Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
File: pRA1bcClIYlc5h-FSV4G2vehKzs.mft (raw, json)
Hash identifier: kOx/dNFyMdbOk4zpCqmewCR+i3IVtPDU4T3y4LYWCSc=
Subject key identifier: 4E:3C:54:B7:29:58:11:F0:D3:D1:98:D1:6A:73:6B:D0:90:EE:D6:1A
Authority key identifier: A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
Certificate issuer: /CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Certificate serial: 019A729384AB8667FACA5876DAEE4361BCCD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 11:01:01 +0000
Manifest this update: Tue 11 Nov 2025 11:01:01 +0000
Manifest next update: Wed 12 Nov 2025 11:01:01 +0000
Files and hashes: 1: DZzf4gixVG1v_XBOTEdiJTCnpgc.roa (hash: EKgVMjgzgQW/dE4uPulEkrnDhBOvFfmwxhJ1zs6dJk4=)
2: PyDzr8WmYcRo05FGb5UzcWZdKls.roa (hash: IYIt11a1r2unTfjZQuVOMhykI3XsxsOfurke5JUMHZc=)
3: pRA1bcClIYlc5h-FSV4G2vehKzs.crl (hash: 1iXdcEh74Re8nREWz9zhynOtU5kuapYFU5WkE5fEHos=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:84:ab:86:67:fa:ca:58:76:da:ee:43:61:bc:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Validity
Not Before: Nov 11 11:01:01 2025 GMT
Not After : Nov 12 11:01:01 2025 GMT
Subject: CN=4e3c54b7295811f0d3d198d16a736bd090eed61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:86:3e:80:1d:78:45:f6:5c:c8:ea:69:4e:c3:
9f:d9:53:c8:31:ad:89:22:66:dc:bc:a8:04:4f:e4:
ea:5f:4f:38:ce:6a:63:b2:57:91:44:62:69:79:d6:
c7:21:94:e2:3a:ac:17:73:97:1a:61:ff:3c:ce:52:
99:74:f6:05:79:b8:fe:6e:c3:8f:8f:95:66:e3:1b:
75:a0:5e:56:86:4b:7f:27:2a:ed:d8:cb:09:77:9e:
3e:00:9d:44:cc:9b:c0:95:af:ea:d3:20:d4:b3:09:
b7:02:5b:63:e8:5c:af:3f:35:a0:9a:ef:c5:c6:94:
3c:46:08:bd:27:50:24:f9:6f:a2:ee:31:78:c5:52:
fa:f8:4e:17:0c:c7:24:c4:9f:b9:2b:ab:70:af:53:
fd:aa:e1:8a:c5:92:34:ea:de:a8:81:e2:f3:00:47:
29:ee:67:13:28:3b:8f:0b:2c:d8:4a:27:34:c6:70:
58:db:f8:36:ab:33:89:a6:99:2c:6c:f7:e7:11:5d:
db:ae:61:ca:b0:9c:2f:ae:5d:5d:57:40:0a:57:b0:
a2:7c:ab:76:98:26:d2:c0:87:e3:bc:a1:fc:d0:11:
e2:dd:45:43:87:2a:69:4f:32:be:ad:ce:8f:9b:2e:
9f:67:2f:6f:c8:f6:f4:2c:dd:a6:44:5c:64:fc:30:
2b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3C:54:B7:29:58:11:F0:D3:D1:98:D1:6A:73:6B:D0:90:EE:D6:1A
X509v3 Authority Key Identifier:
keyid:A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:17:c8:ca:75:43:92:eb:8d:b3:c2:db:e0:fe:2f:13:84:65:
9e:76:63:35:31:96:ef:26:13:c4:09:c0:58:5b:67:e6:1a:2c:
d7:12:9e:da:b2:54:ee:df:97:58:28:98:c1:12:93:da:e9:a9:
01:37:6a:13:44:ee:2a:b3:8e:e0:d5:0c:55:ee:44:7b:f2:a9:
d0:c4:45:e8:98:8d:8b:c2:91:0f:10:3d:45:dc:e7:c2:a0:89:
ab:58:0d:a5:7d:f1:e9:09:7a:c3:c5:2d:a4:be:ce:cb:2d:78:
3b:d6:3a:dd:a6:37:1f:43:3e:c3:be:c8:4d:0e:85:38:59:4f:
ad:5b:ca:7e:eb:a8:c2:80:2c:74:5f:5d:81:e6:f4:3b:e9:7a:
ae:91:b4:b4:e6:b0:e0:f6:9e:63:83:5f:16:f4:28:61:4b:ea:
4d:44:84:e6:2d:21:a5:44:8e:60:33:db:43:79:0d:5f:b6:71:
76:96:35:02:3f:67:52:9d:de:9c:01:10:b9:fe:dd:1f:4b:74:
70:c0:4c:bf:cf:d8:c5:91:f4:43:64:99:a7:f6:28:d0:92:3c:
0b:fa:7c:1d:64:34:26:ae:a5:bb:46:88:4e:9a:4c:f5:1e:30:
0b:1e:aa:68:c1:40:59:e2:9b:f8:cc:9c:94:68:f2:a2:85:f4:
a2:af:3d:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk4Srhmf6ylh22u5DYbzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MTAzNTZkYzBhNTIxODk1Y2U2MWY4NTQ5NWUwNmRhZjdh
MTJiM2IwHhcNMjUxMTExMTEwMTAxWhcNMjUxMTEyMTEwMTAxWjAzMTEwLwYDVQQD
Eyg0ZTNjNTRiNzI5NTgxMWYwZDNkMTk4ZDE2YTczNmJkMDkwZWVkNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oY+gB14RfZcyOppTsOf2VPIMa2J
ImbcvKgET+TqX084zmpjsleRRGJpedbHIZTiOqwXc5caYf88zlKZdPYFebj+bsOP
j5Vm4xt1oF5Whkt/Jyrt2MsJd54+AJ1EzJvAla/q0yDUswm3Altj6FyvPzWgmu/F
xpQ8Rgi9J1Ak+W+i7jF4xVL6+E4XDMckxJ+5K6twr1P9quGKxZI06t6ogeLzAEcp
7mcTKDuPCyzYSic0xnBY2/g2qzOJppksbPfnEV3brmHKsJwvrl1dV0AKV7CifKt2
mCbSwIfjvKH80BHi3UVDhyppTzK+rc6Pmy6fZy9vyPb0LN2mRFxk/DArfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE48VLcpWBHw09GY0Wpza9CQ7tYaMB8GA1UdIwQY
MBaAFKUQNW3ApSGJXOYfhUleBtr3oSs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYt
MDExODJmODQwNzg5LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYtMDExODJmODQwNzg5
LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATxfIynVD
kuuNs8Lb4P4vE4RlnnZjNTGW7yYTxAnAWFtn5hos1xKe2rJU7t+XWCiYwRKT2ump
ATdqE0TuKrOO4NUMVe5Ee/Kp0MRF6JiNi8KRDxA9RdznwqCJq1gNpX3x6Ql6w8Ut
pL7Oyy14O9Y63aY3H0M+w77ITQ6FOFlPrVvKfuuowoAsdF9dgeb0O+l6rpG0tOaw
4PaeY4NfFvQoYUvqTUSE5i0hpUSOYDPbQ3kNX7ZxdpY1Aj9nUp3enAEQuf7dH0t0
cMBMv8/YxZH0Q2SZp/Yo0JI8C/p8HWQ0Jq6lu0aITppM9R4wCx6qaMFAWeKb+Myc
lGjyooX0oq898g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:26 2025 by rpki-client