0VCLFSXkeGcnB8fEbs9XxLMoYoBzUV8lVrtZz8kuRS2MTjZqY4KMgMf
SLoQ4oIY2ItDSrsdVGCQAphRybyQMlgwOxvbCSTCEqzSFRkVqtauC/KJUaIIcScO
wGReCMYhckZk34QE7LL8yJlgnUKromROcMGrEPn48UaDrS2wLFGVgO/iHKYZNLlM
oxG6jN13unInby2fFiTPovF817Kk5ZmNtfWWjlqBdw1son/hlV55rptwAy7tO+IV
gN0Ews0TOzXKc7KpDjrj3J81mxaqMHwLZQWH0M97UPxZfTccEND3130HnL5aqk9v
50dcIrs3Liq1VA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:47:52 2025 by rpki-client