Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
File: pPhiddwhxh2gzs0Sfpd0zKoysLs.mft (raw, json)
Hash identifier: XPUVkTWRKMR3aYGa1R3bkm3RSIYRdDFn1676G1A2luM=
Subject key identifier: BE:00:E2:52:3A:8E:8A:2F:AF:45:D5:B5:8B:D8:E8:49:9F:08:61:B4
Authority key identifier: A4:F8:62:75:DC:21:C6:1D:A0:CE:CD:12:7E:97:74:CC:AA:32:B0:BB
Certificate issuer: /CN=a4f86275dc21c61da0cecd127e9774ccaa32b0bb
Certificate serial: 019A71EE93EE3D747D33D5C2AE84D577D1A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhiddwhxh2gzs0Sfpd0zKoysLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 08:00:52 +0000
Manifest this update: Tue 11 Nov 2025 08:00:52 +0000
Manifest next update: Wed 12 Nov 2025 08:00:52 +0000
Files and hashes: 1: a0SjSsK93R47m4eRP1Kso9k59CQ.roa (hash: 4DqaXQky67MktM88+QkXZEvBSJRKln9MtvLpFVmXjJ0=)
2: pPhiddwhxh2gzs0Sfpd0zKoysLs.crl (hash: 23jZIWlvNd/whSw8zMsLKC/ho83s8fWcuNaVvIVGMdc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPhiddwhxh2gzs0Sfpd0zKoysLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:93:ee:3d:74:7d:33:d5:c2:ae:84:d5:77:d1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f86275dc21c61da0cecd127e9774ccaa32b0bb
Validity
Not Before: Nov 11 08:00:52 2025 GMT
Not After : Nov 12 08:00:52 2025 GMT
Subject: CN=be00e2523a8e8a2faf45d5b58bd8e8499f0861b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:79:20:64:cd:de:4e:ab:bb:80:16:dc:a9:5b:
18:a6:f8:9e:e8:c3:99:2d:21:94:22:c2:83:de:07:
3c:3a:49:22:85:69:2a:45:ac:e9:22:ec:51:56:7e:
78:cf:8d:8d:e2:fb:a1:94:67:73:1d:45:e0:e2:db:
a4:ba:0c:5c:7a:1e:44:60:c5:b3:63:34:8f:f2:6e:
cd:11:c5:af:99:b7:e1:f9:39:48:14:5c:2b:59:0d:
9a:b0:6f:c5:60:99:76:33:3d:f1:94:06:19:62:1b:
ee:20:0f:c8:34:6d:d4:ef:c3:75:e0:91:59:3d:d6:
d8:eb:ae:9f:31:9a:5f:c5:f0:fc:ed:2e:ac:92:c6:
d6:d5:a0:94:55:8c:ca:58:a2:17:95:11:2d:cd:96:
1f:ba:c6:91:01:a0:b6:31:5a:9c:a9:b2:f5:ca:3b:
85:66:0b:18:16:07:0a:21:01:bf:07:49:98:6f:9b:
94:bb:8f:9b:5f:62:c4:97:f7:dc:41:27:82:03:da:
44:5e:17:47:4a:e2:67:e1:6d:46:5c:a2:14:bf:a5:
24:95:0c:9f:0f:fa:2d:53:40:73:a5:3c:f7:c1:e8:
37:3a:38:30:09:d6:ea:8d:7a:aa:0b:3c:57:e9:93:
ac:30:d9:5c:98:0a:3c:51:67:c2:0f:a5:de:ee:8b:
64:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:00:E2:52:3A:8E:8A:2F:AF:45:D5:B5:8B:D8:E8:49:9F:08:61:B4
X509v3 Authority Key Identifier:
keyid:A4:F8:62:75:DC:21:C6:1D:A0:CE:CD:12:7E:97:74:CC:AA:32:B0:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhiddwhxh2gzs0Sfpd0zKoysLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a8bf2-6cb3-49ae-9e32-8829ee661c64/1/pPhiddwhxh2gzs0Sfpd0zKoysLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:8e:cd:85:10:73:10:94:ea:58:f4:b5:e5:0f:ee:34:cc:86:
ce:f2:c4:1d:ef:cb:03:d4:d0:5b:cf:38:23:df:07:41:2a:5c:
65:b9:c7:f6:27:bb:52:2b:d0:d1:fe:6c:f1:4b:a0:1c:a6:74:
93:f6:e2:9e:45:ff:e4:e2:a3:c9:cf:d9:86:9c:30:b2:1e:82:
51:91:be:83:96:de:1a:d8:e2:1b:7e:af:22:3b:a6:5c:87:7d:
82:5f:29:f8:ae:3a:fa:af:0f:4f:60:71:17:d2:c1:38:1e:9a:
f7:99:26:07:ab:fa:58:54:b7:72:19:23:35:1b:fe:be:ce:6f:
d0:93:7e:48:73:41:e0:b4:45:7d:09:de:10:59:24:3d:fc:c5:
1b:90:bb:e7:7d:f7:d4:fd:fd:40:86:ee:2e:64:c9:db:52:f5:
02:ec:61:f1:9a:39:8c:d3:dd:40:83:6e:36:e4:ad:54:da:7e:
33:59:50:5c:79:cf:0e:dc:43:05:24:78:25:dd:f9:d6:ed:82:
0d:4f:b4:e1:aa:80:d6:83:93:93:18:95:2c:68:ee:41:5c:1b:
9e:5f:7a:fb:db:f5:47:ef:31:de:30:f2:4a:e5:22:af:f1:b6:
01:58:34:6c:45:bd:14:39:cc:0d:37:01:27:11:9d:59:05:23:
51:04:5c:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pPuPXR9M9XCroTVd9GhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg2Mjc1ZGMyMWM2MWRhMGNlY2QxMjdlOTc3NGNjYWEz
MmIwYmIwHhcNMjUxMTExMDgwMDUyWhcNMjUxMTEyMDgwMDUyWjAzMTEwLwYDVQQD
EyhiZTAwZTI1MjNhOGU4YTJmYWY0NWQ1YjU4YmQ4ZTg0OTlmMDg2MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXkgZM3eTqu7gBbcqVsYpvie6MOZ
LSGUIsKD3gc8OkkihWkqRazpIuxRVn54z42N4vuhlGdzHUXg4tukugxceh5EYMWz
YzSP8m7NEcWvmbfh+TlIFFwrWQ2asG/FYJl2Mz3xlAYZYhvuIA/ING3U78N14JFZ
PdbY666fMZpfxfD87S6sksbW1aCUVYzKWKIXlREtzZYfusaRAaC2MVqcqbL1yjuF
ZgsYFgcKIQG/B0mYb5uUu4+bX2LEl/fcQSeCA9pEXhdHSuJn4W1GXKIUv6UklQyf
D/otU0BzpTz3weg3OjgwCdbqjXqqCzxX6ZOsMNlcmAo8UWfCD6Xe7otkVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4A4lI6joovr0XVtYvY6EmfCGG0MB8GA1UdIwQY
MBaAFKT4YnXcIcYdoM7NEn6XdMyqMrC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoaWRkd2h4aDJnenMwU2ZwZDB6S295c0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YThiZjItNmNiMy00OWFlLTllMzIt
ODgyOWVlNjYxYzY0LzEvcFBoaWRkd2h4aDJnenMwU2ZwZDB6S295c0xzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YThiZjItNmNiMy00OWFlLTllMzItODgyOWVlNjYxYzY0
LzEvcFBoaWRkd2h4aDJnenMwU2ZwZDB6S295c0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdo7NhRBz
EJTqWPS15Q/uNMyGzvLEHe/LA9TQW884I98HQSpcZbnH9ie7UivQ0f5s8UugHKZ0
k/binkX/5OKjyc/Zhpwwsh6CUZG+g5beGtjiG36vIjumXId9gl8p+K46+q8PT2Bx
F9LBOB6a95kmB6v6WFS3chkjNRv+vs5v0JN+SHNB4LRFfQneEFkkPfzFG5C75333
1P39QIbuLmTJ21L1Auxh8Zo5jNPdQINuNuStVNp+M1lQXHnPDtxDBSR4Jd351u2C
DU+04aqA1oOTkxiVLGjuQVwbnl96+9v1R+8x3jDySuUir/G2AVg0bEW9FDnMDTcB
JxGdWQUjUQRcnQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:16:53 2025 by rpki-client