Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File: pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier: u+qgBcWw0KTFlecM1lH0Tkueanru5O4VOrOZFdcg4nQ=
Subject key identifier: 1A:F2:7A:38:89:81:D6:86:45:F8:E2:7E:1A:96:D3:86:B6:A5:24:85
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer: /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial: 019A725C38AC64F1F0C4D2A48D75514AF673
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number: 069D
Signing time: Tue 11 Nov 2025 10:00:37 +0000
Manifest this update: Tue 11 Nov 2025 10:00:37 +0000
Manifest next update: Wed 12 Nov 2025 10:00:37 +0000
Files and hashes: 1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: EskPnihKCxUDd1RSMt3u1PutzeHw+et//ELdoUkD/nE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:38:ac:64:f1:f0:c4:d2:a4:8d:75:51:4a:f6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Validity
Not Before: Nov 11 10:00:37 2025 GMT
Not After : Nov 12 10:00:37 2025 GMT
Subject: CN=1af27a388981d68645f8e27e1a96d386b6a52485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:51:e0:49:bc:6c:4b:4f:8c:ad:00:36:99:99:
a3:45:a4:63:ca:e6:28:ec:e2:b6:6e:36:94:c7:0b:
39:8a:04:3f:d1:ee:41:19:bb:8e:e4:7e:1a:f9:61:
9e:fb:2f:23:47:47:c2:cd:02:ee:9f:46:5d:1d:a9:
0a:32:b6:5c:53:bf:71:c9:73:02:a9:64:de:62:4e:
05:bb:a2:25:de:dc:7a:e2:f1:72:52:9c:88:e0:65:
94:0b:cb:0a:65:64:06:7b:06:51:d6:b6:f5:b2:5f:
b9:fe:86:c8:4f:32:6a:db:3a:aa:f2:9d:13:9b:45:
52:84:2f:c9:13:f6:f9:a4:40:cc:83:ce:2c:b9:e6:
c7:c5:91:1a:42:bd:24:02:56:50:f1:3b:23:18:d5:
9d:b8:13:fa:8c:7d:90:86:78:94:82:bf:15:a6:3d:
1a:44:c5:21:db:7c:0f:30:9c:28:d8:fe:45:e7:36:
90:43:d9:15:84:be:7b:e3:a0:64:48:7a:45:73:ac:
ca:4d:67:78:5a:89:53:81:21:ee:4c:b2:e8:13:ca:
16:67:7a:13:a2:c4:b1:d1:a4:43:db:3d:78:46:6a:
84:e1:0b:0c:4c:65:34:87:34:8a:d4:72:ad:02:cd:
c1:2a:c3:ca:aa:34:39:e7:88:99:b8:fc:ab:b9:92:
7c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F2:7A:38:89:81:D6:86:45:F8:E2:7E:1A:96:D3:86:B6:A5:24:85
X509v3 Authority Key Identifier:
keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:1c:a0:c9:1d:b4:da:37:40:67:d9:b1:7a:32:73:f9:a8:9d:
43:9e:97:92:fa:63:75:31:2d:13:03:9f:01:ff:fc:a8:8f:d4:
8d:1f:1f:0e:ac:2b:f2:e5:57:a4:af:2d:56:f1:62:59:e5:25:
94:fb:d7:86:75:45:45:7c:0d:65:3c:be:e0:ea:c4:f0:65:3c:
e9:40:69:56:c0:81:18:5b:a2:63:61:1e:ef:3d:0a:9b:4c:eb:
b6:69:62:d1:7a:b7:8e:b8:e9:d8:a5:06:cf:29:a1:8d:c1:9d:
65:b6:97:39:09:80:52:df:8e:55:7f:cd:de:f8:46:65:05:47:
fb:5e:bc:bc:13:91:41:09:14:8d:b8:0b:7c:8f:e1:84:07:40:
66:1b:93:0f:86:75:ce:66:0d:93:66:bc:e9:d5:55:de:a1:46:
77:69:29:36:77:92:55:f6:4e:10:a6:67:e2:99:6e:80:fb:d5:
7d:58:82:94:84:75:fa:1f:e0:7b:8e:3f:1f:1b:c1:06:17:60:
83:2c:f7:c7:a5:ca:ac:d2:fb:56:27:20:2e:56:cf:96:22:0b:
9a:05:4f:3a:60:27:d8:a2:36:c8:32:83:68:2e:07:a8:22:a4:
34:b3:30:2c:56:05:28:b4:11:d6:bc:df:4e:4d:55:e2:91:96:
2d:a3:f9:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXDisZPHwxNKkjXVRSvZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjUxMTExMTAwMDM3WhcNMjUxMTEyMTAwMDM3WjAzMTEwLwYDVQQD
EygxYWYyN2EzODg5ODFkNjg2NDVmOGUyN2UxYTk2ZDM4NmI2YTUyNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1HgSbxsS0+MrQA2mZmjRaRjyuYo
7OK2bjaUxws5igQ/0e5BGbuO5H4a+WGe+y8jR0fCzQLun0ZdHakKMrZcU79xyXMC
qWTeYk4Fu6Il3tx64vFyUpyI4GWUC8sKZWQGewZR1rb1sl+5/obITzJq2zqq8p0T
m0VShC/JE/b5pEDMg84suebHxZEaQr0kAlZQ8TsjGNWduBP6jH2QhniUgr8Vpj0a
RMUh23wPMJwo2P5F5zaQQ9kVhL5746BkSHpFc6zKTWd4WolTgSHuTLLoE8oWZ3oT
osSx0aRD2z14RmqE4QsMTGU0hzSK1HKtAs3BKsPKqjQ554iZuPyruZJ8VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBryejiJgdaGRfjifhqW04a2pSSFMB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRygyR20
2jdAZ9mxejJz+aidQ56XkvpjdTEtEwOfAf/8qI/UjR8fDqwr8uVXpK8tVvFiWeUl
lPvXhnVFRXwNZTy+4OrE8GU86UBpVsCBGFuiY2Ee7z0Km0zrtmli0Xq3jrjp2KUG
zymhjcGdZbaXOQmAUt+OVX/N3vhGZQVH+168vBORQQkUjbgLfI/hhAdAZhuTD4Z1
zmYNk2a86dVV3qFGd2kpNneSVfZOEKZn4plugPvVfViClIR1+h/ge44/HxvBBhdg
gyz3x6XKrNL7VicgLlbPliILmgVPOmAn2KI2yDKDaC4HqCKkNLMwLFYFKLQR1rzf
Tk1V4pGWLaP5Ow==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:55 2025 by rpki-client