
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
File: Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json)
Hash identifier: KGOTizUYYkjIDa8HXucMvf8Z10I7HROpqQ0I/DLYqZM=
Subject key identifier: 00:11:6A:9E:45:EC:38:BB:11:32:A9:F5:6B:11:B5:2B:2C:AA:73:FE
Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52
Certificate issuer: /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
Certificate serial: 01987ED414E0F0F17957BB6DDA7A4B683251
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
Manifest number: 1236
Signing time: Wed 06 Aug 2025 10:01:24 +0000
Manifest this update: Wed 06 Aug 2025 10:01:24 +0000
Manifest next update: Thu 07 Aug 2025 10:01:24 +0000
Files and hashes: 1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: 1mP+I/ZOaaSmpFJUXAGvFVKewitd6OZR82N8jxEjWIE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 10:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:d4:14:e0:f0:f1:79:57:bb:6d:da:7a:4b:68:32:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
Validity
Not Before: Aug 6 10:01:24 2025 GMT
Not After : Aug 7 10:01:24 2025 GMT
Subject: CN=00116a9e45ec38bb1132a9f56b11b52b2caa73fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7d:13:98:e8:4e:90:b9:ed:c0:49:8b:65:3f:
31:d5:93:0e:02:a1:5b:cb:ae:e5:e7:6a:61:14:9e:
24:b1:6b:18:43:a7:cd:79:d0:b5:0f:95:82:18:63:
60:05:fa:58:f2:ce:8a:f6:00:83:c6:cd:7b:c5:3c:
7e:61:9d:c2:ed:cd:cb:c9:be:9c:20:2b:29:4d:77:
6b:29:9a:ee:bf:07:0b:15:7d:e2:6b:e9:69:85:4b:
97:ee:53:46:77:01:76:ac:35:66:4f:94:20:d2:cb:
a8:f2:41:60:69:bc:8c:d0:46:e1:fd:bd:5e:73:c7:
6b:36:a4:bc:69:d3:69:32:93:6c:cc:e5:02:e1:97:
0e:3d:03:fa:1f:61:fb:ae:da:1e:6e:58:c0:d4:8b:
0f:4c:ca:35:76:9c:5b:2b:0f:0d:56:57:03:1c:56:
dd:27:f6:14:29:b6:a1:bf:60:b5:1e:27:f5:13:de:
bf:69:f0:61:bb:68:35:77:03:ac:73:b9:9a:98:60:
b7:32:8c:68:3a:e2:bf:77:91:b5:31:b9:fb:e3:54:
9b:30:56:f8:2a:5d:84:af:28:be:25:29:e8:24:36:
86:19:76:b9:cb:50:f0:81:2d:bc:b9:6d:69:7d:ca:
14:cd:a9:77:7d:2a:e0:c9:ab:71:c3:0a:30:10:c1:
a9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:11:6A:9E:45:EC:38:BB:11:32:A9:F5:6B:11:B5:2B:2C:AA:73:FE
X509v3 Authority Key Identifier:
keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:72:1b:4f:eb:bb:7d:98:6b:4a:a8:15:58:70:44:32:18:8f:
86:98:6d:2e:ec:81:f1:5e:b7:06:ca:22:96:46:c9:4e:11:1f:
5d:9e:c6:28:ed:52:e8:b4:37:a6:65:1e:ee:c4:49:99:f5:b5:
0f:79:b2:1f:e6:85:71:1f:ee:9c:2a:79:bc:3f:23:c5:64:bd:
bd:87:d6:b3:13:b2:aa:0c:85:33:f3:54:00:2f:7f:1e:36:ff:
6c:da:d8:83:87:4a:d7:f9:c1:80:69:a8:85:e7:ca:e7:f5:6d:
97:73:c5:e8:49:f4:93:04:34:d1:1d:87:68:a8:f3:b6:97:4b:
ce:59:67:79:f3:dd:f2:8d:e4:c1:ea:64:40:00:37:44:6b:29:
a2:94:e3:70:43:08:60:3f:c6:2d:62:1e:90:3b:fa:ed:ac:a3:
3c:16:15:81:49:d1:72:4e:69:c7:50:ac:6c:6a:40:b0:84:ac:
5b:63:e1:44:48:38:7f:ca:27:78:e4:d6:38:3f:fd:e1:bf:da:
e9:2d:d1:e3:05:40:a9:ba:55:00:77:e9:4e:2a:50:6b:f8:5c:
16:81:48:b9:cf:f3:ec:c6:e1:e9:1e:43:60:fb:34:46:dc:bb:
0a:0f:02:29:4d:02:fb:b1:78:e2:2f:94:c3:e4:8e:f0:40:52:
52:58:fd:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+1BTg8PF5V7tt2npLaDJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0
NjRlNTIwHhcNMjUwODA2MTAwMTI0WhcNMjUwODA3MTAwMTI0WjAzMTEwLwYDVQQD
EygwMDExNmE5ZTQ1ZWMzOGJiMTEzMmE5ZjU2YjExYjUyYjJjYWE3M2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH0TmOhOkLntwEmLZT8x1ZMOAqFb
y67l52phFJ4ksWsYQ6fNedC1D5WCGGNgBfpY8s6K9gCDxs17xTx+YZ3C7c3Lyb6c
ICspTXdrKZruvwcLFX3ia+lphUuX7lNGdwF2rDVmT5Qg0suo8kFgabyM0Ebh/b1e
c8drNqS8adNpMpNszOUC4ZcOPQP6H2H7rtoebljA1IsPTMo1dpxbKw8NVlcDHFbd
J/YUKbahv2C1Hif1E96/afBhu2g1dwOsc7mamGC3MoxoOuK/d5G1Mbn741SbMFb4
Kl2Eryi+JSnoJDaGGXa5y1DwgS28uW1pfcoUzal3fSrgyatxwwowEMGpMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAARap5F7Di7ETKp9WsRtSssqnP+MB8GA1UdIwQY
MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct
OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4
LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXnIbT+u7
fZhrSqgVWHBEMhiPhphtLuyB8V63BsoilkbJThEfXZ7GKO1S6LQ3pmUe7sRJmfW1
D3myH+aFcR/unCp5vD8jxWS9vYfWsxOyqgyFM/NUAC9/Hjb/bNrYg4dK1/nBgGmo
hefK5/Vtl3PF6En0kwQ00R2HaKjztpdLzllnefPd8o3kwepkQAA3RGspopTjcEMI
YD/GLWIekDv67ayjPBYVgUnRck5px1CsbGpAsISsW2PhREg4f8oneOTWOD/94b/a
6S3R4wVAqbpVAHfpTipQa/hcFoFIuc/z7Mbh6R5DYPs0Rty7Cg8CKU0C+7F44i+U
w+SO8EBSUlj9Dw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 18:24:24 2025 by rpki-client