Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft
File: PI_isZvT639wpO7atha1MlABFSA.mft (raw, json)
Hash identifier: +nvHAxrSiFbDd8XR9glrgbxLojuU7k2yaMPNADILJOw=
Subject key identifier: B6:98:C2:2E:68:29:75:4A:16:63:6A:41:0D:DB:A8:55:AA:39:4A:B9
Authority key identifier: 3C:8F:E2:B1:9B:D3:EB:7F:70:A4:EE:DA:B6:16:B5:32:50:01:15:20
Certificate issuer: /CN=3c8fe2b19bd3eb7f70a4eedab616b53250011520
Certificate serial: 019A4DE15C9E42869F4FE0432F1C619E7D49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft
Manifest number: 03DF
Signing time: Tue 04 Nov 2025 08:00:05 +0000
Manifest this update: Tue 04 Nov 2025 08:00:05 +0000
Manifest next update: Wed 05 Nov 2025 08:00:05 +0000
Files and hashes: 1: PI_isZvT639wpO7atha1MlABFSA.crl (hash: 7VG1N0raDFl3r2JLnSd7buAvDYP9DYIf6UHl49RqcfU=)
2: iTxg6a45pQs6yguLKNzKJpXtu1I.roa (hash: IbbuNrBXDC3r/NQaAU8s873gXp019KR8EegJpijUcwo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:5c:9e:42:86:9f:4f:e0:43:2f:1c:61:9e:7d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c8fe2b19bd3eb7f70a4eedab616b53250011520
Validity
Not Before: Nov 4 08:00:05 2025 GMT
Not After : Nov 5 08:00:05 2025 GMT
Subject: CN=b698c22e6829754a16636a410ddba855aa394ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7b:d6:36:eb:f9:e7:c1:3d:a2:da:14:65:f1:
a2:6e:96:ce:80:1f:55:ad:da:18:f4:ab:b7:50:9c:
16:f8:25:92:20:6c:ec:0e:8b:57:fa:07:42:fe:b8:
63:0c:5e:89:98:7a:bd:35:1f:0a:36:c2:ca:97:e6:
b1:8c:f9:0f:8a:ea:c7:56:ca:0f:15:a0:ed:d1:4c:
ef:9a:25:a2:ac:46:dd:6a:8a:35:30:5f:b3:3e:40:
43:03:d5:a5:17:3f:36:55:2d:d6:62:0f:f4:2f:50:
c7:a4:82:91:af:ed:bd:09:f9:a2:d2:30:83:0c:88:
48:4b:04:cd:f1:2f:37:cd:fd:8d:a9:28:f7:bb:78:
21:92:13:ce:0c:1e:fe:32:d2:c8:7c:2e:f2:04:c8:
42:c0:61:c4:36:09:93:db:da:d8:25:63:25:11:ec:
b1:cb:93:04:12:cd:a9:9b:d3:50:31:d6:4d:84:a5:
99:32:7a:b3:cc:c7:a9:69:34:68:15:84:1e:5c:3d:
67:b0:08:3c:ad:d1:36:33:7d:8a:6f:53:ca:c8:1c:
f0:4d:83:4f:82:38:d3:cd:b6:18:75:2f:9a:66:56:
d5:0c:ad:cc:4f:ac:bb:89:76:99:7c:d8:5a:60:dc:
2b:e4:5f:cb:80:a3:a9:26:fe:ee:8e:0a:ff:16:6e:
c8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:98:C2:2E:68:29:75:4A:16:63:6A:41:0D:DB:A8:55:AA:39:4A:B9
X509v3 Authority Key Identifier:
keyid:3C:8F:E2:B1:9B:D3:EB:7F:70:A4:EE:DA:B6:16:B5:32:50:01:15:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:ed:49:8b:ca:ed:6b:6c:4d:da:fb:1e:5f:f9:96:5c:c3:4f:
35:bb:df:13:fe:cb:4b:7e:2b:41:d6:bb:bc:ed:52:e3:0c:b0:
d0:64:ab:94:23:da:6d:c0:83:68:3c:8c:3a:5b:6b:0a:11:d7:
a9:82:10:1a:3a:69:ae:27:56:6a:b9:c8:53:ca:9d:e2:37:cf:
a5:70:c9:6f:c2:70:9c:17:15:7e:36:81:ce:ec:71:d2:37:79:
89:db:69:e6:e4:50:d8:d3:0d:72:23:e0:81:35:15:9a:4b:9c:
51:f8:b3:35:2e:4a:2d:ff:03:22:fa:0d:6d:23:39:dd:67:eb:
6a:43:8f:c1:8c:ea:d8:d1:53:37:17:32:02:83:56:9e:2e:66:
97:6c:e0:0d:2c:d0:f3:c3:ec:72:da:e8:46:cf:0f:b0:cf:49:
28:ab:9a:d7:02:ca:60:42:d9:b0:fa:76:91:97:c1:6d:f9:94:
2f:3d:21:08:9b:10:98:19:7b:ae:0c:80:92:8d:c1:87:31:66:
b9:29:e1:33:d6:67:1f:f3:bf:03:f0:ce:94:59:40:ef:b6:9b:
aa:9d:85:5d:e0:92:74:1c:e0:70:41:49:65:16:18:d8:7d:01:
6f:7a:f5:3b:79:94:53:03:fb:98:b4:a3:0a:9b:34:24:f5:47:
cc:7b:af:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4VyeQoafT+BDLxxhnn1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGZlMmIxOWJkM2ViN2Y3MGE0ZWVkYWI2MTZiNTMyNTAw
MTE1MjAwHhcNMjUxMTA0MDgwMDA1WhcNMjUxMTA1MDgwMDA1WjAzMTEwLwYDVQQD
EyhiNjk4YzIyZTY4Mjk3NTRhMTY2MzZhNDEwZGRiYTg1NWFhMzk0YWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHvWNuv558E9otoUZfGibpbOgB9V
rdoY9Ku3UJwW+CWSIGzsDotX+gdC/rhjDF6JmHq9NR8KNsLKl+axjPkPiurHVsoP
FaDt0UzvmiWirEbdaoo1MF+zPkBDA9WlFz82VS3WYg/0L1DHpIKRr+29Cfmi0jCD
DIhISwTN8S83zf2NqSj3u3ghkhPODB7+MtLIfC7yBMhCwGHENgmT29rYJWMlEeyx
y5MEEs2pm9NQMdZNhKWZMnqzzMepaTRoFYQeXD1nsAg8rdE2M32Kb1PKyBzwTYNP
gjjTzbYYdS+aZlbVDK3MT6y7iXaZfNhaYNwr5F/LgKOpJv7ujgr/Fm7I1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaYwi5oKXVKFmNqQQ3bqFWqOUq5MB8GA1UdIwQY
MBaAFDyP4rGb0+t/cKTu2rYWtTJQARUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2VkZDEtYzc5Zi00ODkwLWExNzUt
MTJlNmE2ZWRkMTI0LzEvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lN2VkZDEtYzc5Zi00ODkwLWExNzUtMTJlNmE2ZWRkMTI0
LzEvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXe1Ji8rt
a2xN2vseX/mWXMNPNbvfE/7LS34rQda7vO1S4wyw0GSrlCPabcCDaDyMOltrChHX
qYIQGjppridWarnIU8qd4jfPpXDJb8JwnBcVfjaBzuxx0jd5idtp5uRQ2NMNciPg
gTUVmkucUfizNS5KLf8DIvoNbSM53WfrakOPwYzq2NFTNxcyAoNWni5ml2zgDSzQ
88PsctroRs8PsM9JKKua1wLKYELZsPp2kZfBbfmULz0hCJsQmBl7rgyAko3BhzFm
uSnhM9ZnH/O/A/DOlFlA77abqp2FXeCSdBzgcEFJZRYY2H0Bb3r1O3mUUwP7mLSj
Cps0JPVHzHuvpw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:04:43 2025 by rpki-client