Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft
File: pqBZBOyBdGoKZtIH9dNvjZeIig0.mft (raw, json)
Hash identifier: UusOsqUbvBhd0fWQhuHnUDvSxwkF7sLidC4kZH6B5vQ=
Subject key identifier: 20:30:71:C0:14:83:DE:38:74:E1:10:A1:15:B5:E5:36:11:89:38:11
Authority key identifier: A6:A0:59:04:EC:81:74:6A:0A:66:D2:07:F5:D3:6F:8D:97:88:8A:0D
Certificate issuer: /CN=a6a05904ec81746a0a66d207f5d36f8d97888a0d
Certificate serial: 019A71B8F1E99063FE510B3EA94759C0DAF5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft
Manifest number: 0882
Signing time: Tue 11 Nov 2025 07:02:17 +0000
Manifest this update: Tue 11 Nov 2025 07:02:17 +0000
Manifest next update: Wed 12 Nov 2025 07:02:17 +0000
Files and hashes: 1: pqBZBOyBdGoKZtIH9dNvjZeIig0.crl (hash: 5eZFkC5xp850WnALy69mCajcR6gHOg1eMSQejXPpF7I=)
2: wcWtJWZdHtQ3MB-JGGb4XgtvRZY.roa (hash: uBYBylJRjDgsdsAh3Gf2WJ38oblmNaRqlj9rvalMb+M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:f1:e9:90:63:fe:51:0b:3e:a9:47:59:c0:da:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a05904ec81746a0a66d207f5d36f8d97888a0d
Validity
Not Before: Nov 11 07:02:17 2025 GMT
Not After : Nov 12 07:02:17 2025 GMT
Subject: CN=203071c01483de3874e110a115b5e53611893811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:54:c2:cd:20:cd:c2:1e:1e:99:83:ef:e1:
16:7e:5b:80:86:30:0d:8b:d9:7e:18:7f:4f:1f:16:
5c:de:d1:37:d2:e5:e4:2c:1d:1a:7a:d4:5a:cb:78:
10:01:31:62:33:3f:e3:85:fb:34:19:59:b6:26:4e:
61:20:56:bf:a1:78:5b:b2:4c:57:c4:98:ad:59:7b:
a2:c5:ae:c8:d4:57:f6:e5:06:ec:74:ce:9c:80:39:
25:b4:ad:11:98:43:98:7f:13:9f:f8:73:31:06:cc:
81:55:74:87:de:97:43:fe:bf:ce:20:b5:af:a4:52:
9a:a9:1e:a9:d8:3c:92:de:a0:39:cc:85:c0:49:07:
b6:9b:f0:e3:a3:24:50:6d:3e:5c:e7:d2:ba:4d:fe:
83:92:44:f0:0d:e3:ba:81:cd:ad:79:1c:cd:2b:a7:
13:df:35:e7:49:20:87:3c:19:6a:ec:de:cb:65:ff:
6f:a5:fe:d8:99:a7:39:27:2e:c3:5a:fb:6b:0b:62:
d6:78:5a:68:6b:ae:11:4e:4c:73:30:b7:c7:40:66:
cb:23:d2:25:18:65:cc:ec:d6:7e:c3:e1:62:17:8d:
86:af:0d:19:7f:8d:8b:79:14:48:fe:b0:9a:c4:15:
e7:9f:52:93:c0:29:68:1a:18:31:ef:0e:89:7e:dc:
b4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:30:71:C0:14:83:DE:38:74:E1:10:A1:15:B5:E5:36:11:89:38:11
X509v3 Authority Key Identifier:
keyid:A6:A0:59:04:EC:81:74:6A:0A:66:D2:07:F5:D3:6F:8D:97:88:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:12:43:a7:92:4d:a2:52:a9:51:2d:f2:43:ba:eb:30:9e:d8:
aa:ca:e2:50:5a:df:54:5b:61:86:c2:07:83:a5:10:9f:76:fa:
58:34:51:c7:78:6d:a0:e6:24:ac:c0:16:15:53:9a:f9:9f:36:
d6:ed:4d:71:cc:dd:31:84:8e:c6:4d:76:81:c3:ce:06:35:e6:
ca:b8:84:21:d7:53:c7:35:fb:e5:8c:86:22:f5:8c:55:cb:7d:
65:54:d4:e4:11:6e:1e:eb:52:c5:d2:ca:74:ae:88:dc:37:4e:
90:13:8f:45:72:d6:b9:ca:12:af:d9:35:82:6d:ed:8d:27:33:
6e:bb:3e:22:69:a7:d9:49:80:2f:7c:de:bf:f1:e8:48:cf:d5:
5b:c7:2e:6d:74:ba:01:b3:1e:84:90:7b:4d:6d:eb:49:f1:5a:
23:bd:06:fe:bc:0b:f6:a0:3f:9f:a3:3a:08:c8:ab:94:c3:f4:
b1:9c:b0:1f:2c:ea:54:10:63:a3:4b:88:60:6a:b5:0b:b6:63:
15:d8:5c:7a:50:68:b7:f0:3d:c4:e0:20:b6:17:85:82:fd:63:
f4:70:df:9d:5c:1f:6d:9b:12:45:99:8a:94:54:de:a7:35:28:
57:fe:20:ec:1f:26:10:d0:0a:61:2b:78:b9:84:58:37:8a:8d:
a9:47:40:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPHpkGP+UQs+qUdZwNr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA1OTA0ZWM4MTc0NmEwYTY2ZDIwN2Y1ZDM2ZjhkOTc4
ODhhMGQwHhcNMjUxMTExMDcwMjE3WhcNMjUxMTEyMDcwMjE3WjAzMTEwLwYDVQQD
EygyMDMwNzFjMDE0ODNkZTM4NzRlMTEwYTExNWI1ZTUzNjExODkzODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIBUws0gzcIeHpmD7+EWfluAhjAN
i9l+GH9PHxZc3tE30uXkLB0aetRay3gQATFiMz/jhfs0GVm2Jk5hIFa/oXhbskxX
xJitWXuixa7I1Ff25QbsdM6cgDkltK0RmEOYfxOf+HMxBsyBVXSH3pdD/r/OILWv
pFKaqR6p2DyS3qA5zIXASQe2m/DjoyRQbT5c59K6Tf6DkkTwDeO6gc2teRzNK6cT
3zXnSSCHPBlq7N7LZf9vpf7Ymac5Jy7DWvtrC2LWeFpoa64RTkxzMLfHQGbLI9Il
GGXM7NZ+w+FiF42Grw0Zf42LeRRI/rCaxBXnn1KTwCloGhgx7w6Jfty07QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAwccAUg944dOEQoRW15TYRiTgRMB8GA1UdIwQY
MBaAFKagWQTsgXRqCmbSB/XTb42XiIoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYjUxYzktYjM3Yi00NzY3LTg4ZDkt
NWRmNmE0NjMwMzViLzEvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYjUxYzktYjM3Yi00NzY3LTg4ZDktNWRmNmE0NjMwMzVi
LzEvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKBJDp5JN
olKpUS3yQ7rrMJ7YqsriUFrfVFthhsIHg6UQn3b6WDRRx3htoOYkrMAWFVOa+Z82
1u1NcczdMYSOxk12gcPOBjXmyriEIddTxzX75YyGIvWMVct9ZVTU5BFuHutSxdLK
dK6I3DdOkBOPRXLWucoSr9k1gm3tjSczbrs+Immn2UmAL3zev/HoSM/VW8cubXS6
AbMehJB7TW3rSfFaI70G/rwL9qA/n6M6CMirlMP0sZywHyzqVBBjo0uIYGq1C7Zj
FdhcelBot/A9xOAgtheFgv1j9HDfnVwfbZsSRZmKlFTepzUoV/4g7B8mENAKYSt4
uYRYN4qNqUdAcg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:16:53 2025 by rpki-client