Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
File: pxErNcd6Sxb761YSHJdNWdVmeEs.mft (raw, json)
Hash identifier: 7NZpTsRbgRrr+Q+CtDOCT521eKZ6y2ipnMf+N/dzrzk=
Subject key identifier: BF:55:23:C4:E2:8B:2D:7A:10:7E:9F:1D:CC:3D:E9:86:63:2F:FF:D2
Authority key identifier: A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
Certificate issuer: /CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Certificate serial: 019922FA77D10F897C9712EF129E7E86783E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
Manifest number: 1670
Signing time: Sun 07 Sep 2025 07:01:03 +0000
Manifest this update: Sun 07 Sep 2025 07:01:03 +0000
Manifest next update: Mon 08 Sep 2025 07:01:03 +0000
Files and hashes: 1: BwH9GKC4b7MR-_mPUkvo5kX6MbM.roa (hash: RyMXzPGYxLYPm9LtvHil8vaRU4zoAb2AHBWbWaC8/jg=)
2: pxErNcd6Sxb761YSHJdNWdVmeEs.crl (hash: PR35u5ZBF3/cKoTVu4BbB7ZKZZ3zYAlSoY1ILLp1Pz4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:fa:77:d1:0f:89:7c:97:12:ef:12:9e:7e:86:78:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Validity
Not Before: Sep 7 07:01:03 2025 GMT
Not After : Sep 8 07:01:03 2025 GMT
Subject: CN=bf5523c4e28b2d7a107e9f1dcc3de986632fffd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:19:50:d3:de:3d:64:03:62:60:22:d2:27:d4:
a8:a3:17:ba:48:c5:25:17:b1:e8:28:2c:27:17:8b:
2a:2e:e6:ec:01:c5:25:27:c4:57:1e:00:cf:96:59:
5f:31:15:00:4e:f2:36:e3:9e:f9:8b:9a:2b:48:68:
f3:f8:4e:4e:a4:6a:70:06:2b:15:58:98:cf:e4:9b:
d5:07:b6:72:af:e2:8e:58:76:52:5d:cb:0e:ee:5e:
7e:ed:5b:5b:54:34:7a:41:a6:21:a2:ad:3f:01:3d:
07:0f:18:99:98:e7:31:20:68:91:5d:0a:f3:73:a2:
79:94:7a:a6:18:94:59:4f:bc:10:a0:ac:86:1d:7b:
41:0c:e1:50:c2:0a:9b:89:f5:a9:69:b9:2f:5e:b5:
41:1f:52:0a:bd:36:85:6d:4f:91:50:36:02:d4:ee:
76:da:bc:db:6e:84:2e:de:e4:52:35:78:db:6b:f2:
c1:2d:ff:99:70:b9:bc:dc:48:48:f0:71:ee:fa:e7:
e1:ae:a1:6c:f2:26:a1:23:ad:35:02:3f:b6:0b:27:
e8:84:be:b8:b2:35:3d:db:8a:f2:5e:b8:84:54:ad:
73:92:2a:9e:c0:24:89:be:7c:6a:2b:fd:c5:bd:fb:
27:2d:cb:9f:d8:00:2b:7e:8c:f0:bd:7a:78:d1:1c:
96:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:55:23:C4:E2:8B:2D:7A:10:7E:9F:1D:CC:3D:E9:86:63:2F:FF:D2
X509v3 Authority Key Identifier:
keyid:A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:1e:8e:90:83:b5:ee:f0:e8:34:79:55:43:a1:d6:e4:ad:8f:
b5:c1:80:ca:7b:d9:a4:7d:2f:06:43:ce:44:93:fc:2a:43:5a:
64:87:91:be:98:91:69:17:d3:d2:6c:0a:9f:42:44:44:2d:13:
80:b9:13:19:7c:ec:f1:37:d5:f9:97:e1:bf:41:ba:4d:6f:2d:
d2:58:35:6e:61:36:19:47:ad:ba:b0:c1:fa:7c:ba:05:c4:88:
26:65:d6:e3:75:00:21:7b:05:e2:b7:c6:24:05:ca:cc:31:c1:
3c:86:fa:ab:3c:81:26:94:b9:0c:f6:d9:43:06:4d:04:c2:d9:
8f:9d:dc:03:04:09:98:55:68:6b:3a:24:68:70:94:4e:91:4f:
23:a7:3b:c4:6d:9a:f6:28:ae:9c:da:24:42:6d:9a:d0:d9:e8:
1d:15:4e:4d:8f:5a:ab:96:06:34:3d:83:90:bf:f5:fe:15:50:
59:cb:ec:45:f3:c5:71:2f:0a:2c:78:86:39:f5:ff:cb:b4:0a:
0f:d4:c6:2a:18:e7:e5:16:46:82:a5:5f:12:c9:cd:45:c4:f5:
c6:19:0c:85:a5:f1:ce:bf:bc:0d:90:9a:ab:ac:30:91:09:25:
9e:bb:73:be:9c:9a:1b:4a:95:88:57:99:df:f6:b8:12:9f:2a:
d5:8e:3c:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+nfRD4l8lxLvEp5+hng+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTEyYjM1Yzc3YTRiMTZmYmViNTYxMjFjOTc0ZDU5ZDU2
Njc4NGIwHhcNMjUwOTA3MDcwMTAzWhcNMjUwOTA4MDcwMTAzWjAzMTEwLwYDVQQD
EyhiZjU1MjNjNGUyOGIyZDdhMTA3ZTlmMWRjYzNkZTk4NjYzMmZmZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthlQ0949ZANiYCLSJ9Sooxe6SMUl
F7HoKCwnF4sqLubsAcUlJ8RXHgDPlllfMRUATvI24575i5orSGjz+E5OpGpwBisV
WJjP5JvVB7Zyr+KOWHZSXcsO7l5+7VtbVDR6QaYhoq0/AT0HDxiZmOcxIGiRXQrz
c6J5lHqmGJRZT7wQoKyGHXtBDOFQwgqbifWpabkvXrVBH1IKvTaFbU+RUDYC1O52
2rzbboQu3uRSNXjba/LBLf+ZcLm83EhI8HHu+ufhrqFs8iahI601Aj+2CyfohL64
sjU924ryXriEVK1zkiqewCSJvnxqK/3FvfsnLcuf2AArfozwvXp40RyW6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9VI8Tiiy16EH6fHcw96YZjL//SMB8GA1UdIwQY
MBaAFKcRKzXHeksW++tWEhyXTVnVZnhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEt
Nzg4ODQyODIyNWI0LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEtNzg4ODQyODIyNWI0
LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYB6OkIO1
7vDoNHlVQ6HW5K2PtcGAynvZpH0vBkPORJP8KkNaZIeRvpiRaRfT0mwKn0JERC0T
gLkTGXzs8TfV+Zfhv0G6TW8t0lg1bmE2GUeturDB+ny6BcSIJmXW43UAIXsF4rfG
JAXKzDHBPIb6qzyBJpS5DPbZQwZNBMLZj53cAwQJmFVoazokaHCUTpFPI6c7xG2a
9iiunNokQm2a0NnoHRVOTY9aq5YGND2DkL/1/hVQWcvsRfPFcS8KLHiGOfX/y7QK
D9TGKhjn5RZGgqVfEsnNRcT1xhkMhaXxzr+8DZCaq6wwkQklnrtzvpyaG0qViFeZ
3/a4Ep8q1Y48uw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:32:48 2025 by rpki-client