Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
File: PEHqRBeKcCxQcAACPRSp-cRyYOY.mft (raw, json)
Hash identifier: Alktb9/QvlFWDtjEOI2po37j1MtZcx+B3jzJBRmikBU=
Subject key identifier: F2:98:C7:3A:D0:D6:88:4F:54:97:85:22:92:11:A6:96:24:50:58:F7
Authority key identifier: 3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6
Certificate issuer: /CN=3c41ea44178a702c507000023d14a9f9c47260e6
Certificate serial: 019A71B89DE85B32AB19DC5B7E35F894ECCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
Manifest number: 1123
Signing time: Tue 11 Nov 2025 07:01:55 +0000
Manifest this update: Tue 11 Nov 2025 07:01:55 +0000
Manifest next update: Wed 12 Nov 2025 07:01:55 +0000
Files and hashes: 1: PEHqRBeKcCxQcAACPRSp-cRyYOY.crl (hash: E8HE3iDo0UpDYqXEyhh+b80zLO72TMAZ820ULQbSdD0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:9d:e8:5b:32:ab:19:dc:5b:7e:35:f8:94:ec:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c41ea44178a702c507000023d14a9f9c47260e6
Validity
Not Before: Nov 11 07:01:55 2025 GMT
Not After : Nov 12 07:01:55 2025 GMT
Subject: CN=f298c73ad0d6884f549785229211a696245058f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:55:bb:05:97:d8:41:96:62:8c:52:c8:74:1f:
34:a2:02:56:3f:d4:bc:fd:f9:67:88:f3:cd:fc:fc:
7c:4a:f4:8e:21:89:e8:1e:b7:16:77:99:2c:3d:fe:
1a:61:43:66:a2:e6:34:86:e5:81:b7:16:c6:c7:a3:
4a:df:da:cb:80:27:84:bd:52:08:5c:28:8d:a9:99:
f3:2e:90:e6:83:94:78:e1:81:54:44:84:2d:4b:65:
a7:2b:28:b5:ea:e2:90:7b:ed:3f:48:76:d5:ac:70:
44:e5:b0:99:4a:b3:51:d0:a4:a9:76:56:c2:a6:91:
c1:23:e1:f6:97:9c:48:d6:5d:b2:14:e4:77:60:f1:
66:bd:4f:0a:bc:0f:36:ee:a4:f0:12:33:f1:18:0d:
00:1f:69:96:8a:a4:e1:11:58:ef:1e:8c:aa:fe:e8:
5f:d0:d1:6c:56:c3:78:10:27:f4:5b:97:5a:9c:ef:
45:c4:fb:83:b6:27:29:21:42:ba:ff:2b:d5:e7:c7:
a7:4b:e3:8f:88:29:05:76:47:1a:bd:82:a5:9d:dd:
8a:b0:92:da:54:74:46:b2:38:b0:7e:34:8d:0c:89:
62:1c:5e:83:04:aa:35:d3:a5:20:41:39:b7:cc:0e:
e2:0f:8d:1d:08:0e:77:8b:f1:1b:b1:ce:06:1b:05:
3b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:98:C7:3A:D0:D6:88:4F:54:97:85:22:92:11:A6:96:24:50:58:F7
X509v3 Authority Key Identifier:
keyid:3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:cb:74:ce:ac:59:93:18:1d:52:cb:af:8c:21:53:d9:01:55:
ad:de:70:e4:4a:f2:2f:83:0a:21:eb:ae:d6:52:8d:f1:12:dd:
64:94:9e:f9:16:b4:0c:57:0d:70:c3:7c:a3:d3:2a:8b:4e:28:
b1:22:da:e5:fb:4a:be:6a:ab:fd:69:1f:0f:00:49:e0:f8:aa:
de:37:b3:55:79:22:21:5c:34:b1:dc:5a:ea:3c:55:05:c5:9d:
fd:a3:23:4e:ff:da:05:3d:4e:6d:ce:41:9c:1b:a4:6a:62:ce:
95:5f:3b:55:33:47:b3:32:7c:db:5c:90:15:0d:81:6f:f0:ac:
4d:96:d0:60:93:57:6c:31:6a:7f:c9:46:2b:e8:b6:d1:56:54:
03:f4:1c:0a:0a:ef:ea:67:99:61:59:29:51:35:de:31:06:53:
10:1c:aa:b8:a9:3b:4f:44:06:24:72:26:6b:7b:a1:0f:60:29:
0f:ee:4f:96:30:d6:4e:c7:b0:ef:9d:be:ef:27:12:bb:32:d3:
08:a4:8c:05:f3:82:07:35:56:d1:db:c3:c8:b3:5f:1e:8e:1e:
51:a0:18:92:10:14:e9:ff:e0:fe:ec:4c:3c:b1:65:b1:09:55:
b4:c4:31:db:27:46:4e:3d:09:9b:7b:05:8e:d0:a0:f3:45:13:
aa:76:cf:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuJ3oWzKrGdxbfjX4lOzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNDFlYTQ0MTc4YTcwMmM1MDcwMDAwMjNkMTRhOWY5YzQ3
MjYwZTYwHhcNMjUxMTExMDcwMTU1WhcNMjUxMTEyMDcwMTU1WjAzMTEwLwYDVQQD
EyhmMjk4YzczYWQwZDY4ODRmNTQ5Nzg1MjI5MjExYTY5NjI0NTA1OGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVW7BZfYQZZijFLIdB80ogJWP9S8
/flniPPN/Px8SvSOIYnoHrcWd5ksPf4aYUNmouY0huWBtxbGx6NK39rLgCeEvVII
XCiNqZnzLpDmg5R44YFURIQtS2WnKyi16uKQe+0/SHbVrHBE5bCZSrNR0KSpdlbC
ppHBI+H2l5xI1l2yFOR3YPFmvU8KvA827qTwEjPxGA0AH2mWiqThEVjvHoyq/uhf
0NFsVsN4ECf0W5danO9FxPuDticpIUK6/yvV58enS+OPiCkFdkcavYKlnd2KsJLa
VHRGsjiwfjSNDIliHF6DBKo106UgQTm3zA7iD40dCA53i/Ebsc4GGwU7owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKYxzrQ1ohPVJeFIpIRppYkUFj3MB8GA1UdIwQY
MBaAFDxB6kQXinAsUHAAAj0UqfnEcmDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzIt
NzQ3MjUxZTQ5MjQyLzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzItNzQ3MjUxZTQ5MjQy
LzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuct0zqxZ
kxgdUsuvjCFT2QFVrd5w5EryL4MKIeuu1lKN8RLdZJSe+Ra0DFcNcMN8o9Mqi04o
sSLa5ftKvmqr/WkfDwBJ4Piq3jezVXkiIVw0sdxa6jxVBcWd/aMjTv/aBT1Obc5B
nBukamLOlV87VTNHszJ821yQFQ2Bb/CsTZbQYJNXbDFqf8lGK+i20VZUA/QcCgrv
6meZYVkpUTXeMQZTEByquKk7T0QGJHIma3uhD2ApD+5PljDWTsew752+7ycSuzLT
CKSMBfOCBzVW0dvDyLNfHo4eUaAYkhAU6f/g/uxMPLFlsQlVtMQx2ydGTj0Jm3sF
jtCg80UTqnbPZQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:48:00 2025 by rpki-client