Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.mft
File: pdCLMVCtNN4riFkhdBkkCDlvEfs.mft (raw, json)
Hash identifier: +BwBFavtnUPJQwcfJB7drNH5fjF0bYtlsjTbMI2Jvd8=
Subject key identifier: F9:6E:62:21:96:F9:4D:70:41:68:1D:21:93:47:13:6D:EF:C9:12:2A
Authority key identifier: A5:D0:8B:31:50:AD:34:DE:2B:88:59:21:74:19:24:08:39:6F:11:FB
Certificate issuer: /CN=a5d08b3150ad34de2b88592174192408396f11fb
Certificate serial: 019A51513D4FAC34478A1EF654E0A374898F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdCLMVCtNN4riFkhdBkkCDlvEfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.mft
Manifest number: 170E
Signing time: Wed 05 Nov 2025 00:01:09 +0000
Manifest this update: Wed 05 Nov 2025 00:01:09 +0000
Manifest next update: Thu 06 Nov 2025 00:01:09 +0000
Files and hashes: 1: bY2tBQ51YL8a-pcphuYuVQz7bOg.roa (hash: FnAC9AE4W5+r++w2y10UXXpTgultC6LrjOa8S41rhns=)
2: pdCLMVCtNN4riFkhdBkkCDlvEfs.crl (hash: 0s3CV9RYehjyVQz1CgjUqznph3S3EWtXIx6OW2seNXk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pdCLMVCtNN4riFkhdBkkCDlvEfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:51:3d:4f:ac:34:47:8a:1e:f6:54:e0:a3:74:89:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5d08b3150ad34de2b88592174192408396f11fb
Validity
Not Before: Nov 5 00:01:09 2025 GMT
Not After : Nov 6 00:01:09 2025 GMT
Subject: CN=f96e622196f94d7041681d219347136defc9122a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:bd:cf:4d:0d:62:58:a1:8d:be:13:da:1a:
b7:c8:e2:53:54:31:f8:f3:63:e0:d8:92:df:b8:9e:
dc:59:bd:34:16:c5:a9:3f:af:ea:6e:84:fd:25:fe:
e2:f7:c9:f1:a5:03:cd:eb:04:5e:7c:a5:bf:34:86:
56:be:40:e5:75:2d:e7:18:0a:3c:8f:0f:63:e0:38:
bc:e1:90:51:e8:03:10:2c:9e:b3:4b:9f:2d:f2:f9:
cd:27:f5:a6:98:47:8e:6b:25:18:64:f6:87:2d:69:
14:14:63:0d:7a:a4:ff:1a:6e:68:10:d2:bb:b6:2b:
b6:20:07:d8:b1:31:d3:ab:b5:dc:5b:ce:3c:0c:b6:
47:bd:a7:1a:b4:46:89:7c:69:8b:6c:43:c6:68:c8:
ef:ac:96:eb:bc:21:7d:9f:8f:94:aa:3b:e4:cc:f9:
2e:ae:80:c9:77:ed:6a:b8:2b:ad:25:f1:7d:bc:62:
82:8a:76:71:4b:54:57:87:5c:a4:cf:9a:e6:8f:2f:
23:29:58:6f:4c:b4:bd:76:4e:bb:4a:87:ad:ce:29:
28:90:4b:70:82:b5:31:c0:48:ba:df:7f:f3:e6:1c:
27:00:cf:e3:f8:c7:84:51:19:14:73:cf:f3:86:e1:
d5:f8:b2:db:8f:c1:b9:2d:56:87:f8:ad:e6:2c:ab:
b1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:6E:62:21:96:F9:4D:70:41:68:1D:21:93:47:13:6D:EF:C9:12:2A
X509v3 Authority Key Identifier:
keyid:A5:D0:8B:31:50:AD:34:DE:2B:88:59:21:74:19:24:08:39:6F:11:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdCLMVCtNN4riFkhdBkkCDlvEfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:74:ac:45:01:e4:51:92:63:b7:1e:32:28:c5:ff:67:c9:67:
25:5b:17:d1:b3:31:45:31:90:0d:46:73:4a:6a:a3:7c:35:08:
65:8c:16:b6:b3:c0:60:2b:5e:16:b0:88:22:85:6e:14:2a:da:
9b:e9:90:95:31:2a:fb:66:cd:76:95:c0:72:b4:0c:db:1f:eb:
77:e1:48:6a:a4:6b:67:4e:56:f6:e1:b2:f5:40:6a:8e:bc:57:
7c:37:a2:09:f0:c7:4f:25:03:45:9d:2b:55:eb:57:f7:fc:bb:
b8:a2:e4:88:6f:13:15:00:dc:32:cb:f4:ce:10:62:ba:62:d0:
36:a1:dc:fd:0c:74:61:01:86:bb:94:bd:fc:03:f1:29:d5:49:
07:c5:11:42:ad:e6:d3:55:e0:cc:d3:df:55:9e:77:d9:fa:46:
cf:de:64:7c:84:80:82:db:58:b3:60:60:ac:3c:22:4c:d0:58:
2d:ca:b4:3d:d6:67:91:bb:0a:9b:59:5b:45:2b:e8:61:82:81:
0b:a3:ba:bd:e4:ca:1b:26:e2:4b:8e:f6:fd:e1:b1:f3:b2:fa:
ef:d1:be:2f:27:b6:2a:4a:84:9b:cc:7c:5d:a3:ac:d4:a5:f5:
20:36:1e:88:a7:ee:cb:38:31:58:cc:93:db:b7:48:f5:97:03:
60:e1:f8:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUT1PrDRHih72VOCjdImPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZDA4YjMxNTBhZDM0ZGUyYjg4NTkyMTc0MTkyNDA4Mzk2
ZjExZmIwHhcNMjUxMTA1MDAwMTA5WhcNMjUxMTA2MDAwMTA5WjAzMTEwLwYDVQQD
EyhmOTZlNjIyMTk2Zjk0ZDcwNDE2ODFkMjE5MzQ3MTM2ZGVmYzkxMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLe9z00NYlihjb4T2hq3yOJTVDH4
82Pg2JLfuJ7cWb00FsWpP6/qboT9Jf7i98nxpQPN6wRefKW/NIZWvkDldS3nGAo8
jw9j4Di84ZBR6AMQLJ6zS58t8vnNJ/WmmEeOayUYZPaHLWkUFGMNeqT/Gm5oENK7
tiu2IAfYsTHTq7XcW848DLZHvacatEaJfGmLbEPGaMjvrJbrvCF9n4+UqjvkzPku
roDJd+1quCutJfF9vGKCinZxS1RXh1ykz5rmjy8jKVhvTLS9dk67SoetzikokEtw
grUxwEi633/z5hwnAM/j+MeEURkUc8/zhuHV+LLbj8G5LVaH+K3mLKuxLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPluYiGW+U1wQWgdIZNHE23vyRIqMB8GA1UdIwQY
MBaAFKXQizFQrTTeK4hZIXQZJAg5bxH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGRDTE1WQ3ROTjRyaUZraGRCa2tDRGx2RWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85MDE4MzktMGVmMi00MGVjLTk5YjMt
NDNjYzViNDZkNWIyLzEvcGRDTE1WQ3ROTjRyaUZraGRCa2tDRGx2RWZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85MDE4MzktMGVmMi00MGVjLTk5YjMtNDNjYzViNDZkNWIy
LzEvcGRDTE1WQ3ROTjRyaUZraGRCa2tDRGx2RWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdnSsRQHk
UZJjtx4yKMX/Z8lnJVsX0bMxRTGQDUZzSmqjfDUIZYwWtrPAYCteFrCIIoVuFCra
m+mQlTEq+2bNdpXAcrQM2x/rd+FIaqRrZ05W9uGy9UBqjrxXfDeiCfDHTyUDRZ0r
VetX9/y7uKLkiG8TFQDcMsv0zhBiumLQNqHc/Qx0YQGGu5S9/APxKdVJB8URQq3m
01XgzNPfVZ532fpGz95kfISAgttYs2BgrDwiTNBYLcq0PdZnkbsKm1lbRSvoYYKB
C6O6veTKGybiS472/eGx87L679G+Lye2KkqEm8x8XaOs1KX1IDYeiKfuyzgxWMyT
27dI9ZcDYOH4GA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:20:18 2025 by rpki-client