Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: Mtg4L7qU35vhAqDYa53hkfFhbm7cl/VU3MokHQLaJZE=
Subject key identifier: 52:AB:BB:29:43:C7:18:E2:23:4B:01:3A:31:24:BB:80:7D:98:60:FE
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 019A4E4F9F2422B2091E9F2957EDA9BCB999
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 1709
Signing time: Tue 04 Nov 2025 10:00:32 +0000
Manifest this update: Tue 04 Nov 2025 10:00:32 +0000
Manifest next update: Wed 05 Nov 2025 10:00:32 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: ChhUYqIiNHy1IUuhEkSnyvPgi4wB0zsmWUA0UdORIVk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:9f:24:22:b2:09:1e:9f:29:57:ed:a9:bc:b9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Nov 4 10:00:32 2025 GMT
Not After : Nov 5 10:00:32 2025 GMT
Subject: CN=52abbb2943c718e2234b013a3124bb807d9860fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:52:95:e1:40:80:96:5e:c8:55:8c:b4:42:52:
b2:1f:e8:a2:ce:9d:b8:9a:ee:0e:9d:9d:1f:3a:29:
98:34:66:48:25:da:46:90:a8:ae:ee:bd:c4:90:92:
5f:91:fd:be:d1:57:44:61:12:0c:45:30:30:b3:cf:
47:e5:32:b9:af:05:ed:66:41:60:b9:3c:3a:c6:2a:
1f:8e:57:70:f7:c2:33:75:0f:b4:9c:60:20:4f:91:
8e:e7:92:1f:23:66:c5:14:a4:35:29:86:18:b9:ab:
9a:c6:b4:f0:1c:ed:9d:9d:e8:16:39:97:b5:e9:22:
01:ad:64:31:59:6f:19:86:9b:ad:50:8c:cb:05:b3:
ed:5e:c5:43:04:75:92:22:da:e2:44:89:f9:a2:4e:
1c:b5:a6:7f:5a:a4:41:65:3b:77:2b:f9:9c:25:a8:
88:10:d4:0e:4d:bb:7b:86:5b:4d:95:c8:f2:47:7c:
2a:df:cf:c3:89:6c:d8:8a:75:4d:29:8b:1e:ec:4b:
17:42:86:70:58:3e:52:7a:36:22:b4:f0:3a:01:97:
5c:78:40:74:e1:e0:39:ec:f8:15:ae:3b:48:96:fa:
3b:e7:24:fd:df:dd:4d:a0:73:79:13:41:ae:d2:80:
20:7e:05:9e:10:62:fd:89:5e:5f:43:8f:79:89:e6:
51:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AB:BB:29:43:C7:18:E2:23:4B:01:3A:31:24:BB:80:7D:98:60:FE
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:2d:00:08:11:df:99:4c:fc:28:04:03:50:90:47:4c:ed:15:
e5:83:5b:ce:fa:da:da:cd:76:92:62:6a:96:21:8c:d6:b1:11:
53:2c:33:e3:f4:be:32:f4:5e:8f:60:54:e4:d5:99:99:93:e8:
6d:fd:4f:0f:49:c1:14:1e:de:6e:08:79:4f:60:70:2d:39:8c:
47:a5:cb:d1:da:ba:ac:86:e9:72:e2:ce:c9:52:03:16:50:f7:
2e:f2:55:fb:10:a7:28:fe:eb:f6:e8:03:fb:2d:40:0f:fb:31:
8e:19:bc:3f:86:51:ce:63:43:4c:73:42:88:0d:63:a1:cd:32:
a4:ab:ac:41:4b:f8:f2:e8:41:30:d4:09:61:84:01:4f:c5:26:
f1:45:e7:f2:ce:07:53:8b:38:8f:a9:f2:df:ce:48:21:8c:4f:
db:17:c2:22:5a:98:f8:e3:3d:ca:16:33:42:a6:66:58:29:ed:
f5:d5:9f:6f:b9:b3:59:19:68:92:25:3b:08:87:4a:9f:99:74:
ca:d4:ab:ce:90:5f:49:6f:8c:26:89:9f:ef:43:d4:f3:43:f9:
49:f2:16:05:10:56:ad:be:95:7c:de:d4:15:75:19:17:26:e5:
55:85:ef:dc:43:2a:48:08:a5:f6:f4:3b:e7:5f:68:6a:ad:c4:
ed:e4:87:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT58kIrIJHp8pV+2pvLmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUxMTA0MTAwMDMyWhcNMjUxMTA1MTAwMDMyWjAzMTEwLwYDVQQD
Eyg1MmFiYmIyOTQzYzcxOGUyMjM0YjAxM2EzMTI0YmI4MDdkOTg2MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFKV4UCAll7IVYy0QlKyH+iizp24
mu4OnZ0fOimYNGZIJdpGkKiu7r3EkJJfkf2+0VdEYRIMRTAws89H5TK5rwXtZkFg
uTw6xiofjldw98IzdQ+0nGAgT5GO55IfI2bFFKQ1KYYYuauaxrTwHO2dnegWOZe1
6SIBrWQxWW8ZhputUIzLBbPtXsVDBHWSItriRIn5ok4ctaZ/WqRBZTt3K/mcJaiI
ENQOTbt7hltNlcjyR3wq38/DiWzYinVNKYse7EsXQoZwWD5SejYitPA6AZdceEB0
4eA57PgVrjtIlvo75yT9391NoHN5E0Gu0oAgfgWeEGL9iV5fQ495ieZR1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKruylDxxjiI0sBOjEku4B9mGD+MB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAai0ACBHf
mUz8KAQDUJBHTO0V5YNbzvra2s12kmJqliGM1rERUywz4/S+MvRej2BU5NWZmZPo
bf1PD0nBFB7ebgh5T2BwLTmMR6XL0dq6rIbpcuLOyVIDFlD3LvJV+xCnKP7r9ugD
+y1AD/sxjhm8P4ZRzmNDTHNCiA1joc0ypKusQUv48uhBMNQJYYQBT8Um8UXn8s4H
U4s4j6ny385IIYxP2xfCIlqY+OM9yhYzQqZmWCnt9dWfb7mzWRlokiU7CIdKn5l0
ytSrzpBfSW+MJomf70PU80P5SfIWBRBWrb6VfN7UFXUZFyblVYXv3EMqSAil9vQ7
519oaq3E7eSH+g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:52:50 2025 by rpki-client