Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.mft
File: pKqbzQbqbFZd2QfKBOUHfWjAZk8.mft (raw, json)
Hash identifier: 19BCR+Se7mQwBcsjk6mk9T5ECMNCV0XW5qvwvWVFfHY=
Subject key identifier: 33:E6:BA:6A:C2:62:F6:2D:43:B8:FA:88:78:DC:5B:6A:C6:4E:F6:1F
Authority key identifier: A4:AA:9B:CD:06:EA:6C:56:5D:D9:07:CA:04:E5:07:7D:68:C0:66:4F
Certificate issuer: /CN=a4aa9bcd06ea6c565dd907ca04e5077d68c0664f
Certificate serial: 019A714A1097EF1714C573FDFB33CD488A59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 05:01:10 +0000
Manifest this update: Tue 11 Nov 2025 05:01:10 +0000
Manifest next update: Wed 12 Nov 2025 05:01:10 +0000
Files and hashes: 1: pKqbzQbqbFZd2QfKBOUHfWjAZk8.crl (hash: 99DplPH5+vve8C9lG+93OfMv4sBp0PunTUxf5monsjA=)
2: vUo_vlJ6sLUoSusR9Owa3qVO6yc.roa (hash: tQbWOVu74034awYo0QKVFApUcQf9SPwefFwA/Lt3iQE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:10:97:ef:17:14:c5:73:fd:fb:33:cd:48:8a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4aa9bcd06ea6c565dd907ca04e5077d68c0664f
Validity
Not Before: Nov 11 05:01:10 2025 GMT
Not After : Nov 12 05:01:10 2025 GMT
Subject: CN=33e6ba6ac262f62d43b8fa8878dc5b6ac64ef61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:51:0a:44:5d:5a:c4:7d:a0:e5:38:32:9e:68:
78:ea:8e:3e:65:77:e2:99:30:f2:f6:7d:30:5f:98:
13:aa:32:b7:02:e0:2d:9f:54:60:72:36:2e:9f:49:
f3:74:c5:d4:98:b8:8e:5f:69:69:4f:f4:dd:ef:b2:
36:3a:8c:96:2a:6e:99:04:ec:46:41:82:e8:fa:f7:
5f:7a:4f:28:b9:92:09:33:35:2c:77:20:a0:0a:a1:
21:f9:30:07:12:a4:c5:4a:4f:cb:88:42:06:81:35:
19:b5:e8:22:8b:3a:47:36:a6:15:51:8b:bb:21:22:
0f:0b:60:b9:8c:86:df:ac:0c:bc:77:65:a9:49:40:
25:76:a7:d8:d3:a4:17:cf:4e:42:3b:30:8b:58:5c:
e5:e0:d0:da:5f:e5:ba:43:24:65:84:62:83:e5:1e:
ce:17:fd:e2:44:1c:6a:06:62:99:27:42:af:e7:be:
85:9f:c1:f0:99:f5:17:f7:2c:67:5f:9b:4a:1e:1a:
b7:3e:69:12:79:8d:cb:e9:70:82:01:97:6b:28:15:
71:24:30:89:92:15:98:43:e6:60:eb:75:00:e0:30:
50:d0:e8:a5:ee:78:fd:04:62:e6:29:e6:28:7b:4a:
42:80:4e:f5:4b:b8:c6:0a:8b:90:79:cf:f9:a8:fe:
d2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E6:BA:6A:C2:62:F6:2D:43:B8:FA:88:78:DC:5B:6A:C6:4E:F6:1F
X509v3 Authority Key Identifier:
keyid:A4:AA:9B:CD:06:EA:6C:56:5D:D9:07:CA:04:E5:07:7D:68:C0:66:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:c4:89:92:a2:1f:5f:e4:22:61:2c:da:9a:20:3d:ed:6a:e8:
29:59:92:8a:c4:48:ba:0f:c7:55:ac:ae:b1:52:3b:65:4e:49:
2a:e7:1e:f3:54:19:4f:15:d3:74:0a:d6:6c:7b:4a:e9:b7:d6:
15:35:ee:ad:c5:54:bd:c2:c4:4b:56:a9:da:f0:19:b3:7f:61:
51:a9:d2:6b:21:15:14:8b:d1:24:d9:74:5a:3a:cc:37:3b:39:
73:91:57:e6:39:1b:71:e2:26:dd:e9:80:71:91:c6:6a:d0:02:
ef:00:0e:47:3f:2f:78:0c:c7:76:2b:dc:8a:b6:b8:14:f9:3d:
a2:57:5f:f1:77:12:56:de:66:59:88:19:e2:b0:73:3d:40:8a:
a0:5d:1f:1a:a0:b0:6c:c2:ee:bf:32:9d:11:48:6c:36:0a:dc:
a7:9f:66:71:9b:b1:31:48:ed:67:20:f3:6a:47:23:ae:e1:9e:
e7:dc:c4:c1:54:6b:4b:a7:cf:b9:6b:07:b4:d9:8f:d5:97:5d:
b1:36:e5:a6:9c:87:dd:7f:06:87:5b:f4:31:5f:ae:9c:3e:43:
70:63:f1:c9:48:ba:43:e2:40:f0:68:0a:eb:5b:eb:f8:25:53:
5e:c1:fc:06:e6:47:a4:47:a4:43:72:52:b4:8e:bb:13:0b:5b:
01:5b:12:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxShCX7xcUxXP9+zPNSIpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YWE5YmNkMDZlYTZjNTY1ZGQ5MDdjYTA0ZTUwNzdkNjhj
MDY2NGYwHhcNMjUxMTExMDUwMTEwWhcNMjUxMTEyMDUwMTEwWjAzMTEwLwYDVQQD
EygzM2U2YmE2YWMyNjJmNjJkNDNiOGZhODg3OGRjNWI2YWM2NGVmNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21EKRF1axH2g5Tgynmh46o4+ZXfi
mTDy9n0wX5gTqjK3AuAtn1RgcjYun0nzdMXUmLiOX2lpT/Td77I2OoyWKm6ZBOxG
QYLo+vdfek8ouZIJMzUsdyCgCqEh+TAHEqTFSk/LiEIGgTUZtegiizpHNqYVUYu7
ISIPC2C5jIbfrAy8d2WpSUAldqfY06QXz05COzCLWFzl4NDaX+W6QyRlhGKD5R7O
F/3iRBxqBmKZJ0Kv576Fn8HwmfUX9yxnX5tKHhq3PmkSeY3L6XCCAZdrKBVxJDCJ
khWYQ+Zg63UA4DBQ0Oil7nj9BGLmKeYoe0pCgE71S7jGCouQec/5qP7SXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPmumrCYvYtQ7j6iHjcW2rGTvYfMB8GA1UdIwQY
MBaAFKSqm80G6mxWXdkHygTlB31owGZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtxYnpRYnFiRlpkMlFmS0JPVUhmV2pBWms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wNTJmNGMtYmUzYy00ZDE5LWFhMDQt
MGFiOGRkOWViYWIxLzEvcEtxYnpRYnFiRlpkMlFmS0JPVUhmV2pBWms4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wNTJmNGMtYmUzYy00ZDE5LWFhMDQtMGFiOGRkOWViYWIx
LzEvcEtxYnpRYnFiRlpkMlFmS0JPVUhmV2pBWms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMSJkqIf
X+QiYSzamiA97WroKVmSisRIug/HVayusVI7ZU5JKuce81QZTxXTdArWbHtK6bfW
FTXurcVUvcLES1ap2vAZs39hUanSayEVFIvRJNl0WjrMNzs5c5FX5jkbceIm3emA
cZHGatAC7wAORz8veAzHdivcira4FPk9oldf8XcSVt5mWYgZ4rBzPUCKoF0fGqCw
bMLuvzKdEUhsNgrcp59mcZuxMUjtZyDzakcjruGe59zEwVRrS6fPuWsHtNmP1Zdd
sTblppyH3X8Gh1v0MV+unD5DcGPxyUi6Q+JA8GgK61vr+CVTXsH8BuZHpEekQ3JS
tI67EwtbAVsSHg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:38:22 2025 by rpki-client