Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: qF0EeSXRIhY6UPGyeM7h17oMWFg8iWnC47zG23aR6og=
Subject key identifier: 79:42:9F:8F:D2:AE:CD:20:C5:5A:F7:F0:51:EE:2E:B9:A3:A5:BD:3C
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 01989FA8373310ADC84F4F201A613C0FCA74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 162A
Signing time: Tue 12 Aug 2025 19:00:58 +0000
Manifest this update: Tue 12 Aug 2025 19:00:58 +0000
Manifest next update: Wed 13 Aug 2025 19:00:58 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: 7Y7EIsERYTb5YK4m12H3qa5gQ9CvtxYMMyIWwPi8F4g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 19:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9f:a8:37:33:10:ad:c8:4f:4f:20:1a:61:3c:0f:ca:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Aug 12 19:00:58 2025 GMT
Not After : Aug 13 19:00:58 2025 GMT
Subject: CN=79429f8fd2aecd20c55af7f051ee2eb9a3a5bd3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:01:a8:61:f4:8a:16:cd:ba:3d:9f:5f:6b:28:
85:fe:7c:01:35:ab:69:9a:09:d2:e6:f1:7b:96:1c:
99:06:31:5c:7e:c4:90:55:26:3c:84:fb:c3:77:06:
40:2e:c3:c8:6f:41:9f:da:c2:55:53:62:c9:1a:46:
a0:3b:6e:49:5b:39:b7:cc:1c:b3:34:b0:7d:27:c2:
d0:1c:ab:01:d9:24:d9:45:e2:a2:36:fc:ac:2b:de:
59:68:d6:ee:86:50:80:f5:60:9a:47:83:47:a1:26:
e1:b5:d0:28:1c:ad:67:cf:90:dd:24:e5:6c:c4:5b:
44:53:62:37:c6:9e:1e:13:3b:44:3b:b0:9f:ed:a3:
49:5f:1f:0c:5a:57:88:c4:ca:fd:42:68:4e:b1:b7:
15:35:16:14:e9:ce:f1:eb:cd:52:7c:00:b0:35:d5:
28:5f:ca:97:58:2f:7d:41:56:39:87:77:3b:2d:fb:
ce:d3:4d:63:22:e3:41:c3:10:59:6d:3e:2d:3c:7c:
51:28:6e:6a:f3:25:73:d1:4c:43:6b:a4:74:4d:7b:
05:64:7e:56:b6:ad:14:06:13:9d:5d:7f:84:f3:53:
13:64:66:db:9d:8c:33:89:b2:aa:48:25:c4:b8:71:
31:aa:fc:a9:9f:c0:e4:43:26:59:6b:2b:06:fb:14:
37:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:42:9F:8F:D2:AE:CD:20:C5:5A:F7:F0:51:EE:2E:B9:A3:A5:BD:3C
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:a2:83:9a:8b:a9:a2:0a:f7:e2:9f:c8:50:49:52:9e:af:96:
0e:11:04:23:d0:5c:0b:39:10:16:86:eb:cc:74:0d:2c:7e:8c:
85:c7:72:33:b3:4a:08:87:67:1a:e3:59:1e:2c:44:48:5a:a9:
30:59:6d:8d:a1:a3:c3:1e:44:3d:8b:84:62:79:28:0b:03:b5:
67:cf:83:dc:cf:d7:a5:bc:e2:f2:c8:c0:12:c9:4c:bc:fd:16:
19:98:bc:77:95:fc:c0:2d:af:37:e6:ff:56:a4:66:40:b3:19:
a9:4a:5c:1a:ae:d3:27:34:7d:c9:05:ae:75:60:33:95:48:64:
43:28:07:63:a4:ee:d5:52:3d:8c:4c:e2:43:34:4f:77:0e:ca:
7b:c0:25:8c:9c:0d:2f:0d:3f:5b:ff:b2:4e:0c:4c:1e:61:b6:
52:e3:c8:af:f7:40:02:e1:3d:34:be:4c:cc:42:c5:ba:aa:9c:
28:45:a3:4d:8e:81:42:10:b5:e8:6a:8d:a6:38:43:47:46:88:
b3:36:fb:d8:9e:3e:e6:57:54:65:33:20:fb:c6:ce:37:bf:67:
17:5a:8f:46:21:5c:d8:c8:74:77:ba:e0:dc:0e:0e:47:75:44:
c6:c5:75:e6:39:c5:06:33:23:99:45:d7:23:05:8e:f3:a1:14:
03:3a:87:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifqDczEK3IT08gGmE8D8p0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUwODEyMTkwMDU4WhcNMjUwODEzMTkwMDU4WjAzMTEwLwYDVQQD
Eyg3OTQyOWY4ZmQyYWVjZDIwYzU1YWY3ZjA1MWVlMmViOWEzYTViZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywGoYfSKFs26PZ9fayiF/nwBNatp
mgnS5vF7lhyZBjFcfsSQVSY8hPvDdwZALsPIb0Gf2sJVU2LJGkagO25JWzm3zByz
NLB9J8LQHKsB2STZReKiNvysK95ZaNbuhlCA9WCaR4NHoSbhtdAoHK1nz5DdJOVs
xFtEU2I3xp4eEztEO7Cf7aNJXx8MWleIxMr9QmhOsbcVNRYU6c7x681SfACwNdUo
X8qXWC99QVY5h3c7LfvO001jIuNBwxBZbT4tPHxRKG5q8yVz0UxDa6R0TXsFZH5W
tq0UBhOdXX+E81MTZGbbnYwzibKqSCXEuHExqvypn8DkQyZZaysG+xQ3KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHlCn4/Srs0gxVr38FHuLrmjpb08MB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALaKDmoup
ogr34p/IUElSnq+WDhEEI9BcCzkQFobrzHQNLH6MhcdyM7NKCIdnGuNZHixESFqp
MFltjaGjwx5EPYuEYnkoCwO1Z8+D3M/Xpbzi8sjAEslMvP0WGZi8d5X8wC2vN+b/
VqRmQLMZqUpcGq7TJzR9yQWudWAzlUhkQygHY6Tu1VI9jEziQzRPdw7Ke8AljJwN
Lw0/W/+yTgxMHmG2UuPIr/dAAuE9NL5MzELFuqqcKEWjTY6BQhC16GqNpjhDR0aI
szb72J4+5ldUZTMg+8bON79nF1qPRiFc2Mh0d7rg3A4OR3VExsV15jnFBjMjmUXX
IwWO86EUAzqH/Q==
-----END CERTIFICATE-----
Generated at Wed Aug 13 02:16:32 2025 by rpki-client