Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
File: PxyTi7IGo4ltBkwIUvqYhf8s69k.mft (raw, json)
Hash identifier: WPz0z8DmZI0snYSh8ffet2EQieGcmHYmcQVJxEThN1U=
Subject key identifier: C5:86:EF:51:76:47:6C:88:D9:34:C3:03:70:69:B3:E1:F7:9D:E6:F4
Authority key identifier: 3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
Certificate issuer: /CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Certificate serial: 019A71B7B65C619E74252464497E9F209427
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
Manifest number: 044E
Signing time: Tue 11 Nov 2025 07:00:56 +0000
Manifest this update: Tue 11 Nov 2025 07:00:56 +0000
Manifest next update: Wed 12 Nov 2025 07:00:56 +0000
Files and hashes: 1: PxyTi7IGo4ltBkwIUvqYhf8s69k.crl (hash: cHHiBMRzCWeytqdNGM6PG4mJfjnTeNTsafn9uqV/bZA=)
2: Qtry2kaoKZp9d0kAKEVlWC9a8yA.roa (hash: 4P/5LEPA+7GLBNpRQSC8l1dlaoBUTtizVxJtdSJCc5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:b6:5c:61:9e:74:25:24:64:49:7e:9f:20:94:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Validity
Not Before: Nov 11 07:00:56 2025 GMT
Not After : Nov 12 07:00:56 2025 GMT
Subject: CN=c586ef5176476c88d934c3037069b3e1f79de6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f3:91:47:4f:59:11:4a:3c:63:8f:8e:6a:5d:
82:14:c0:ee:fe:a2:03:1a:14:3f:39:a3:bb:be:61:
de:17:71:1f:b7:51:b2:5f:48:61:ef:55:ca:53:4e:
ff:0b:b4:b6:db:8a:1d:4c:35:2a:fd:8d:a4:53:72:
a2:8b:87:12:66:59:d5:d3:b9:16:14:62:5b:b7:6e:
b8:9d:52:a1:2f:3f:1f:e5:4f:05:37:0c:80:c9:96:
b0:d9:c4:c5:0a:e0:b5:df:38:70:ab:20:0d:af:97:
ba:94:bd:62:6c:14:dc:f5:76:a1:a3:3d:49:03:ac:
66:a5:aa:88:9c:87:c0:06:b3:24:e5:c3:0a:0c:b2:
b0:94:ae:c6:92:ab:90:91:16:0e:7c:59:38:15:40:
c0:67:4b:39:f9:80:27:f0:21:10:c9:72:25:89:c4:
db:d9:1d:84:91:68:e1:be:01:a9:1d:52:61:6e:de:
10:7c:5b:04:62:0d:a1:42:f0:3d:b9:76:1e:9c:15:
90:2d:85:38:df:25:6c:30:ce:3b:17:f8:be:32:83:
c8:5c:30:b2:61:63:da:75:90:2b:53:1e:6f:f5:7a:
cb:ac:3c:73:cb:cf:b8:a7:fd:68:df:35:23:91:1c:
c3:1a:f9:c3:dd:68:f1:82:c6:c3:8f:c3:f8:9c:dd:
d8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:86:EF:51:76:47:6C:88:D9:34:C3:03:70:69:B3:E1:F7:9D:E6:F4
X509v3 Authority Key Identifier:
keyid:3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:6f:9c:45:ee:2a:41:bc:e5:6b:6e:3b:e9:cd:a1:4b:c8:ca:
c8:9d:70:61:32:3a:b2:9a:ae:fd:8f:a8:97:59:88:d7:78:b1:
80:2a:95:12:a0:c8:1c:da:a6:79:ab:7c:9e:e4:cd:58:76:55:
96:52:34:ab:15:6e:bf:a0:d2:1f:0b:a3:11:ed:88:dc:69:7d:
47:d7:33:09:23:a3:86:43:f2:9c:56:f9:5a:c0:e7:b7:fe:66:
6a:ae:39:8b:a8:52:ea:29:ae:a7:d7:83:0a:ac:4a:05:0f:62:
fe:a6:af:3a:85:ab:6e:00:34:04:c6:5a:ba:e7:4f:d2:f1:e2:
f6:c3:03:d0:86:09:f4:f3:b8:d9:60:ac:b0:3f:3b:df:73:4f:
d0:b8:b2:10:93:1c:70:cf:4a:e2:b7:8e:bc:61:74:56:7f:a3:
4a:42:e7:37:9c:3e:46:1c:e6:a2:8d:81:dd:a4:de:7d:a8:b9:
69:ee:80:c5:ba:08:e5:5c:a6:e7:a5:c7:ff:3e:77:11:c0:a3:
e7:7e:65:65:bb:55:58:2b:c2:32:69:d6:3e:30:9c:4c:04:83:
41:da:2c:29:c5:89:ce:1a:d6:e3:4b:b6:c1:e1:5f:d8:f9:fb:
bd:63:1f:41:cd:fc:d7:64:8a:07:80:22:7b:8f:84:d0:2a:7c:
5c:cc:55:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7ZcYZ50JSRkSX6fIJQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMWM5MzhiYjIwNmEzODk2ZDA2NGMwODUyZmE5ODg1ZmYy
Y2ViZDkwHhcNMjUxMTExMDcwMDU2WhcNMjUxMTEyMDcwMDU2WjAzMTEwLwYDVQQD
EyhjNTg2ZWY1MTc2NDc2Yzg4ZDkzNGMzMDM3MDY5YjNlMWY3OWRlNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifORR09ZEUo8Y4+Oal2CFMDu/qID
GhQ/OaO7vmHeF3Eft1GyX0hh71XKU07/C7S224odTDUq/Y2kU3Kii4cSZlnV07kW
FGJbt264nVKhLz8f5U8FNwyAyZaw2cTFCuC13zhwqyANr5e6lL1ibBTc9Xahoz1J
A6xmpaqInIfABrMk5cMKDLKwlK7GkquQkRYOfFk4FUDAZ0s5+YAn8CEQyXIlicTb
2R2EkWjhvgGpHVJhbt4QfFsEYg2hQvA9uXYenBWQLYU43yVsMM47F/i+MoPIXDCy
YWPadZArUx5v9XrLrDxzy8+4p/1o3zUjkRzDGvnD3WjxgsbDj8P4nN3Y1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMWG71F2R2yI2TTDA3Bps+H3neb0MB8GA1UdIwQY
MBaAFD8ck4uyBqOJbQZMCFL6mIX/LOvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQt
ZTA1MjYwMzNhNDg0LzEvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQtZTA1MjYwMzNhNDg0
LzEvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARm+cRe4q
Qbzla2476c2hS8jKyJ1wYTI6spqu/Y+ol1mI13ixgCqVEqDIHNqmeat8nuTNWHZV
llI0qxVuv6DSHwujEe2I3Gl9R9czCSOjhkPynFb5WsDnt/5maq45i6hS6imup9eD
CqxKBQ9i/qavOoWrbgA0BMZauudP0vHi9sMD0IYJ9PO42WCssD8733NP0LiyEJMc
cM9K4reOvGF0Vn+jSkLnN5w+Rhzmoo2B3aTefai5ae6AxboI5Vym56XH/z53EcCj
535lZbtVWCvCMmnWPjCcTASDQdosKcWJzhrW40u2weFf2Pn7vWMfQc3812SKB4Ai
e4+E0Cp8XMxVig==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:58 2025 by rpki-client