Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
File: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft (raw, json)
Hash identifier: GGwwZZ+ZvvzED/YiqSNmw0DQoZnIHhixWrrhritxZ4E=
Subject key identifier: 72:18:E9:D5:8B:E5:9C:7C:78:D9:8A:0B:FF:1F:62:2A:8F:04:1E:D1
Authority key identifier: 3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73
Certificate issuer: /CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
Certificate serial: 019A7149F9C9120CC777D27536414D79C833
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
Manifest number: 09E6
Signing time: Tue 11 Nov 2025 05:01:04 +0000
Manifest this update: Tue 11 Nov 2025 05:01:04 +0000
Manifest next update: Wed 12 Nov 2025 05:01:04 +0000
Files and hashes: 1: JD1ZF1XWLuEfY_xZK_HiSB-W5Sc.roa (hash: tU/SgRvLeOcLILG1M49HHg6nzxCmwlwyRSULttNgB8k=)
2: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl (hash: ByZRNolF6L+wtZiFBSHFFe6Y2HRIIpp05IEtdu5taoQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:f9:c9:12:0c:c7:77:d2:75:36:41:4d:79:c8:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
Validity
Not Before: Nov 11 05:01:04 2025 GMT
Not After : Nov 12 05:01:04 2025 GMT
Subject: CN=7218e9d58be59c7c78d98a0bff1f622a8f041ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:df:08:2e:3e:00:1e:d6:df:57:84:29:d8:43:
a5:10:2c:59:00:05:ae:f5:c4:0f:e3:1c:42:d3:58:
ce:44:65:0b:75:80:34:79:f9:91:82:90:16:a4:ac:
33:b3:70:6b:95:31:ae:bd:54:99:7e:01:50:4f:65:
90:ab:72:f9:28:cb:b5:52:93:3f:61:45:c3:93:14:
b5:cb:31:57:50:4b:8a:02:be:bf:4c:5b:e7:4d:2a:
29:68:fa:cb:44:c1:ef:a4:69:e1:5c:ef:c0:9c:4b:
24:7b:62:ef:f7:2a:f0:2d:84:be:81:b7:d8:4c:02:
4b:f8:36:7e:25:40:46:1a:6b:ee:8c:f1:18:a2:bf:
bc:6b:6f:9b:21:0a:ff:70:8c:15:12:79:98:79:97:
b3:9a:14:f9:5d:64:0a:d1:dd:82:fd:9d:bf:a4:2d:
70:01:e0:a6:15:9f:7a:17:59:3a:a3:54:00:1f:ba:
a1:07:8f:e4:2d:47:1a:17:91:e5:1f:74:39:4a:fa:
9f:1b:74:cc:a3:92:f6:23:c6:96:40:e1:84:9a:80:
a9:39:ff:e6:9f:38:43:1d:70:68:f4:79:64:bc:a9:
a4:57:04:fe:96:ad:cc:d8:6a:05:d5:f3:d3:44:1c:
29:c8:67:58:7e:e5:dc:0d:a7:34:b7:31:f4:b2:8e:
4b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:18:E9:D5:8B:E5:9C:7C:78:D9:8A:0B:FF:1F:62:2A:8F:04:1E:D1
X509v3 Authority Key Identifier:
keyid:3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:18:4d:3e:ee:43:8a:8b:3d:d6:ab:38:77:b3:7d:94:4b:b1:
b7:a7:a2:0f:c5:41:03:a6:93:68:41:58:fa:74:d8:bf:98:75:
e7:8b:3c:c0:62:5e:ff:4f:de:57:04:b6:84:63:08:2a:d5:8a:
3d:92:fc:01:98:fd:22:d2:42:c2:33:63:5e:65:dd:42:10:e7:
b3:af:9e:95:c2:d7:31:e2:ab:1e:6d:c2:24:ce:15:2b:25:b2:
0d:a5:9b:4f:49:a1:a7:7a:10:ca:c1:63:71:10:18:2b:6f:1f:
02:f1:ec:f4:87:22:e6:81:76:4e:89:be:2d:14:ab:af:29:7f:
ee:93:b5:6e:17:68:3c:79:42:f0:05:22:17:5d:9f:e3:64:58:
dc:d7:0d:87:dc:43:dc:89:25:84:5a:89:29:a5:8e:9e:d2:98:
ab:8c:97:5c:7e:1d:50:9c:05:f8:30:3f:f6:ee:f0:62:19:3b:
1f:25:9f:92:54:b0:db:75:eb:30:35:c8:35:b1:3c:f5:4c:44:
f7:7f:74:98:a1:4b:67:dd:04:71:30:88:34:f4:4d:23:4f:64:
f4:97:ba:f7:24:fb:13:19:f0:6a:56:1e:26:7d:0c:4a:2f:24:
34:35:aa:88:e4:20:81:39:bf:6f:b5:3f:61:27:44:0a:9f:cb:
5c:5b:3d:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfnJEgzHd9J1NkFNecgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODk3YmQ4YzZkZjFjYjcxNDEwZmUxOTRiZWQ3MzlhMmY4
YTY3NzMwHhcNMjUxMTExMDUwMTA0WhcNMjUxMTEyMDUwMTA0WjAzMTEwLwYDVQQD
Eyg3MjE4ZTlkNThiZTU5YzdjNzhkOThhMGJmZjFmNjIyYThmMDQxZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt8ILj4AHtbfV4Qp2EOlECxZAAWu
9cQP4xxC01jORGULdYA0efmRgpAWpKwzs3BrlTGuvVSZfgFQT2WQq3L5KMu1UpM/
YUXDkxS1yzFXUEuKAr6/TFvnTSopaPrLRMHvpGnhXO/AnEske2Lv9yrwLYS+gbfY
TAJL+DZ+JUBGGmvujPEYor+8a2+bIQr/cIwVEnmYeZezmhT5XWQK0d2C/Z2/pC1w
AeCmFZ96F1k6o1QAH7qhB4/kLUcaF5HlH3Q5SvqfG3TMo5L2I8aWQOGEmoCpOf/m
nzhDHXBo9HlkvKmkVwT+lq3M2GoF1fPTRBwpyGdYfuXcDac0tzH0so5LRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIY6dWL5Zx8eNmKC/8fYiqPBB7RMB8GA1UdIwQY
MBaAFD2Je9jG3xy3FBD+GUvtc5ovimdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzkt
ZjlmOTIxNTBjZDM5LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzktZjlmOTIxNTBjZDM5
LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxhNPu5D
ios91qs4d7N9lEuxt6eiD8VBA6aTaEFY+nTYv5h154s8wGJe/0/eVwS2hGMIKtWK
PZL8AZj9ItJCwjNjXmXdQhDns6+elcLXMeKrHm3CJM4VKyWyDaWbT0mhp3oQysFj
cRAYK28fAvHs9Ici5oF2Tom+LRSrryl/7pO1bhdoPHlC8AUiF12f42RY3NcNh9xD
3IklhFqJKaWOntKYq4yXXH4dUJwF+DA/9u7wYhk7HyWfklSw23XrMDXINbE89UxE
9390mKFLZ90EcTCINPRNI09k9Je69yT7ExnwalYeJn0MSi8kNDWqiOQggTm/b7U/
YSdECp/LXFs9xQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:01:01 2025 by rpki-client