Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/dd6518-bf35-4c58-b81b-94b1493df1f2/1/PKap1LWSRrTjNhThpLWRthGOihU.mft
File: PKap1LWSRrTjNhThpLWRthGOihU.mft (raw, json)
Hash identifier: 7NstF/4i9f4ARcKCHwjGJ7X73h7Cbz/YZw0PM4781zE=
Subject key identifier: 8C:6F:05:6C:F2:BF:77:12:54:EB:DC:8A:A6:CF:68:BF:D0:D3:20:EF
Authority key identifier: 3C:A6:A9:D4:B5:92:46:B4:E3:36:14:E1:A4:B5:91:B6:11:8E:8A:15
Certificate issuer: /CN=3ca6a9d4b59246b4e33614e1a4b591b6118e8a15
Certificate serial: 019A71B8CF25BEC1B7128FBDDA66106E3FC4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PKap1LWSRrTjNhThpLWRthGOihU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/dd6518-bf35-4c58-b81b-94b1493df1f2/1/PKap1LWSRrTjNhThpLWRthGOihU.mft
Manifest number: 12C2
Signing time: Tue 11 Nov 2025 07:02:08 +0000
Manifest this update: Tue 11 Nov 2025 07:02:08 +0000
Manifest next update: Wed 12 Nov 2025 07:02:08 +0000
Files and hashes: 1: PKap1LWSRrTjNhThpLWRthGOihU.crl (hash: A2Kq73DLPUCRYOlT548D6+6fsUxVj2At2Ab2RHwsNlw=)
2: Szhjvm0y4QI0uwIjWJbCdPZPvps.roa (hash: Y0iaHG2LAJbIgjzTxyOFn6Uuz+FyO1yYuNhr0qnz3To=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/dd6518-bf35-4c58-b81b-94b1493df1f2/1/PKap1LWSRrTjNhThpLWRthGOihU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/dd6518-bf35-4c58-b81b-94b1493df1f2/1/PKap1LWSRrTjNhThpLWRthGOihU.mft
rsync://rpki.ripe.net/repository/DEFAULT/PKap1LWSRrTjNhThpLWRthGOihU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:cf:25:be:c1:b7:12:8f:bd:da:66:10:6e:3f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ca6a9d4b59246b4e33614e1a4b591b6118e8a15
Validity
Not Before: Nov 11 07:02:08 2025 GMT
Not After : Nov 12 07:02:08 2025 GMT
Subject: CN=8c6f056cf2bf771254ebdc8aa6cf68bfd0d320ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:86:a7:3c:4d:d2:b8:20:11:11:72:67:d5:11:
a8:ce:14:95:f8:5c:2a:ec:ee:24:63:56:ef:96:6c:
90:a2:62:fe:b9:ed:26:93:ae:39:29:37:0e:ef:84:
f0:41:09:12:8c:1c:e5:98:9f:bd:de:cb:b1:c6:2f:
0a:bf:84:9b:53:5f:d1:4f:73:f4:02:62:8e:51:92:
d2:e4:de:86:8c:a3:45:3b:61:89:0a:b0:dc:69:88:
ac:16:ec:b7:9f:3a:aa:73:3a:92:4c:03:16:1d:d4:
60:5d:74:f1:58:e4:8b:db:3d:bf:37:f4:db:74:8c:
9c:28:35:bf:cd:d3:3b:10:d6:ab:56:a5:dd:db:fe:
3e:51:b2:3f:51:d6:56:a9:af:27:df:2f:9c:10:bb:
4e:16:8a:ab:e0:89:69:3e:fc:64:2a:4d:4f:00:05:
d4:e9:aa:5d:96:d3:da:59:2b:74:6d:a7:89:6f:db:
05:58:93:6e:d3:7e:23:8a:c5:de:08:6c:86:ea:3c:
14:45:aa:c5:38:4e:32:19:33:8f:91:42:4e:3b:78:
7c:f9:c2:41:85:99:3d:15:2c:b0:0b:c9:26:90:a8:
19:2c:b3:db:46:0b:d5:2f:50:9d:5f:51:3c:38:4d:
09:4b:f4:20:26:77:1f:b7:a3:ef:2a:7f:63:2a:29:
08:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6F:05:6C:F2:BF:77:12:54:EB:DC:8A:A6:CF:68:BF:D0:D3:20:EF
X509v3 Authority Key Identifier:
keyid:3C:A6:A9:D4:B5:92:46:B4:E3:36:14:E1:A4:B5:91:B6:11:8E:8A:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKap1LWSRrTjNhThpLWRthGOihU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/dd6518-bf35-4c58-b81b-94b1493df1f2/1/PKap1LWSRrTjNhThpLWRthGOihU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/dd6518-bf35-4c58-b81b-94b1493df1f2/1/PKap1LWSRrTjNhThpLWRthGOihU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:2a:11:23:39:a0:e0:88:4b:09:68:ff:15:e3:42:f2:f7:e6:
0f:42:90:3b:db:40:ea:2d:a3:6f:80:23:74:64:e4:da:97:35:
ba:9b:f8:5e:a1:45:a0:89:39:cb:b1:44:c4:99:c2:84:35:92:
38:31:be:e9:d9:2d:e2:7c:f0:28:25:d5:69:e4:f6:25:8f:97:
0e:73:13:84:55:76:c5:3d:b1:d9:a2:0d:0b:88:80:13:32:5d:
a6:01:ea:2e:10:97:41:c1:6e:d8:24:8a:6f:68:6f:a2:46:ca:
91:88:2d:2a:31:37:84:10:32:60:05:ee:ee:85:40:81:d1:55:
b8:aa:b0:be:be:11:97:a5:52:91:d5:93:4f:74:9f:ed:e2:56:
6c:c9:d4:bb:60:71:2f:ca:51:39:4e:3b:f4:f7:bc:ae:c3:13:
66:d7:c9:7a:18:97:89:34:40:b2:8f:ec:6c:aa:f3:4d:2a:f2:
3b:41:a8:15:2a:d3:2f:64:54:4b:af:3e:12:c9:5f:d4:51:47:
e2:3f:39:30:84:76:42:43:c5:cb:99:05:c5:a7:dd:d0:97:fd:
9a:72:92:28:54:95:de:90:c2:62:6f:45:2e:15:d4:23:9b:1b:
e6:2f:8f:71:c3:4e:17:72:01:79:17:b3:2a:63:6d:04:78:00:
a3:b0:ac:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuM8lvsG3Eo+92mYQbj/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYTZhOWQ0YjU5MjQ2YjRlMzM2MTRlMWE0YjU5MWI2MTE4
ZThhMTUwHhcNMjUxMTExMDcwMjA4WhcNMjUxMTEyMDcwMjA4WjAzMTEwLwYDVQQD
Eyg4YzZmMDU2Y2YyYmY3NzEyNTRlYmRjOGFhNmNmNjhiZmQwZDMyMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74anPE3SuCAREXJn1RGozhSV+Fwq
7O4kY1bvlmyQomL+ue0mk645KTcO74TwQQkSjBzlmJ+93suxxi8Kv4SbU1/RT3P0
AmKOUZLS5N6GjKNFO2GJCrDcaYisFuy3nzqqczqSTAMWHdRgXXTxWOSL2z2/N/Tb
dIycKDW/zdM7ENarVqXd2/4+UbI/UdZWqa8n3y+cELtOFoqr4IlpPvxkKk1PAAXU
6apdltPaWSt0baeJb9sFWJNu034jisXeCGyG6jwURarFOE4yGTOPkUJOO3h8+cJB
hZk9FSywC8kmkKgZLLPbRgvVL1CdX1E8OE0JS/QgJncft6PvKn9jKikItQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxvBWzyv3cSVOvciqbPaL/Q0yDvMB8GA1UdIwQY
MBaAFDymqdS1kka04zYU4aS1kbYRjooVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEthcDFMV1NSclRqTmhUaHBMV1J0aEdPaWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kZDY1MTgtYmYzNS00YzU4LWI4MWIt
OTRiMTQ5M2RmMWYyLzEvUEthcDFMV1NSclRqTmhUaHBMV1J0aEdPaWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kZDY1MTgtYmYzNS00YzU4LWI4MWItOTRiMTQ5M2RmMWYy
LzEvUEthcDFMV1NSclRqTmhUaHBMV1J0aEdPaWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVCoRIzmg
4IhLCWj/FeNC8vfmD0KQO9tA6i2jb4AjdGTk2pc1upv4XqFFoIk5y7FExJnChDWS
ODG+6dkt4nzwKCXVaeT2JY+XDnMThFV2xT2x2aINC4iAEzJdpgHqLhCXQcFu2CSK
b2hvokbKkYgtKjE3hBAyYAXu7oVAgdFVuKqwvr4Rl6VSkdWTT3Sf7eJWbMnUu2Bx
L8pROU479Pe8rsMTZtfJehiXiTRAso/sbKrzTSryO0GoFSrTL2RUS68+Eslf1FFH
4j85MIR2QkPFy5kFxafd0Jf9mnKSKFSV3pDCYm9FLhXUI5sb5i+PccNOF3IBeRez
KmNtBHgAo7Cs/A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:11 2025 by rpki-client