Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
File: PnFWq-5roji5BzFd-cVShlrc2ug.mft (raw, json)
Hash identifier: AG7qaH38Mtxy5PPBF+ur1ECZaQtKQnYtiYMaD9Sor24=
Subject key identifier: 14:1C:E3:1F:22:76:17:30:B5:CF:15:E0:65:42:85:C9:DF:B2:3B:64
Authority key identifier: 3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
Certificate issuer: /CN=3e7156abee6ba238b907315df9c552865adcdae8
Certificate serial: 019848533AACAF54D5A29F8BD245E2C3C61A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
Manifest number: 0872
Signing time: Sat 26 Jul 2025 20:01:10 +0000
Manifest this update: Sat 26 Jul 2025 20:01:10 +0000
Manifest next update: Sun 27 Jul 2025 20:01:10 +0000
Files and hashes: 1: DRXIRPlz989IQESya6WStEPwwfI.roa (hash: vzHP7wdlF/pn8v84Pbfgox37vxRmFYAJNGZAwD+DkvA=)
2: PnFWq-5roji5BzFd-cVShlrc2ug.crl (hash: z9V7qBhssD+bNLkMygvIsDmqKPQBUgSHyEqDMwKevmE=)
3: QWM4nrBr-pa9JzWD2Zz8wHHbmCU.roa (hash: VKweVNYicugh0mCYY3yIR2LnHnKsWIZPY+G4TQfXJ6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:53:3a:ac:af:54:d5:a2:9f:8b:d2:45:e2:c3:c6:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7156abee6ba238b907315df9c552865adcdae8
Validity
Not Before: Jul 26 20:01:10 2025 GMT
Not After : Jul 27 20:01:10 2025 GMT
Subject: CN=141ce31f22761730b5cf15e0654285c9dfb23b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1d:d9:1c:87:49:de:83:04:68:2f:63:f3:e3:
1f:fb:73:6e:56:a4:36:9b:72:f8:5e:7e:33:a8:aa:
5d:97:8e:54:db:99:30:58:67:84:88:84:f3:a4:1d:
1d:bc:09:2f:4b:7a:aa:27:ed:6a:36:5b:35:75:b4:
5a:c5:40:41:70:24:84:e2:7a:da:13:8a:8c:89:c3:
77:2b:6e:12:81:c3:0f:a8:bf:21:02:84:fa:63:8c:
aa:9b:49:cf:78:06:ec:cf:e1:5d:aa:05:be:15:d1:
e2:0a:5d:49:fe:ba:73:12:c0:d6:94:0a:ff:1e:ac:
59:e8:58:b3:4e:e1:d6:6c:b2:cc:3a:bf:ba:69:17:
6f:7e:bd:d0:b6:d1:d3:ef:86:d1:f9:d8:96:d4:f4:
f0:27:6d:25:bd:30:53:15:fe:4c:e9:f6:1c:b7:03:
8b:fd:06:a4:6e:2b:92:1d:04:0d:f2:bc:3a:c7:0f:
fa:b5:a9:13:e1:80:49:e8:cd:96:71:39:4a:d6:9a:
70:63:24:c0:d2:80:8f:47:88:75:ce:28:88:f3:fa:
10:17:df:c6:f1:f5:1b:85:13:2d:e4:7c:a8:54:48:
61:6d:c0:43:8a:a7:90:82:d4:83:46:79:b9:d6:21:
92:53:f0:3f:bb:f4:7d:1a:36:d4:cb:3d:50:59:b1:
60:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:1C:E3:1F:22:76:17:30:B5:CF:15:E0:65:42:85:C9:DF:B2:3B:64
X509v3 Authority Key Identifier:
keyid:3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:d0:6d:14:98:4b:e8:b1:14:73:64:5c:85:01:d1:d0:52:36:
c0:7f:3f:1a:47:29:21:35:92:7c:d9:fc:27:a9:b5:1e:c7:7b:
af:3a:56:06:18:e2:4e:97:7a:fe:a8:e7:06:27:a2:a0:b5:41:
4e:6e:97:98:b5:d5:55:33:fd:6c:56:a7:57:2b:ef:71:1b:42:
4e:13:4c:d0:8b:d9:d9:e6:f5:99:b0:2f:4d:a8:19:7e:6e:85:
80:61:10:5e:b7:8a:92:22:19:d9:09:c6:4f:48:d4:a2:2e:aa:
a0:51:de:c5:62:42:f3:2c:54:0e:ff:66:41:ba:bf:c1:f9:61:
42:1b:5b:a9:3a:49:e2:24:d8:64:8f:0c:0d:19:49:f9:da:46:
7c:37:87:a5:3f:17:89:61:29:d0:f3:c2:30:74:af:3c:de:86:
ec:02:9c:c1:6c:37:64:ef:a3:62:13:6f:3a:25:39:d5:7d:c6:
e6:04:ed:43:07:e3:e7:4a:3f:8c:a3:6b:37:9e:19:53:2b:b5:
82:30:65:1e:18:d4:94:16:26:5b:d7:a9:b9:4e:11:c7:36:78:
06:cb:d6:e2:25:ba:68:e5:07:14:a6:a3:7b:60:77:5f:65:7c:
0e:78:26:5c:aa:7d:4d:89:a1:01:76:6a:d6:44:ca:1c:11:b6:
cf:16:63:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhIUzqsr1TVop+L0kXiw8YaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzE1NmFiZWU2YmEyMzhiOTA3MzE1ZGY5YzU1Mjg2NWFk
Y2RhZTgwHhcNMjUwNzI2MjAwMTEwWhcNMjUwNzI3MjAwMTEwWjAzMTEwLwYDVQQD
EygxNDFjZTMxZjIyNzYxNzMwYjVjZjE1ZTA2NTQyODVjOWRmYjIzYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx3ZHIdJ3oMEaC9j8+Mf+3NuVqQ2
m3L4Xn4zqKpdl45U25kwWGeEiITzpB0dvAkvS3qqJ+1qNls1dbRaxUBBcCSE4nra
E4qMicN3K24SgcMPqL8hAoT6Y4yqm0nPeAbsz+FdqgW+FdHiCl1J/rpzEsDWlAr/
HqxZ6FizTuHWbLLMOr+6aRdvfr3QttHT74bR+diW1PTwJ20lvTBTFf5M6fYctwOL
/QakbiuSHQQN8rw6xw/6takT4YBJ6M2WcTlK1ppwYyTA0oCPR4h1ziiI8/oQF9/G
8fUbhRMt5HyoVEhhbcBDiqeQgtSDRnm51iGSU/A/u/R9GjbUyz1QWbFgIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQc4x8idhcwtc8V4GVChcnfsjtkMB8GA1UdIwQY
MBaAFD5xVqvua6I4uQcxXfnFUoZa3NroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3Zjkt
NThmMmQ0NGZmMjgxLzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3ZjktNThmMmQ0NGZmMjgx
LzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtBtFJhL
6LEUc2RchQHR0FI2wH8/GkcpITWSfNn8J6m1Hsd7rzpWBhjiTpd6/qjnBieioLVB
Tm6XmLXVVTP9bFanVyvvcRtCThNM0IvZ2eb1mbAvTagZfm6FgGEQXreKkiIZ2QnG
T0jUoi6qoFHexWJC8yxUDv9mQbq/wflhQhtbqTpJ4iTYZI8MDRlJ+dpGfDeHpT8X
iWEp0PPCMHSvPN6G7AKcwWw3ZO+jYhNvOiU51X3G5gTtQwfj50o/jKNrN54ZUyu1
gjBlHhjUlBYmW9epuU4RxzZ4BsvW4iW6aOUHFKaje2B3X2V8DngmXKp9TYmhAXZq
1kTKHBG2zxZjag==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:26:50 2025 by rpki-client