Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
File: PBnm8n2SgJXlYN52ePKONFnVWUc.mft (raw, json)
Hash identifier: UHdfp5p+b/eU0LOIfDOL29xu6mmmPEZU4dRTJHwbnRE=
Subject key identifier: CA:4C:4A:44:79:53:34:52:3E:FA:0B:32:84:6D:24:32:D0:6A:6B:D4
Authority key identifier: 3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47
Certificate issuer: /CN=3c19e6f27d928095e560de7678f28e3459d55947
Certificate serial: 019A50E344AACAD50603BF1C83C18297F854
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
Manifest number: 0221
Signing time: Tue 04 Nov 2025 22:01:02 +0000
Manifest this update: Tue 04 Nov 2025 22:01:02 +0000
Manifest next update: Wed 05 Nov 2025 22:01:02 +0000
Files and hashes: 1: PBnm8n2SgJXlYN52ePKONFnVWUc.crl (hash: 3ZJhIRar7CdSGKkEpPiTewwABBK2xttrtiCA6rn6l/I=)
2: QmVb0SoXYnlMedY0w_3_iXHpV1g.roa (hash: a3gXOD/NjdWHnE6P9SQzEQhqDOtbuugfMMDorP0aI2g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:44:aa:ca:d5:06:03:bf:1c:83:c1:82:97:f8:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c19e6f27d928095e560de7678f28e3459d55947
Validity
Not Before: Nov 4 22:01:02 2025 GMT
Not After : Nov 5 22:01:02 2025 GMT
Subject: CN=ca4c4a44795334523efa0b32846d2432d06a6bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:cf:b9:67:5a:2a:fe:51:50:39:e8:55:56:
49:90:90:fd:37:34:4d:97:96:bc:38:3f:f2:84:fa:
b3:ea:7e:6a:d0:01:0d:7e:d0:9b:90:8e:7f:ee:9f:
67:96:74:9f:33:98:25:26:37:01:90:72:43:f8:77:
3c:35:95:ae:f0:54:74:2e:bf:82:78:d5:b7:eb:85:
90:4e:96:b6:e0:b8:06:8a:56:56:3f:77:52:ff:c8:
b6:c9:2c:fb:1b:72:2c:5a:96:7c:fa:de:f3:8f:59:
70:b1:dd:85:c4:69:42:05:87:8d:52:9f:a4:f6:8b:
d1:4d:8a:30:f9:94:c4:52:c3:ce:ac:a8:3f:4d:5f:
28:ff:59:37:79:ef:59:97:36:32:f3:9c:59:6b:db:
53:81:23:9e:fc:a4:98:70:a8:f9:53:3b:95:f0:5a:
a7:54:39:0a:9d:13:0b:99:c2:5c:ca:34:ab:8c:f5:
d8:71:e3:8a:de:59:e0:ae:c1:5a:fd:51:b8:ee:91:
7e:d0:2a:f1:87:1e:45:9c:1e:1e:33:d0:22:07:eb:
99:7a:57:2c:ff:27:11:39:f5:20:37:d9:2c:fe:3c:
5d:f7:0f:98:19:ee:21:2d:66:1c:e0:d9:61:6c:45:
00:da:52:d8:61:ba:40:68:16:5a:be:1d:ce:11:54:
27:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4C:4A:44:79:53:34:52:3E:FA:0B:32:84:6D:24:32:D0:6A:6B:D4
X509v3 Authority Key Identifier:
keyid:3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:cf:97:7c:af:d8:99:ac:72:29:b8:f1:bb:50:73:64:86:31:
f7:aa:6c:81:96:ee:60:de:ae:2d:25:ce:49:14:88:9e:09:cf:
6e:4c:dc:b4:e2:36:7d:c1:78:b8:ac:3a:33:a9:0b:f0:00:4e:
b6:de:0d:e2:ea:14:a2:72:87:21:dc:d9:97:70:53:76:98:01:
3f:9e:db:93:6d:f3:c9:48:df:e6:01:82:b6:f8:78:8c:40:2f:
ba:88:33:9f:2b:c3:2b:1e:c4:4f:a5:8d:cf:4d:dd:77:db:cb:
d1:20:d7:b6:26:e2:f7:24:3b:20:a6:9d:94:bf:11:79:3e:df:
b8:b9:15:c9:d1:d5:78:f4:80:7b:bb:1e:e1:3d:d5:11:74:37:
a8:a9:b8:e3:5e:61:bf:52:87:8e:39:28:d1:2a:82:4e:fd:05:
48:2b:15:af:02:7a:0c:3a:7f:5e:a5:26:9e:9a:85:fa:8b:6c:
49:1a:e5:bb:db:24:74:bc:43:7e:c3:5c:bf:8a:fd:1b:27:01:
2a:7f:5e:c4:a2:ec:3f:fa:31:62:ef:6f:66:80:8f:25:a3:4d:
bc:a4:94:f2:5d:10:19:a0:a2:56:02:5c:eb:ed:b8:75:62:87:
36:f7:51:83:a3:a8:f1:81:cb:98:75:6a:31:d6:0d:b9:df:7d:
58:90:75:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ40SqytUGA78cg8GCl/hUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTllNmYyN2Q5MjgwOTVlNTYwZGU3Njc4ZjI4ZTM0NTlk
NTU5NDcwHhcNMjUxMTA0MjIwMTAyWhcNMjUxMTA1MjIwMTAyWjAzMTEwLwYDVQQD
EyhjYTRjNGE0NDc5NTMzNDUyM2VmYTBiMzI4NDZkMjQzMmQwNmE2YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzbPuWdaKv5RUDnoVVZJkJD9NzRN
l5a8OD/yhPqz6n5q0AENftCbkI5/7p9nlnSfM5glJjcBkHJD+Hc8NZWu8FR0Lr+C
eNW364WQTpa24LgGilZWP3dS/8i2ySz7G3IsWpZ8+t7zj1lwsd2FxGlCBYeNUp+k
9ovRTYow+ZTEUsPOrKg/TV8o/1k3ee9ZlzYy85xZa9tTgSOe/KSYcKj5UzuV8Fqn
VDkKnRMLmcJcyjSrjPXYceOK3lngrsFa/VG47pF+0Crxhx5FnB4eM9AiB+uZelcs
/ycROfUgN9ks/jxd9w+YGe4hLWYc4NlhbEUA2lLYYbpAaBZavh3OEVQn9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpMSkR5UzRSPvoLMoRtJDLQamvUMB8GA1UdIwQY
MBaAFDwZ5vJ9koCV5WDednjyjjRZ1VlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMt
NzkyN2RlNTM5MzY0LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMtNzkyN2RlNTM5MzY0
LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuc+XfK/Y
maxyKbjxu1BzZIYx96psgZbuYN6uLSXOSRSIngnPbkzctOI2fcF4uKw6M6kL8ABO
tt4N4uoUonKHIdzZl3BTdpgBP57bk23zyUjf5gGCtvh4jEAvuogznyvDKx7ET6WN
z03dd9vL0SDXtibi9yQ7IKadlL8ReT7fuLkVydHVePSAe7se4T3VEXQ3qKm4415h
v1KHjjko0SqCTv0FSCsVrwJ6DDp/XqUmnpqF+otsSRrlu9skdLxDfsNcv4r9GycB
Kn9exKLsP/oxYu9vZoCPJaNNvKSU8l0QGaCiVgJc6+24dWKHNvdRg6Oo8YHLmHVq
MdYNud99WJB1dw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:12:58 2025 by rpki-client