Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
File: PxckOVmdfaUleXiZvyE7jmNVSRQ.mft (raw, json)
Hash identifier: FCciY1zQQVoBs0I/cPNtuD0I3NqGSSSm6SgseFlDg24=
Subject key identifier: 40:B2:68:22:59:A7:C2:F1:F0:D5:21:EC:3B:93:06:31:E7:5E:A2:68
Authority key identifier: 3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
Certificate issuer: /CN=3f172439599d7da525797899bf213b8e63554914
Certificate serial: 0199387015FC4985D93A9D5B6411DCF6A5D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
Manifest number: 160E
Signing time: Thu 11 Sep 2025 11:01:33 +0000
Manifest this update: Thu 11 Sep 2025 11:01:33 +0000
Manifest next update: Fri 12 Sep 2025 11:01:33 +0000
Files and hashes: 1: ET0yOb6N2KPn9sEOeciwveLzfFQ.roa (hash: 5UaUVXzPjnKQ9N0meCwxNszuKgkyrbDITbh3/+eJ6rg=)
2: PxckOVmdfaUleXiZvyE7jmNVSRQ.crl (hash: KCl5Vv/MYVxKMXIvPyj6Ssx5tFYJn1r+uuo2Zh3isaI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:70:15:fc:49:85:d9:3a:9d:5b:64:11:dc:f6:a5:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f172439599d7da525797899bf213b8e63554914
Validity
Not Before: Sep 11 11:01:33 2025 GMT
Not After : Sep 12 11:01:33 2025 GMT
Subject: CN=40b2682259a7c2f1f0d521ec3b930631e75ea268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:52:f2:8b:d8:28:4f:57:d0:c6:92:55:02:4a:
cc:59:df:ff:84:91:6d:43:6a:87:12:96:9f:5f:07:
9e:d1:d9:0b:bc:6c:66:ff:52:e9:1e:aa:31:00:22:
22:11:c8:07:3b:b1:97:d9:86:a7:43:87:24:65:8c:
57:18:bf:37:16:2b:5e:df:bb:e5:8d:aa:8f:5f:17:
b9:3a:e4:10:c8:18:91:f8:31:fe:e3:2f:01:b3:bb:
e5:a0:87:79:9f:1e:b6:61:2d:0e:2f:5d:67:43:ca:
8f:57:67:18:70:8f:9a:ca:35:58:92:0d:34:d8:5b:
c6:4a:bb:8c:14:15:48:91:2b:ef:d5:bc:97:1b:bb:
50:18:d4:ff:c3:9b:5f:71:45:e6:5a:92:70:c3:c1:
f9:15:9c:10:04:af:6c:90:29:63:c9:0e:3f:3e:c0:
7c:1a:c5:64:2b:3f:80:6c:8b:46:06:6a:74:68:0e:
1b:dc:1e:1c:46:48:8d:19:a4:35:7b:b4:fd:87:35:
df:b5:23:32:2a:4d:22:9f:5a:f5:ae:ac:90:95:95:
71:84:29:61:3b:0c:3c:b0:26:92:f7:9a:47:f2:86:
00:ce:4d:dd:c3:b0:79:d0:f9:9f:64:83:fa:74:23:
38:fa:c8:9b:50:f2:a8:67:cd:ea:b4:5e:56:4f:6a:
0b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B2:68:22:59:A7:C2:F1:F0:D5:21:EC:3B:93:06:31:E7:5E:A2:68
X509v3 Authority Key Identifier:
keyid:3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:7c:2e:87:ec:41:da:b4:3f:82:56:17:09:aa:b0:94:4f:0a:
9e:de:54:a5:ad:32:b1:a9:36:03:44:d3:00:a4:7a:b1:13:32:
d9:4e:96:6c:b1:b6:b6:fb:22:d5:28:a7:d1:09:b1:ac:85:08:
56:0f:f8:7e:17:5b:f0:61:d4:47:f2:99:45:39:a8:e8:0d:15:
1e:7c:da:aa:87:6e:80:2f:f5:d4:44:ce:cb:ae:76:43:f7:74:
6a:59:b8:18:e8:9a:09:74:e1:1b:55:14:6f:38:0b:2c:68:9f:
61:1f:dd:6b:e8:13:3d:f7:0e:c6:f1:fe:6c:b8:aa:95:94:bf:
71:65:5c:76:b4:fc:4a:ed:03:cd:72:dd:ee:c6:d5:51:1a:84:
b4:4f:5d:e9:fd:1f:00:16:98:dc:eb:e7:f2:28:e3:88:34:9b:
a4:9d:5a:a8:b3:48:19:27:49:81:9b:56:65:37:05:07:9a:22:
46:dc:1d:c5:9d:11:a6:c7:b8:6e:b1:f5:e5:17:65:9a:45:fc:
fc:54:f1:a6:0e:7c:bc:4c:9e:9c:a2:65:01:3c:96:f7:72:57:
35:d5:7e:81:71:38:90:00:c1:ff:3b:b4:36:5f:d6:1c:a5:db:
25:ab:52:83:3f:12:80:9f:25:d9:49:02:4e:dd:07:dd:a5:07:
32:88:c5:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk4cBX8SYXZOp1bZBHc9qXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMTcyNDM5NTk5ZDdkYTUyNTc5Nzg5OWJmMjEzYjhlNjM1
NTQ5MTQwHhcNMjUwOTExMTEwMTMzWhcNMjUwOTEyMTEwMTMzWjAzMTEwLwYDVQQD
Eyg0MGIyNjgyMjU5YTdjMmYxZjBkNTIxZWMzYjkzMDYzMWU3NWVhMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFLyi9goT1fQxpJVAkrMWd//hJFt
Q2qHEpafXwee0dkLvGxm/1LpHqoxACIiEcgHO7GX2YanQ4ckZYxXGL83Fite37vl
jaqPXxe5OuQQyBiR+DH+4y8Bs7vloId5nx62YS0OL11nQ8qPV2cYcI+ayjVYkg00
2FvGSruMFBVIkSvv1byXG7tQGNT/w5tfcUXmWpJww8H5FZwQBK9skCljyQ4/PsB8
GsVkKz+AbItGBmp0aA4b3B4cRkiNGaQ1e7T9hzXftSMyKk0in1r1rqyQlZVxhClh
Oww8sCaS95pH8oYAzk3dw7B50PmfZIP6dCM4+sibUPKoZ83qtF5WT2oLlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECyaCJZp8Lx8NUh7DuTBjHnXqJoMB8GA1UdIwQY
MBaAFD8XJDlZnX2lJXl4mb8hO45jVUkUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEt
ODg3MzMxZWZiNzE1LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEtODg3MzMxZWZiNzE1
LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3wuh+xB
2rQ/glYXCaqwlE8Knt5Upa0ysak2A0TTAKR6sRMy2U6WbLG2tvsi1Sin0QmxrIUI
Vg/4fhdb8GHUR/KZRTmo6A0VHnzaqodugC/11ETOy652Q/d0alm4GOiaCXThG1UU
bzgLLGifYR/da+gTPfcOxvH+bLiqlZS/cWVcdrT8Su0DzXLd7sbVURqEtE9d6f0f
ABaY3Ovn8ijjiDSbpJ1aqLNIGSdJgZtWZTcFB5oiRtwdxZ0Rpse4brH15RdlmkX8
/FTxpg58vEyenKJlATyW93JXNdV+gXE4kADB/zu0Nl/WHKXbJatSgz8SgJ8l2UkC
Tt0H3aUHMojFUQ==
-----END CERTIFICATE-----
Generated at Thu Sep 11 13:00:59 2025 by rpki-client