Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.mft
File: PN4kcMhWOUlIej54dDxUTJnsimQ.mft (raw, json)
Hash identifier: VeycNC0Lesy8TzyiY2ZwlNE7LhW+LK9IPgInAyX/IAw=
Subject key identifier: 81:3E:28:E8:C6:FB:7C:84:D5:4C:42:3F:EF:2B:4D:74:C2:0F:B6:A2
Authority key identifier: 3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
Certificate issuer: /CN=3cde2470c8563949487a3e78743c544c99ec8a64
Certificate serial: 019A72CA7DBED652F195941832AB0750F225
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.mft
Manifest number: 09A2
Signing time: Tue 11 Nov 2025 12:01:04 +0000
Manifest this update: Tue 11 Nov 2025 12:01:04 +0000
Manifest next update: Wed 12 Nov 2025 12:01:04 +0000
Files and hashes: 1: MR6yCa9ahiYB6kt7eFUEnhRZgj0.roa (hash: Q5fLGdiN5URjuSRi8W7fkSayIUiVGY1nf+0ovyfMZAw=)
2: PN4kcMhWOUlIej54dDxUTJnsimQ.crl (hash: PMl69CJaNSBzN0CEkblWKvxP2bEinij0fRAto+PM0iA=)
3: sFFOUDvWTzfSymlwSYpDyp4rZVo.roa (hash: hd1EPhU6XZRPUxka9ECqkCcKF9k2GizgSrw0eDBr9g4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:7d:be:d6:52:f1:95:94:18:32:ab:07:50:f2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cde2470c8563949487a3e78743c544c99ec8a64
Validity
Not Before: Nov 11 12:01:04 2025 GMT
Not After : Nov 12 12:01:04 2025 GMT
Subject: CN=813e28e8c6fb7c84d54c423fef2b4d74c20fb6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:72:2d:a3:dc:44:51:ce:27:b3:0a:bc:19:
b6:e7:4e:b5:3c:02:90:88:5f:16:6c:0e:08:c8:a3:
57:74:a1:78:e2:ab:10:84:19:4c:73:7a:94:94:78:
c5:8a:e2:48:ed:cd:57:b8:13:b5:0e:d5:67:be:46:
b0:38:f8:66:23:a8:34:c2:47:65:7f:bd:31:1e:11:
ea:e3:a5:2b:81:61:dc:e5:71:e2:3d:22:74:61:cf:
18:06:41:0d:84:12:45:89:0b:de:44:46:1f:b2:ac:
7d:76:b7:26:e6:26:0a:99:b5:26:29:48:10:15:b5:
bb:ea:e9:e7:24:5c:b2:9f:37:96:c6:ba:62:52:bc:
c8:10:d7:a3:c5:10:af:1a:52:2c:c7:e0:6e:8a:b2:
d3:db:e4:0d:4a:2b:fd:aa:08:f3:26:2a:57:66:7f:
3d:d8:9e:41:81:99:cf:e0:d2:f8:5d:c6:97:30:f0:
5b:6c:d7:e4:49:a2:49:78:6e:bd:30:2b:59:05:d5:
27:79:2e:fa:54:80:dc:09:3c:2c:18:43:c6:06:ca:
a4:3e:dd:30:32:69:67:72:e7:f2:02:5c:6b:cb:11:
03:ab:7b:07:05:3f:5f:6e:a1:0b:f8:5e:b2:70:d5:
b8:b2:ae:aa:fa:29:1d:b5:48:bf:8c:82:03:bf:6a:
5c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:3E:28:E8:C6:FB:7C:84:D5:4C:42:3F:EF:2B:4D:74:C2:0F:B6:A2
X509v3 Authority Key Identifier:
keyid:3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:6b:f1:4e:32:02:8f:89:d3:15:f1:62:2c:9d:a6:27:8f:43:
a2:20:63:11:de:e2:54:18:11:35:8b:d3:4b:d4:c4:eb:21:76:
0f:c0:c4:5b:9e:76:af:08:b4:c7:b4:36:de:99:21:e5:4d:92:
f6:2f:53:dd:b2:84:b3:a7:49:38:7c:3d:69:10:79:6e:c7:e3:
1a:1b:b6:8c:17:90:01:c0:06:e3:2b:53:e1:57:59:b5:db:62:
3a:e3:04:22:60:34:6e:93:eb:4b:e2:14:89:58:df:a5:05:d6:
b1:3a:ca:b4:03:68:0b:aa:a8:9d:1e:e9:bc:05:3c:b6:bd:ef:
81:36:77:7f:dd:00:58:b4:1b:06:bc:9f:3d:a1:bd:82:52:5c:
dd:29:9d:d9:3f:1a:a9:dc:16:41:fc:8f:be:04:dd:09:ee:19:
bc:dd:0e:54:16:ee:fc:0a:37:37:6c:cb:0a:89:e7:c4:b2:fd:
be:01:de:0e:0b:b5:92:ba:04:2c:92:e5:45:5c:33:a4:22:0d:
1d:ec:18:4e:d3:ea:02:ef:e8:be:4b:d8:c9:57:71:85:2e:2a:
85:31:de:ef:52:ce:92:40:30:55:83:62:f5:b4:1b:03:33:e7:
bb:1b:ab:ad:9d:6c:90:72:33:38:b5:9e:35:e0:34:09:8e:aa:
68:d9:03:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyn2+1lLxlZQYMqsHUPIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGUyNDcwYzg1NjM5NDk0ODdhM2U3ODc0M2M1NDRjOTll
YzhhNjQwHhcNMjUxMTExMTIwMTA0WhcNMjUxMTEyMTIwMTA0WjAzMTEwLwYDVQQD
Eyg4MTNlMjhlOGM2ZmI3Yzg0ZDU0YzQyM2ZlZjJiNGQ3NGMyMGZiNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOhyLaPcRFHOJ7MKvBm25061PAKQ
iF8WbA4IyKNXdKF44qsQhBlMc3qUlHjFiuJI7c1XuBO1DtVnvkawOPhmI6g0wkdl
f70xHhHq46UrgWHc5XHiPSJ0Yc8YBkENhBJFiQveREYfsqx9drcm5iYKmbUmKUgQ
FbW76unnJFyynzeWxrpiUrzIENejxRCvGlIsx+BuirLT2+QNSiv9qgjzJipXZn89
2J5BgZnP4NL4XcaXMPBbbNfkSaJJeG69MCtZBdUneS76VIDcCTwsGEPGBsqkPt0w
MmlncufyAlxryxEDq3sHBT9fbqEL+F6ycNW4sq6q+ikdtUi/jIIDv2pc9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIE+KOjG+3yE1UxCP+8rTXTCD7aiMB8GA1UdIwQY
MBaAFDzeJHDIVjlJSHo+eHQ8VEyZ7IpkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUt
NDQxNzFiMmY1OTllLzEvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUtNDQxNzFiMmY1OTll
LzEvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdmvxTjIC
j4nTFfFiLJ2mJ49DoiBjEd7iVBgRNYvTS9TE6yF2D8DEW552rwi0x7Q23pkh5U2S
9i9T3bKEs6dJOHw9aRB5bsfjGhu2jBeQAcAG4ytT4VdZtdtiOuMEImA0bpPrS+IU
iVjfpQXWsTrKtANoC6qonR7pvAU8tr3vgTZ3f90AWLQbBryfPaG9glJc3Smd2T8a
qdwWQfyPvgTdCe4ZvN0OVBbu/Ao3N2zLConnxLL9vgHeDgu1kroELJLlRVwzpCIN
HewYTtPqAu/ovkvYyVdxhS4qhTHe71LOkkAwVYNi9bQbAzPnuxurrZ1skHIzOLWe
NeA0CY6qaNkDRA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:08 2025 by rpki-client