Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft
File: pxrCOk0-z8vKRROJaxeuToloKng.mft (raw, json)
Hash identifier: HchYtK+5JXLcDQpqlMCIqDnqHniUGrDhTCbqLCynkdg=
Subject key identifier: 61:9A:36:6D:D2:7D:7C:A5:2A:FF:62:E8:77:DB:67:21:98:11:FD:0A
Authority key identifier: A7:1A:C2:3A:4D:3E:CF:CB:CA:45:13:89:6B:17:AE:4E:89:68:2A:78
Certificate issuer: /CN=a71ac23a4d3ecfcbca4513896b17ae4e89682a78
Certificate serial: 019A7149E77AE41F2B3A289A506F1C01695C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft
Manifest number: F0
Signing time: Tue 11 Nov 2025 05:01:00 +0000
Manifest this update: Tue 11 Nov 2025 05:01:00 +0000
Manifest next update: Wed 12 Nov 2025 05:01:00 +0000
Files and hashes: 1: MQtI7yBtmsDk4DKqPSGfWKdKyAo.roa (hash: +iNt+U/ElAwJwno5xdY5orBbnGETU96olMUGY0otCFs=)
2: pxrCOk0-z8vKRROJaxeuToloKng.crl (hash: fd252UHpfkpgM+efgsgqiWbKztVkZr/0wUa6VdNY0a0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:e7:7a:e4:1f:2b:3a:28:9a:50:6f:1c:01:69:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71ac23a4d3ecfcbca4513896b17ae4e89682a78
Validity
Not Before: Nov 11 05:01:00 2025 GMT
Not After : Nov 12 05:01:00 2025 GMT
Subject: CN=619a366dd27d7ca52aff62e877db67219811fd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3f:58:fe:10:92:26:e6:34:85:c7:b3:67:92:
d7:3f:86:b9:6f:6d:cc:ea:5f:67:69:8d:26:10:2e:
d0:3b:2a:49:f7:0f:cf:fa:32:01:7b:d0:8f:93:36:
bd:fe:a4:02:7b:35:f8:6f:f5:cb:4e:27:39:f9:ab:
a3:3b:0a:40:13:25:97:bd:8a:cf:b0:9e:36:fd:50:
37:ea:ed:21:03:4c:b4:c6:cb:7f:b2:5a:f7:78:e2:
df:83:b6:dc:ab:a6:ff:31:38:2c:d5:e3:bc:d5:79:
36:30:c8:aa:e0:73:03:1b:4a:23:f7:b2:7f:6d:ea:
71:36:ae:a4:24:23:f3:32:1b:9f:fb:73:35:7b:2b:
3f:0e:0a:aa:c9:bf:c4:1f:5a:30:b4:e3:89:83:8c:
26:e4:87:ad:37:44:ef:64:73:34:64:94:84:34:d5:
cb:77:52:87:a5:f4:59:1b:42:a4:19:16:90:9a:7b:
98:ad:aa:b1:ef:32:d7:f6:e4:0b:d0:bd:74:74:07:
d8:95:35:26:01:5d:3e:74:f8:4d:84:b5:40:8f:45:
d0:e5:4e:d9:54:72:51:3c:1e:88:15:0b:8a:38:94:
3d:ce:e4:38:8e:d0:75:8a:84:18:9b:e6:bd:28:df:
d1:69:28:39:31:5f:62:55:d6:52:46:77:a6:82:08:
1f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9A:36:6D:D2:7D:7C:A5:2A:FF:62:E8:77:DB:67:21:98:11:FD:0A
X509v3 Authority Key Identifier:
keyid:A7:1A:C2:3A:4D:3E:CF:CB:CA:45:13:89:6B:17:AE:4E:89:68:2A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:9d:8b:3c:83:8c:31:8a:79:6d:f3:ef:f7:61:ec:11:a6:ba:
fd:74:37:91:04:11:ab:9e:fe:b4:ca:31:1c:fa:ab:0d:d6:a3:
0d:ac:15:8e:e2:c0:54:c5:bf:60:ce:d5:e0:62:51:66:30:5f:
8d:96:99:66:17:e2:4c:cf:36:f5:e0:7b:bf:e0:ed:55:35:06:
e8:0c:f6:04:a7:00:f2:d1:10:d1:37:3b:fb:c7:47:de:33:18:
56:aa:11:2a:f5:9e:a6:a1:b5:ba:bf:51:46:8b:b6:0a:2e:d0:
bb:30:27:2b:2c:54:b6:ed:95:42:77:99:2e:74:8d:95:10:c3:
38:b4:0c:53:f9:71:09:4e:44:59:ea:24:45:26:bc:2d:f0:e4:
4e:94:a9:95:86:53:77:41:36:c6:b9:1f:cc:e6:af:33:4b:ed:
ef:78:9f:c2:a4:fa:c7:0c:2c:5b:e0:ae:66:12:49:c0:78:34:
b5:59:4c:34:1a:ed:12:4d:d5:a1:b5:77:b2:2b:dc:59:50:2f:
47:40:fc:be:7d:b8:08:b8:93:a3:64:0d:2d:4c:dc:3e:bd:4e:
dd:9e:f4:1c:49:43:b6:73:40:f5:f2:c3:a3:6a:f5:54:58:bb:
ce:eb:9f:1b:6d:78:37:f3:e1:47:cc:aa:e9:a0:79:67:c6:97:
c5:4e:32:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSed65B8rOiiaUG8cAWlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWFjMjNhNGQzZWNmY2JjYTQ1MTM4OTZiMTdhZTRlODk2
ODJhNzgwHhcNMjUxMTExMDUwMTAwWhcNMjUxMTEyMDUwMTAwWjAzMTEwLwYDVQQD
Eyg2MTlhMzY2ZGQyN2Q3Y2E1MmFmZjYyZTg3N2RiNjcyMTk4MTFmZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvj9Y/hCSJuY0hcezZ5LXP4a5b23M
6l9naY0mEC7QOypJ9w/P+jIBe9CPkza9/qQCezX4b/XLTic5+aujOwpAEyWXvYrP
sJ42/VA36u0hA0y0xst/slr3eOLfg7bcq6b/MTgs1eO81Xk2MMiq4HMDG0oj97J/
bepxNq6kJCPzMhuf+3M1eys/Dgqqyb/EH1owtOOJg4wm5IetN0TvZHM0ZJSENNXL
d1KHpfRZG0KkGRaQmnuYraqx7zLX9uQL0L10dAfYlTUmAV0+dPhNhLVAj0XQ5U7Z
VHJRPB6IFQuKOJQ9zuQ4jtB1ioQYm+a9KN/RaSg5MV9iVdZSRnemgggf1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGaNm3SfXylKv9i6HfbZyGYEf0KMB8GA1UdIwQY
MBaAFKcawjpNPs/LykUTiWsXrk6JaCp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MzFjZWMtZDk2NS00MDBhLTk4OTkt
ZmRiYzVjNmFlNWFhLzEvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MzFjZWMtZDk2NS00MDBhLTk4OTktZmRiYzVjNmFlNWFh
LzEvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmJ2LPIOM
MYp5bfPv92HsEaa6/XQ3kQQRq57+tMoxHPqrDdajDawVjuLAVMW/YM7V4GJRZjBf
jZaZZhfiTM829eB7v+DtVTUG6Az2BKcA8tEQ0Tc7+8dH3jMYVqoRKvWepqG1ur9R
Rou2Ci7QuzAnKyxUtu2VQneZLnSNlRDDOLQMU/lxCU5EWeokRSa8LfDkTpSplYZT
d0E2xrkfzOavM0vt73ifwqT6xwwsW+CuZhJJwHg0tVlMNBrtEk3VobV3sivcWVAv
R0D8vn24CLiTo2QNLUzcPr1O3Z70HElDtnNA9fLDo2r1VFi7zuufG214N/PhR8yq
6aB5Z8aXxU4y1g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:45 2025 by rpki-client