Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
File: PkJOJFpkMkpocx3SbzDGhbqopng.mft (raw, json)
Hash identifier: rJTX+jXztec+Glo77kRuUZDayzHjHsoqxDA2Xzt0vg0=
Subject key identifier: 43:32:B3:7C:02:C3:44:23:45:B0:12:56:F2:5C:D7:50:B9:58:9B:AB
Authority key identifier: 3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
Certificate issuer: /CN=3e424e245a64324a68731dd26f30c685baa8a678
Certificate serial: 019A4D3CE88E827734AEE4598AEEFA75B1FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 05:00:28 +0000
Manifest this update: Tue 04 Nov 2025 05:00:28 +0000
Manifest next update: Wed 05 Nov 2025 05:00:28 +0000
Files and hashes: 1: 9BKbZIRd9-X7DwnbmN0tiFBfwDk.roa (hash: sc6ZIVElHs/p3IrdFGLfeuXuK5hZseBYNoiFQsWbBIY=)
2: PkJOJFpkMkpocx3SbzDGhbqopng.crl (hash: fqYTO5hzsXyU5i106L2Ap5+0byQbwMehO4bzhjoe3x0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 05:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3c:e8:8e:82:77:34:ae:e4:59:8a:ee:fa:75:b1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e424e245a64324a68731dd26f30c685baa8a678
Validity
Not Before: Nov 4 05:00:28 2025 GMT
Not After : Nov 5 05:00:28 2025 GMT
Subject: CN=4332b37c02c3442345b01256f25cd750b9589bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:5e:91:96:5a:30:24:d8:37:4a:7f:7a:ad:8c:
3c:72:e9:53:32:f8:7a:e9:e7:78:d5:2a:73:2b:fc:
db:6a:3b:b0:be:9f:04:a2:20:33:28:ca:c1:ec:25:
54:ad:34:37:62:c7:3a:49:13:b8:11:8a:d4:53:5f:
9b:1d:1b:de:0c:b3:ec:22:2f:64:17:41:39:e7:6d:
28:5c:56:73:9b:cf:f9:77:dd:ed:2d:0e:d0:9f:ca:
29:da:67:24:cc:f4:36:98:0e:16:ce:94:01:3c:34:
ec:40:e9:ce:ea:e2:a3:3f:5e:47:0f:cc:72:9f:5d:
b9:ea:7a:99:56:9b:06:9b:5f:83:d6:fe:c2:0b:11:
f9:fa:61:a5:e6:96:3a:43:22:cd:05:04:4b:22:16:
41:f5:cf:b8:f8:38:85:8d:26:f6:e2:b7:ca:94:d4:
80:59:06:b8:fb:78:0e:0f:5a:7e:78:c6:72:38:68:
8c:a7:b6:6b:82:96:32:e9:d3:80:a4:ac:2f:b8:01:
e3:75:89:e5:20:85:a5:1c:c8:df:dd:00:d0:3d:b3:
fe:48:dd:06:40:ba:ca:8c:af:22:56:d5:1e:26:73:
54:44:24:cd:0f:f7:75:b6:e9:cd:82:6e:69:b9:5b:
50:86:88:2b:81:d3:46:a8:bd:e6:5c:cb:c1:5d:e8:
ad:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:32:B3:7C:02:C3:44:23:45:B0:12:56:F2:5C:D7:50:B9:58:9B:AB
X509v3 Authority Key Identifier:
keyid:3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:83:c0:1c:cc:77:6f:43:42:6d:73:33:25:5b:f2:7d:34:79:
13:cf:d7:62:ff:89:07:88:dd:f0:e8:e7:5e:35:0a:b5:04:c2:
dc:2f:58:6b:c9:11:9b:5d:c8:99:1d:0c:fd:3e:53:7f:6b:13:
bf:c9:f0:87:3c:11:8a:b8:44:ef:e2:03:c6:a1:05:39:51:fb:
b1:ec:4e:68:1f:2b:84:57:b9:0b:30:ed:6a:ec:ce:ff:79:e4:
8c:9e:f9:5f:78:c1:26:d1:a6:72:94:f6:fb:b4:9d:8d:59:02:
fd:e6:d4:f7:de:34:a5:d2:a7:73:98:f4:f3:84:57:0c:1a:0d:
7b:b6:61:9b:a7:f0:4d:a1:c2:ac:18:db:c7:e7:93:da:28:1b:
6c:d5:1b:53:19:b8:29:35:3f:b6:fb:74:9e:68:7c:4f:50:b2:
c6:dd:f3:51:4d:32:a9:bb:d7:d9:d5:0e:b6:b8:37:3e:58:ae:
6f:bb:5e:b8:fc:b0:0d:c7:0c:c1:eb:0a:a7:f6:8b:08:03:f1:
fc:9d:ac:78:96:a4:c9:05:3e:41:08:98:a0:41:e1:3c:92:5a:
e0:b9:2b:0a:1b:eb:72:7d:45:30:da:ae:db:2c:8f:24:c7:90:
a5:ee:71:5f:53:4a:8d:14:2b:65:6f:20:db:a1:5f:99:e9:09:
59:e9:3c:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNPOiOgnc0ruRZiu76dbH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDI0ZTI0NWE2NDMyNGE2ODczMWRkMjZmMzBjNjg1YmFh
OGE2NzgwHhcNMjUxMTA0MDUwMDI4WhcNMjUxMTA1MDUwMDI4WjAzMTEwLwYDVQQD
Eyg0MzMyYjM3YzAyYzM0NDIzNDViMDEyNTZmMjVjZDc1MGI5NTg5YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5V6RllowJNg3Sn96rYw8culTMvh6
6ed41SpzK/zbajuwvp8EoiAzKMrB7CVUrTQ3Ysc6SRO4EYrUU1+bHRveDLPsIi9k
F0E5520oXFZzm8/5d93tLQ7Qn8op2mckzPQ2mA4WzpQBPDTsQOnO6uKjP15HD8xy
n1256nqZVpsGm1+D1v7CCxH5+mGl5pY6QyLNBQRLIhZB9c+4+DiFjSb24rfKlNSA
WQa4+3gOD1p+eMZyOGiMp7ZrgpYy6dOApKwvuAHjdYnlIIWlHMjf3QDQPbP+SN0G
QLrKjK8iVtUeJnNURCTND/d1tunNgm5puVtQhogrgdNGqL3mXMvBXeitIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMys3wCw0QjRbASVvJc11C5WJurMB8GA1UdIwQY
MBaAFD5CTiRaZDJKaHMd0m8wxoW6qKZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQt
NTRkYTA0NjhmZGFkLzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQtNTRkYTA0NjhmZGFk
LzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk4PAHMx3
b0NCbXMzJVvyfTR5E8/XYv+JB4jd8OjnXjUKtQTC3C9Ya8kRm13ImR0M/T5Tf2sT
v8nwhzwRirhE7+IDxqEFOVH7sexOaB8rhFe5CzDtauzO/3nkjJ75X3jBJtGmcpT2
+7SdjVkC/ebU9940pdKnc5j084RXDBoNe7Zhm6fwTaHCrBjbx+eT2igbbNUbUxm4
KTU/tvt0nmh8T1Cyxt3zUU0yqbvX2dUOtrg3Pliub7teuPywDccMwesKp/aLCAPx
/J2seJakyQU+QQiYoEHhPJJa4LkrChvrcn1FMNqu2yyPJMeQpe5xX1NKjRQrZW8g
26FfmekJWek8Pg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:22:18 2025 by rpki-client