Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
File: pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json)
Hash identifier: db//eVS3Oc7NykeQMfT4Xie/UIKAlPIE/rnvBXYDwA4=
Subject key identifier: 87:DA:46:91:E9:DA:61:9F:31:47:EC:C5:95:55:F6:D2:AF:00:70:12
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial: 019A4EF46AAE5B239DE0F32757D0DCA3254B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
Manifest number: 09E7
Signing time: Tue 04 Nov 2025 13:00:32 +0000
Manifest this update: Tue 04 Nov 2025 13:00:32 +0000
Manifest next update: Wed 05 Nov 2025 13:00:32 +0000
Files and hashes: 1: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: qcAH/gJHhQ2Y4dRl8f7mxEktKqrgdDAzwNWpLnKerls=)
2: rWk5sIUEQt5GM5tD9jvlVGxlmoc.roa (hash: bdSHmybqlxfqe2LDlmT/vhR2hatifsBsFgj+STLVUXQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:6a:ae:5b:23:9d:e0:f3:27:57:d0:dc:a3:25:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
Validity
Not Before: Nov 4 13:00:32 2025 GMT
Not After : Nov 5 13:00:32 2025 GMT
Subject: CN=87da4691e9da619f3147ecc59555f6d2af007012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:23:41:23:ff:6f:f3:45:9f:42:2c:87:ea:ee:
05:1e:f8:1c:d1:2c:47:5f:66:04:7d:cc:4a:4b:81:
54:1d:36:6e:99:3f:34:d2:29:e2:10:ed:3b:45:ca:
8e:5b:8e:f0:ff:aa:68:6e:88:5d:54:80:27:0c:2f:
8e:7e:e8:c2:37:09:3b:8f:e6:ff:c0:8a:08:3d:43:
83:40:e7:bf:08:bc:37:11:19:e8:10:ac:a8:0c:bc:
68:13:32:4b:00:ff:52:2f:de:d0:37:20:c3:1b:86:
cc:7b:a1:3c:24:62:12:18:d9:7a:df:72:2b:43:5d:
9c:44:cc:3e:d9:9f:a3:0d:c9:01:49:36:2b:8a:4e:
10:e0:d6:e1:b1:bd:00:61:96:28:61:e2:7f:c3:21:
1b:70:c5:94:61:66:18:b1:e4:20:b8:f9:c5:f0:33:
d1:b6:98:df:bd:d5:f5:9c:31:34:b6:d4:1a:3e:40:
3f:29:03:00:9a:c7:79:eb:10:99:80:ad:3a:27:32:
06:bc:94:74:ec:4d:a0:3b:09:9f:67:07:e1:dc:81:
c4:c3:b1:32:48:40:5d:c0:0e:3e:28:90:9c:e8:e4:
b6:07:1b:24:c1:71:c3:52:18:21:ea:96:c9:ce:d2:
68:26:42:15:d2:65:f1:e6:3d:97:79:57:f0:c0:38:
89:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DA:46:91:E9:DA:61:9F:31:47:EC:C5:95:55:F6:D2:AF:00:70:12
X509v3 Authority Key Identifier:
keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:84:08:ea:3c:70:b2:7d:fb:c2:9e:4b:a1:00:56:18:59:5d:
a0:0e:bd:3a:c0:d0:90:e7:91:90:10:cd:4e:5d:53:f7:cf:78:
85:f7:ff:d9:4a:67:66:f5:f4:08:01:f7:11:26:82:58:ec:aa:
20:2e:9b:d7:10:e9:6b:fd:0a:3d:33:47:0b:88:11:90:0f:21:
57:90:8a:20:0e:85:c0:40:ac:e6:03:11:8a:b8:4a:fa:01:80:
d0:ce:1d:f1:69:6c:b0:37:de:06:a9:f2:be:a6:64:33:35:16:
cc:17:bb:e5:f5:8a:f4:c1:52:c8:83:d4:af:a7:31:3f:be:ca:
06:99:50:08:7a:8a:e5:96:a2:11:ac:9b:a4:b0:86:a9:c2:d4:
e6:15:19:1a:1d:50:e0:d5:d9:a8:c4:a9:40:40:41:c3:c5:8e:
82:43:72:a2:af:3e:3b:25:29:c8:3a:05:2a:c2:87:05:4c:06:
0c:45:2d:15:4e:07:16:35:d8:7a:a1:74:ca:37:58:4b:7c:4a:
02:ba:64:75:31:40:a9:22:65:a2:ef:f5:18:a2:d2:64:3a:75:
24:d9:fb:2b:9c:b5:ab:7b:2f:f9:41:0f:69:82:e8:8b:51:88:
cb:3b:2e:01:1f:3c:bc:a3:35:c9:04:0c:ca:8b:8b:a3:7f:a5:
43:00:78:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9GquWyOd4PMnV9DcoyVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjUxMTA0MTMwMDMyWhcNMjUxMTA1MTMwMDMyWjAzMTEwLwYDVQQD
Eyg4N2RhNDY5MWU5ZGE2MTlmMzE0N2VjYzU5NTU1ZjZkMmFmMDA3MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSNBI/9v80WfQiyH6u4FHvgc0SxH
X2YEfcxKS4FUHTZumT800iniEO07RcqOW47w/6pobohdVIAnDC+OfujCNwk7j+b/
wIoIPUODQOe/CLw3ERnoEKyoDLxoEzJLAP9SL97QNyDDG4bMe6E8JGISGNl633Ir
Q12cRMw+2Z+jDckBSTYrik4Q4Nbhsb0AYZYoYeJ/wyEbcMWUYWYYseQguPnF8DPR
tpjfvdX1nDE0ttQaPkA/KQMAmsd56xCZgK06JzIGvJR07E2gOwmfZwfh3IHEw7Ey
SEBdwA4+KJCc6OS2BxskwXHDUhgh6pbJztJoJkIV0mXx5j2XeVfwwDiJWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfaRpHp2mGfMUfsxZVV9tKvAHASMB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIQI6jxw
sn37wp5LoQBWGFldoA69OsDQkOeRkBDNTl1T9894hff/2UpnZvX0CAH3ESaCWOyq
IC6b1xDpa/0KPTNHC4gRkA8hV5CKIA6FwECs5gMRirhK+gGA0M4d8WlssDfeBqny
vqZkMzUWzBe75fWK9MFSyIPUr6cxP77KBplQCHqK5ZaiEaybpLCGqcLU5hUZGh1Q
4NXZqMSpQEBBw8WOgkNyoq8+OyUpyDoFKsKHBUwGDEUtFU4HFjXYeqF0yjdYS3xK
ArpkdTFAqSJlou/1GKLSZDp1JNn7K5y1q3sv+UEPaYLoi1GIyzsuAR88vKM1yQQM
youLo3+lQwB4aw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:03 2025 by rpki-client