Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
File: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft (raw, json)
Hash identifier: 5Rj6+2jbuFvVWmvZHSx+OXaoWOOkE77Op0h0bGD2izE=
Subject key identifier: C5:F2:1E:8D:DD:BE:68:CB:ED:E7:20:44:34:22:F4:19:2D:C8:31:7D
Authority key identifier: 3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73
Certificate issuer: /CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
Certificate serial: 019A4E86B0276DDBD531BC0B6842677EAB79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
Manifest number: 09D4
Signing time: Tue 04 Nov 2025 11:00:40 +0000
Manifest this update: Tue 04 Nov 2025 11:00:40 +0000
Manifest next update: Wed 05 Nov 2025 11:00:40 +0000
Files and hashes: 1: JD1ZF1XWLuEfY_xZK_HiSB-W5Sc.roa (hash: tU/SgRvLeOcLILG1M49HHg6nzxCmwlwyRSULttNgB8k=)
2: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl (hash: +F45shBjCVnyQn+0ZaLe1oNbiNVix4iN3xcvthG8I/k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:b0:27:6d:db:d5:31:bc:0b:68:42:67:7e:ab:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
Validity
Not Before: Nov 4 11:00:40 2025 GMT
Not After : Nov 5 11:00:40 2025 GMT
Subject: CN=c5f21e8dddbe68cbede720443422f4192dc8317d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:47:f7:0a:62:30:74:10:01:4d:1d:b3:ef:cf:
2f:ec:e1:ec:50:26:81:33:17:e9:15:ff:0d:ff:57:
f9:67:e6:44:85:72:73:a0:a3:25:7b:da:1f:01:58:
e8:25:df:c4:0d:b3:6a:f0:11:87:6d:71:58:55:3c:
20:bf:3e:40:d6:b6:76:c6:33:31:43:16:1f:ea:06:
3e:f2:02:10:a7:9d:d8:5a:f5:fd:74:89:d5:aa:05:
6f:1c:6e:31:9c:16:66:3c:ec:0d:af:87:6e:39:b6:
bf:bb:12:5c:e1:b8:55:8c:f3:6d:ab:7e:cf:5c:f1:
e6:39:fd:f6:03:68:02:2c:c2:c3:d1:8c:8b:4c:d4:
20:67:56:7e:21:d7:80:0f:74:fe:37:fc:d6:c3:86:
26:9b:66:28:73:72:c3:21:99:86:af:dd:6b:fd:c6:
f0:c3:a9:10:98:73:59:4c:84:bc:d2:68:c0:59:17:
26:47:39:f3:9f:cc:9d:6c:bf:d8:a3:26:0c:19:a3:
cc:61:e8:fe:bb:83:9f:56:65:7f:25:5c:dd:a5:de:
05:8f:39:bf:55:a7:34:52:58:8e:c9:b0:fd:35:1a:
06:8d:8a:1e:9d:a9:a6:2e:15:1e:82:95:c5:c6:0f:
cd:ea:eb:a9:db:ca:3b:40:2e:39:8b:2a:3d:f0:03:
d8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F2:1E:8D:DD:BE:68:CB:ED:E7:20:44:34:22:F4:19:2D:C8:31:7D
X509v3 Authority Key Identifier:
keyid:3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:04:9b:bf:fa:64:96:a4:dd:36:ca:86:a8:13:17:7a:5e:7d:
f2:f5:2f:48:e2:8d:e1:26:da:09:23:fd:29:f1:3f:a9:b8:c4:
7f:2d:c7:fb:eb:0e:a5:cc:a7:70:20:89:42:13:1c:b9:ab:0a:
19:84:a8:9a:97:3b:e1:0a:16:b8:e7:b1:b7:ea:a4:f4:d5:f6:
5d:08:1f:f6:97:f1:49:f7:c8:c6:bf:b6:b1:10:7a:98:39:f8:
f0:f1:45:74:65:3a:81:32:28:b2:bc:b0:53:1a:e3:d4:4f:1d:
1b:c7:70:83:fc:c6:dd:54:37:d7:8a:9a:86:1a:40:a0:b2:6e:
26:65:d2:4f:f4:68:17:e1:7e:ea:48:3b:16:21:ad:3c:31:a9:
80:37:ff:7a:11:25:49:7b:4d:c4:24:d3:89:b0:e6:e4:f3:4a:
04:a7:01:9c:87:80:d7:3a:d1:c0:c3:1f:7b:cb:6d:24:68:bf:
b2:f5:7b:0c:29:7a:43:dd:ec:e2:04:d2:c3:ba:1e:a5:26:d1:
21:1e:34:52:73:30:26:cb:87:12:82:47:58:6f:e3:be:52:0b:
00:08:cb:1a:19:88:ea:ed:ce:7e:6d:31:79:ae:e0:5e:0f:c1:
61:47:0d:f7:f8:d0:35:3b:b7:18:11:cd:5f:f7:93:83:e0:d7:
82:86:38:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhrAnbdvVMbwLaEJnfqt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODk3YmQ4YzZkZjFjYjcxNDEwZmUxOTRiZWQ3MzlhMmY4
YTY3NzMwHhcNMjUxMTA0MTEwMDQwWhcNMjUxMTA1MTEwMDQwWjAzMTEwLwYDVQQD
EyhjNWYyMWU4ZGRkYmU2OGNiZWRlNzIwNDQzNDIyZjQxOTJkYzgzMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUf3CmIwdBABTR2z788v7OHsUCaB
MxfpFf8N/1f5Z+ZEhXJzoKMle9ofAVjoJd/EDbNq8BGHbXFYVTwgvz5A1rZ2xjMx
QxYf6gY+8gIQp53YWvX9dInVqgVvHG4xnBZmPOwNr4duOba/uxJc4bhVjPNtq37P
XPHmOf32A2gCLMLD0YyLTNQgZ1Z+IdeAD3T+N/zWw4Ymm2Yoc3LDIZmGr91r/cbw
w6kQmHNZTIS80mjAWRcmRznzn8ydbL/YoyYMGaPMYej+u4OfVmV/JVzdpd4Fjzm/
Vac0UliOybD9NRoGjYoenammLhUegpXFxg/N6uup28o7QC45iyo98APYuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXyHo3dvmjL7ecgRDQi9BktyDF9MB8GA1UdIwQY
MBaAFD2Je9jG3xy3FBD+GUvtc5ovimdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzkt
ZjlmOTIxNTBjZDM5LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzktZjlmOTIxNTBjZDM5
LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWASbv/pk
lqTdNsqGqBMXel598vUvSOKN4SbaCSP9KfE/qbjEfy3H++sOpcyncCCJQhMcuasK
GYSompc74QoWuOext+qk9NX2XQgf9pfxSffIxr+2sRB6mDn48PFFdGU6gTIosryw
Uxrj1E8dG8dwg/zG3VQ314qahhpAoLJuJmXST/RoF+F+6kg7FiGtPDGpgDf/ehEl
SXtNxCTTibDm5PNKBKcBnIeA1zrRwMMfe8ttJGi/svV7DCl6Q93s4gTSw7oepSbR
IR40UnMwJsuHEoJHWG/jvlILAAjLGhmI6u3Ofm0xea7gXg/BYUcN9/jQNTu3GBHN
X/eTg+DXgoY4OQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:48:23 2025 by rpki-client