Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: guvyykrLyI0NMN48857/VP+bMNCF+M9tMBMOBParVPQ=
Subject key identifier: DE:2C:84:5C:5C:FF:2D:B2:CA:D2:CB:42:83:DE:21:A5:A7:0D:CD:D8
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 019A51F5C5F014A0A03B1FE3C9694325A558
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 10F5
Signing time: Wed 05 Nov 2025 03:00:52 +0000
Manifest this update: Wed 05 Nov 2025 03:00:52 +0000
Manifest next update: Thu 06 Nov 2025 03:00:52 +0000
Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: /EiSDq2x6G30T6ssqTclbbEBzbr4WnTNvuE47ui9vL8=)
2: jH9C8p9nitrfAItNyA_YLJEP6ds.roa (hash: qAfQVpQ0k0QfJ2KTETvmr94XZk/rf+3SC4Qevdx1ZDY=)
3: tah1yfASreRchTqTj8AtcpkBGXY.roa (hash: 3mvJQGarrUT5b42icY1PPyWBBa9VfBbfud+/MFWuiN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:c5:f0:14:a0:a0:3b:1f:e3:c9:69:43:25:a5:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Nov 5 03:00:52 2025 GMT
Not After : Nov 6 03:00:52 2025 GMT
Subject: CN=de2c845c5cff2db2cad2cb4283de21a5a70dcdd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:68:02:77:c1:52:c8:03:d1:69:19:73:3c:db:
79:f7:12:06:ad:42:ae:f9:5d:d2:8a:bd:74:e0:3e:
de:1e:05:b7:2c:9c:74:c8:ae:df:0a:0d:3c:92:43:
6e:23:e5:06:d6:11:f1:7c:44:7b:dc:40:45:70:c2:
f3:ff:ba:98:17:84:94:0f:bd:11:20:ad:96:60:09:
a6:3e:b6:bb:e2:7b:81:ad:54:7b:a4:db:19:d2:11:
2d:86:61:87:e0:5b:df:fe:7c:71:18:bd:e8:19:f9:
dc:1c:96:40:8b:ca:bd:44:01:3c:cf:a5:b1:03:e1:
13:ca:d9:2c:42:db:84:5e:47:f9:24:ac:f3:71:ed:
b2:4f:de:7a:cd:18:1a:96:dd:a2:52:1a:f2:b8:8d:
06:cd:63:a0:d1:7b:08:54:99:fa:2f:60:48:99:61:
ac:35:c1:fd:72:f9:e2:6f:29:84:0c:04:f1:9f:dd:
48:70:62:fe:7d:00:cb:49:9b:31:79:4c:b2:1d:ca:
c0:6a:9f:02:db:85:d9:a8:5c:ab:f8:dd:a8:bc:2a:
12:bb:ce:a2:c4:03:30:af:2c:43:b9:30:11:48:63:
90:cb:8f:24:f7:82:11:7c:03:08:1b:b3:e2:a2:a2:
de:05:b8:c7:00:03:95:8e:d0:79:a9:72:96:d5:99:
4d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2C:84:5C:5C:FF:2D:B2:CA:D2:CB:42:83:DE:21:A5:A7:0D:CD:D8
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:d2:5e:d5:69:c1:96:26:a0:60:7e:dd:2d:d6:9a:0f:73:72:
12:96:e9:da:e6:51:16:df:1e:97:6f:6b:c8:b2:73:88:f3:65:
81:dc:be:78:1d:74:f9:e5:95:4d:5b:92:6e:23:bb:45:58:1e:
7b:3f:aa:bc:bd:13:dd:e7:7d:28:3a:99:43:70:58:27:87:65:
e8:64:b1:eb:ed:b4:79:29:57:d6:66:68:90:b4:f7:be:e2:7b:
c1:35:b1:60:95:2c:84:43:fe:69:e9:a5:c3:79:de:9b:cf:33:
da:5f:f4:ec:ed:e1:d0:68:06:5f:5e:c1:58:8f:c5:ec:a3:c7:
20:e4:dd:ed:e3:ab:ba:04:74:4e:e9:bc:1c:86:d6:31:d3:9a:
1b:8b:d7:8d:59:eb:81:38:18:8d:38:32:11:dd:20:4d:a8:33:
85:05:9f:06:31:f3:3c:c0:56:6d:96:fe:ad:35:72:23:8f:a6:
05:ca:69:4e:16:0d:ee:46:4f:37:38:a0:09:2e:86:dd:b9:0d:
23:ef:2d:c6:e2:80:24:1b:d2:1f:f1:c5:55:b8:40:4e:6e:49:
67:c0:a2:ac:3f:0c:1e:0c:6d:09:69:9b:d1:cd:d2:b4:4d:40:
7e:59:a6:8d:2d:dd:76:bb:e6:3f:49:c9:70:5e:51:71:a4:ea:
92:82:73:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9cXwFKCgOx/jyWlDJaVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjUxMTA1MDMwMDUyWhcNMjUxMTA2MDMwMDUyWjAzMTEwLwYDVQQD
EyhkZTJjODQ1YzVjZmYyZGIyY2FkMmNiNDI4M2RlMjFhNWE3MGRjZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WgCd8FSyAPRaRlzPNt59xIGrUKu
+V3Sir104D7eHgW3LJx0yK7fCg08kkNuI+UG1hHxfER73EBFcMLz/7qYF4SUD70R
IK2WYAmmPra74nuBrVR7pNsZ0hEthmGH4Fvf/nxxGL3oGfncHJZAi8q9RAE8z6Wx
A+ETytksQtuEXkf5JKzzce2yT956zRgalt2iUhryuI0GzWOg0XsIVJn6L2BImWGs
NcH9cvnibymEDATxn91IcGL+fQDLSZsxeUyyHcrAap8C24XZqFyr+N2ovCoSu86i
xAMwryxDuTARSGOQy48k94IRfAMIG7PioqLeBbjHAAOVjtB5qXKW1ZlNnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4shFxc/y2yytLLQoPeIaWnDc3YMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn9Je1WnB
liagYH7dLdaaD3NyEpbp2uZRFt8el29ryLJziPNlgdy+eB10+eWVTVuSbiO7RVge
ez+qvL0T3ed9KDqZQ3BYJ4dl6GSx6+20eSlX1mZokLT3vuJ7wTWxYJUshEP+aeml
w3nem88z2l/07O3h0GgGX17BWI/F7KPHIOTd7eOrugR0Tum8HIbWMdOaG4vXjVnr
gTgYjTgyEd0gTagzhQWfBjHzPMBWbZb+rTVyI4+mBcppThYN7kZPNzigCS6G3bkN
I+8txuKAJBvSH/HFVbhATm5JZ8CirD8MHgxtCWmb0c3StE1AflmmjS3ddrvmP0nJ
cF5RcaTqkoJzew==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:28:55 2025 by rpki-client