Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
File: pxErNcd6Sxb761YSHJdNWdVmeEs.mft (raw, json)
Hash identifier: 44lcnICzyTiwVyU6oq5vxoj6U48UjL/hcfwN4xlvksY=
Subject key identifier: C9:B5:64:FD:45:EA:28:02:59:46:4C:10:22:0A:65:90:85:9E:EB:BB
Authority key identifier: A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
Certificate issuer: /CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Certificate serial: 019A73019AE1DA78D820C9711DDD911064DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 13:01:16 +0000
Manifest this update: Tue 11 Nov 2025 13:01:16 +0000
Manifest next update: Wed 12 Nov 2025 13:01:16 +0000
Files and hashes: 1: BwH9GKC4b7MR-_mPUkvo5kX6MbM.roa (hash: RyMXzPGYxLYPm9LtvHil8vaRU4zoAb2AHBWbWaC8/jg=)
2: pxErNcd6Sxb761YSHJdNWdVmeEs.crl (hash: cagd5IyXM0uVVpxAy6n/v8oyIcBehgv7NIhoIa/nmYQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:9a:e1:da:78:d8:20:c9:71:1d:dd:91:10:64:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7112b35c77a4b16fbeb56121c974d59d566784b
Validity
Not Before: Nov 11 13:01:16 2025 GMT
Not After : Nov 12 13:01:16 2025 GMT
Subject: CN=c9b564fd45ea280259464c10220a6590859eebbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0d:b2:6a:52:cd:02:84:ae:2b:09:61:83:c1:
80:80:af:1f:ca:9f:45:68:15:e9:c3:c1:6a:ba:32:
d2:74:01:cc:f6:9e:d0:e8:ba:06:d5:e4:a8:67:c4:
76:b0:58:f7:8f:9b:31:c9:4d:9d:19:1b:d7:74:33:
7b:e0:31:14:c6:f0:b4:5d:61:29:33:0e:b1:c5:07:
68:2a:4f:cb:26:2d:28:e7:9b:9c:78:54:d9:62:5c:
88:05:bf:9b:89:10:93:65:94:b1:ff:45:25:fc:7d:
f1:50:be:66:28:cc:a9:32:1f:db:f1:dc:09:3a:88:
50:b6:09:d8:9a:ef:d4:58:df:29:b5:24:cd:5f:ed:
f9:9e:99:17:82:d8:20:86:f7:cd:04:0e:b1:0f:36:
c7:b3:a6:c3:c5:7f:f6:2f:50:f1:d2:37:c3:3b:9a:
40:64:30:df:0f:41:b2:dd:bb:4c:0e:73:73:43:8c:
94:37:20:d3:40:ca:2e:95:c5:15:08:7e:4c:51:ca:
fd:7c:fc:18:69:d2:61:54:91:07:d9:ba:b4:31:e8:
d7:dd:d4:61:5d:a9:2e:82:0d:cb:b3:ab:e3:9d:2a:
83:d4:fb:22:1d:ac:7f:a3:7b:74:0a:67:12:97:b7:
6e:c8:81:5e:49:a5:97:87:ac:39:a4:7c:6c:c3:1e:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B5:64:FD:45:EA:28:02:59:46:4C:10:22:0A:65:90:85:9E:EB:BB
X509v3 Authority Key Identifier:
keyid:A7:11:2B:35:C7:7A:4B:16:FB:EB:56:12:1C:97:4D:59:D5:66:78:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxErNcd6Sxb761YSHJdNWdVmeEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/71cbe5-4a29-4567-a1fa-7888428225b4/1/pxErNcd6Sxb761YSHJdNWdVmeEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:39:de:d1:33:b7:10:64:28:b9:af:bc:77:ed:53:76:97:25:
c3:ab:4f:9a:e0:70:23:50:07:b8:38:dd:3a:be:ac:fb:d5:6f:
2a:32:82:8c:36:1e:d9:7d:0b:9e:72:4d:bf:5f:7e:aa:c6:f9:
9c:61:b0:f7:1c:06:38:63:8a:fe:55:46:ca:09:28:71:8f:df:
18:eb:1a:a2:91:96:5b:40:2e:18:8a:ee:e7:7d:61:80:19:aa:
d7:98:d9:7d:bb:23:b2:76:79:b4:37:4f:fe:5c:d0:6d:ab:82:
4e:fd:0d:30:7d:d3:b8:90:85:af:bb:c5:65:c0:0b:c2:53:e9:
ce:97:3a:4c:e5:9d:c6:8b:4a:b6:eb:32:6c:a6:06:1b:07:04:
da:f6:1d:e0:15:2c:a7:ac:f4:e3:fe:62:ed:c4:7d:20:32:cf:
c9:0a:f5:d2:be:9d:1b:ea:16:29:e0:23:3a:e1:98:86:7c:b0:
14:3d:1a:d4:c2:ec:13:c6:c2:b3:1f:8c:c8:c4:47:fe:59:1b:
b7:cf:fd:7d:ed:57:b4:fa:bb:d5:1b:78:44:d1:8d:df:9c:12:
82:e2:7e:90:94:00:b3:d5:e9:53:b8:79:4c:3e:67:ee:47:eb:
1a:91:7c:6c:91:9c:68:b5:0d:30:4f:e7:93:1d:2a:75:03:44:
76:99:33:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAZrh2njYIMlxHd2REGTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTEyYjM1Yzc3YTRiMTZmYmViNTYxMjFjOTc0ZDU5ZDU2
Njc4NGIwHhcNMjUxMTExMTMwMTE2WhcNMjUxMTEyMTMwMTE2WjAzMTEwLwYDVQQD
EyhjOWI1NjRmZDQ1ZWEyODAyNTk0NjRjMTAyMjBhNjU5MDg1OWVlYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4A2yalLNAoSuKwlhg8GAgK8fyp9F
aBXpw8FqujLSdAHM9p7Q6LoG1eSoZ8R2sFj3j5sxyU2dGRvXdDN74DEUxvC0XWEp
Mw6xxQdoKk/LJi0o55uceFTZYlyIBb+biRCTZZSx/0Ul/H3xUL5mKMypMh/b8dwJ
OohQtgnYmu/UWN8ptSTNX+35npkXgtgghvfNBA6xDzbHs6bDxX/2L1Dx0jfDO5pA
ZDDfD0Gy3btMDnNzQ4yUNyDTQMoulcUVCH5MUcr9fPwYadJhVJEH2bq0MejX3dRh
Xakugg3Ls6vjnSqD1PsiHax/o3t0CmcSl7duyIFeSaWXh6w5pHxswx5EGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMm1ZP1F6igCWUZMECIKZZCFnuu7MB8GA1UdIwQY
MBaAFKcRKzXHeksW++tWEhyXTVnVZnhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEt
Nzg4ODQyODIyNWI0LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83MWNiZTUtNGEyOS00NTY3LWExZmEtNzg4ODQyODIyNWI0
LzEvcHhFck5jZDZTeGI3NjFZU0hKZE5XZFZtZUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXDne0TO3
EGQoua+8d+1Tdpclw6tPmuBwI1AHuDjdOr6s+9VvKjKCjDYe2X0LnnJNv19+qsb5
nGGw9xwGOGOK/lVGygkocY/fGOsaopGWW0AuGIru531hgBmq15jZfbsjsnZ5tDdP
/lzQbauCTv0NMH3TuJCFr7vFZcALwlPpzpc6TOWdxotKtusybKYGGwcE2vYd4BUs
p6z04/5i7cR9IDLPyQr10r6dG+oWKeAjOuGYhnywFD0a1MLsE8bCsx+MyMRH/lkb
t8/9fe1XtPq71Rt4RNGN35wSguJ+kJQAs9XpU7h5TD5n7kfrGpF8bJGcaLUNME/n
kx0qdQNEdpkzpA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:36:59 2025 by rpki-client