Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft
File: PZlE6PVlGxvS8KngBoZfOmuB62E.mft (raw, json)
Hash identifier: WeSGY+ttOuULZHwPDY1yL1JcYPG2fWhjWhQg5n7mzHg=
Subject key identifier: DA:20:BC:02:F3:D6:97:CE:BD:91:A3:7A:E3:26:88:B3:EF:37:83:A9
Authority key identifier: 3D:99:44:E8:F5:65:1B:1B:D2:F0:A9:E0:06:86:5F:3A:6B:81:EB:61
Certificate issuer: /CN=3d9944e8f5651b1bd2f0a9e006865f3a6b81eb61
Certificate serial: 019A71B8D5E62E28B9556E7CF8466E0FDF52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZlE6PVlGxvS8KngBoZfOmuB62E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 07:02:09 +0000
Manifest this update: Tue 11 Nov 2025 07:02:09 +0000
Manifest next update: Wed 12 Nov 2025 07:02:09 +0000
Files and hashes: 1: PZlE6PVlGxvS8KngBoZfOmuB62E.crl (hash: TdNy0AC13+65zXeoL9cFpBxX85pd1AubI/QJ/ASbQJA=)
2: tlchQmDxgjTRo1pLaspfZw12O3A.roa (hash: 6bDu460ilvbyFwMJbm1Vw+QewREO9nGYqnB3iYaAR4Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft
rsync://rpki.ripe.net/repository/DEFAULT/PZlE6PVlGxvS8KngBoZfOmuB62E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:d5:e6:2e:28:b9:55:6e:7c:f8:46:6e:0f:df:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d9944e8f5651b1bd2f0a9e006865f3a6b81eb61
Validity
Not Before: Nov 11 07:02:09 2025 GMT
Not After : Nov 12 07:02:09 2025 GMT
Subject: CN=da20bc02f3d697cebd91a37ae32688b3ef3783a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:57:51:2c:ca:cc:94:c2:de:44:87:12:ee:9e:
c6:47:28:8c:64:1d:c0:80:0f:2e:99:2c:48:5f:d4:
16:ca:1d:30:02:95:f4:5d:cd:24:76:05:b8:c2:f0:
27:a1:78:9e:29:d7:19:7c:fc:9c:02:94:35:b8:1f:
47:9f:4b:ca:72:ee:c0:98:f0:87:bf:e6:03:7b:ab:
c0:19:5f:e2:14:97:62:2f:66:db:8e:0f:a6:f8:17:
a9:4d:e3:21:ac:14:71:c3:8a:31:f9:9d:91:75:b2:
6c:71:08:51:0b:9e:70:51:6e:69:91:61:0e:4a:fe:
22:27:65:9f:a3:c5:6a:d0:b2:12:f0:9c:55:c4:a1:
d5:18:b3:a1:36:6d:cb:5b:17:d5:d6:83:6f:6b:0b:
f9:d9:cf:86:a8:49:e4:48:aa:b3:8f:04:19:00:9d:
f9:d4:de:60:f7:f5:64:a3:7d:4b:40:f4:e4:44:09:
63:2a:c9:18:85:1a:ee:62:32:e7:35:22:49:da:ac:
b6:94:e6:08:c6:3e:3d:a6:d6:9d:05:07:1f:53:83:
c2:dd:6d:85:ae:9a:c0:ca:2f:62:45:41:47:55:53:
7a:5b:ed:e7:2a:a6:fc:27:f4:56:92:a8:35:ae:32:
e4:69:de:fd:56:4e:d8:cf:4c:a7:d3:22:2f:63:8c:
a7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:20:BC:02:F3:D6:97:CE:BD:91:A3:7A:E3:26:88:B3:EF:37:83:A9
X509v3 Authority Key Identifier:
keyid:3D:99:44:E8:F5:65:1B:1B:D2:F0:A9:E0:06:86:5F:3A:6B:81:EB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZlE6PVlGxvS8KngBoZfOmuB62E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:57:86:be:3c:c9:2b:2c:0d:52:b1:20:2c:d6:52:ec:36:94:
df:c5:07:f1:67:4f:4b:ef:10:78:ad:6c:5f:e5:6e:83:fd:b7:
3a:86:26:fe:87:14:02:13:f7:e8:dc:5e:e5:e8:bb:01:63:2d:
2a:b0:25:32:c5:b4:3d:b4:a9:e9:38:52:a2:e7:c1:0d:af:2d:
64:5f:06:d4:1f:51:4e:45:44:e3:de:ea:8f:9a:b0:b3:e3:1f:
8e:cc:82:f6:1d:59:1d:42:f4:b9:15:30:84:9a:e3:95:41:6a:
8d:b5:06:51:d8:cb:8b:73:be:36:1d:58:c3:0b:ad:a9:23:1f:
b5:5f:c3:05:49:7b:82:cd:b8:97:ec:c1:a0:19:24:8d:00:75:
3d:90:96:3d:f1:04:81:96:8c:cd:ba:35:89:d6:9c:e4:0c:5a:
1f:35:ef:05:4b:d6:2a:ec:70:9b:c6:9b:6d:24:2b:39:d0:0a:
eb:70:a3:44:5e:77:0b:76:25:c1:b0:ea:84:0b:a0:95:98:d0:
47:f6:96:1b:b2:33:43:75:9b:6c:3d:52:21:09:1b:fc:23:ab:
20:9d:86:87:f1:bf:56:4f:53:3a:e1:8f:ec:28:6e:40:6e:7f:
4b:f1:48:a8:69:ac:cd:5e:83:53:d9:7a:e6:d7:c7:89:92:6b:
c4:15:72:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNXmLii5VW58+EZuD99SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTk0NGU4ZjU2NTFiMWJkMmYwYTllMDA2ODY1ZjNhNmI4
MWViNjEwHhcNMjUxMTExMDcwMjA5WhcNMjUxMTEyMDcwMjA5WjAzMTEwLwYDVQQD
EyhkYTIwYmMwMmYzZDY5N2NlYmQ5MWEzN2FlMzI2ODhiM2VmMzc4M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FdRLMrMlMLeRIcS7p7GRyiMZB3A
gA8umSxIX9QWyh0wApX0Xc0kdgW4wvAnoXieKdcZfPycApQ1uB9Hn0vKcu7AmPCH
v+YDe6vAGV/iFJdiL2bbjg+m+BepTeMhrBRxw4ox+Z2RdbJscQhRC55wUW5pkWEO
Sv4iJ2Wfo8Vq0LIS8JxVxKHVGLOhNm3LWxfV1oNvawv52c+GqEnkSKqzjwQZAJ35
1N5g9/Vko31LQPTkRAljKskYhRruYjLnNSJJ2qy2lOYIxj49ptadBQcfU4PC3W2F
rprAyi9iRUFHVVN6W+3nKqb8J/RWkqg1rjLkad79Vk7Yz0yn0yIvY4ynYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNogvALz1pfOvZGjeuMmiLPvN4OpMB8GA1UdIwQY
MBaAFD2ZROj1ZRsb0vCp4AaGXzprgethMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpsRTZQVmxHeHZTOEtuZ0JvWmZPbXVCNjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80YmZmNzItYmE1Yi00NTI4LThjNDIt
N2Y2YjlmMTA0MGZkLzEvUFpsRTZQVmxHeHZTOEtuZ0JvWmZPbXVCNjJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80YmZmNzItYmE1Yi00NTI4LThjNDItN2Y2YjlmMTA0MGZk
LzEvUFpsRTZQVmxHeHZTOEtuZ0JvWmZPbXVCNjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1eGvjzJ
KywNUrEgLNZS7DaU38UH8WdPS+8QeK1sX+Vug/23OoYm/ocUAhP36Nxe5ei7AWMt
KrAlMsW0PbSp6ThSoufBDa8tZF8G1B9RTkVE497qj5qws+MfjsyC9h1ZHUL0uRUw
hJrjlUFqjbUGUdjLi3O+Nh1YwwutqSMftV/DBUl7gs24l+zBoBkkjQB1PZCWPfEE
gZaMzbo1idac5AxaHzXvBUvWKuxwm8abbSQrOdAK63CjRF53C3YlwbDqhAuglZjQ
R/aWG7IzQ3WbbD1SIQkb/COrIJ2Gh/G/Vk9TOuGP7ChuQG5/S/FIqGmszV6DU9l6
5tfHiZJrxBVy/g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:00:25 2025 by rpki-client