Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
File: pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft (raw, json)
Hash identifier: 1iFhJKoqHO5vYpsq9Ym8nNFZ1hd7IUkxRn41mmJeI/U=
Subject key identifier: 60:D7:63:71:E0:F1:5C:BC:1E:5D:D5:EF:76:B6:08:8C:91:A3:4C:72
Authority key identifier: A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4
Certificate issuer: /CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4
Certificate serial: 019A72260C517FAB3BF3E6D2F2475F9225E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
Manifest number: 0BD2
Signing time: Tue 11 Nov 2025 09:01:27 +0000
Manifest this update: Tue 11 Nov 2025 09:01:27 +0000
Manifest next update: Wed 12 Nov 2025 09:01:27 +0000
Files and hashes: 1: 6jOAX6ZKooyhgzG3-RXUavHtejc.roa (hash: zAiUnOceYAANogRzQmsXCXZI4dk5OulIUSwMR15rFvs=)
2: pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl (hash: M1sYtZD55/aVVMzA6VqpM9MawQ5W2Na48xB9YeeXAdw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:0c:51:7f:ab:3b:f3:e6:d2:f2:47:5f:92:25:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4
Validity
Not Before: Nov 11 09:01:27 2025 GMT
Not After : Nov 12 09:01:27 2025 GMT
Subject: CN=60d76371e0f15cbc1e5dd5ef76b6088c91a34c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3c:49:ce:d8:be:66:e7:c8:a8:75:82:fe:01:
bb:c7:a2:57:3a:96:30:de:95:2e:9a:4d:23:e0:ab:
3c:db:84:95:7b:4c:99:d6:9a:b6:85:bc:b3:b8:87:
b9:c0:77:60:9c:8d:2a:39:19:8b:13:6e:92:d9:a6:
64:bf:bd:c0:03:a5:65:15:2d:8b:74:40:3b:87:48:
9f:e9:6c:15:0c:c0:16:80:c2:1c:17:f6:a3:37:65:
11:de:9f:51:c0:af:f3:8c:5b:a0:e3:f6:83:9c:b2:
96:a0:fa:6b:01:ec:8a:94:df:12:7e:cf:de:c7:46:
1b:25:82:66:c5:58:36:72:99:4b:ae:8e:7a:b7:d6:
c8:71:fb:b2:2c:39:b9:2b:2b:53:2d:8a:ce:5a:1e:
63:2a:93:19:21:dd:70:e9:09:eb:31:ed:99:92:b5:
7e:6a:c2:f6:e8:1f:29:54:fd:35:02:9a:60:65:f2:
f3:8d:a0:69:f0:6d:e1:f9:ff:c0:0b:96:df:90:22:
b7:7b:5e:ce:ff:c1:35:c1:ed:1d:d0:a8:fa:ab:c9:
4f:97:e4:07:3c:31:ff:02:4a:f1:ae:7a:a3:ff:26:
40:5e:09:fa:c2:1e:98:07:34:18:17:cd:dd:b7:c6:
d4:c0:04:09:ac:dd:10:b1:c4:a8:8e:cd:52:e3:42:
8b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D7:63:71:E0:F1:5C:BC:1E:5D:D5:EF:76:B6:08:8C:91:A3:4C:72
X509v3 Authority Key Identifier:
keyid:A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:35:f6:29:2f:d5:31:0a:38:f9:33:9f:c9:1a:e1:c7:c5:0e:
bc:1e:6c:53:30:f4:6b:aa:60:f1:11:44:eb:70:52:06:05:b8:
84:a7:56:4f:55:56:a5:c1:a1:79:00:fe:b8:cb:cf:13:76:91:
74:1d:ee:4a:83:c7:56:51:08:22:6f:fa:b2:b6:a6:71:74:ec:
38:b8:cb:6e:24:6c:16:cf:62:41:de:96:87:30:39:cb:ed:08:
c2:a2:d7:a6:fd:96:83:5b:07:99:d1:eb:49:c8:9a:14:f6:19:
89:a4:3c:11:12:86:51:dd:ae:f7:aa:1c:ed:3b:98:ed:8a:52:
6d:2e:95:67:42:53:93:64:75:d6:50:c8:ae:98:fa:e5:7e:2a:
99:1f:2d:1f:4d:15:30:d0:02:cf:6d:dc:4b:79:65:57:0f:d2:
79:35:87:59:98:19:30:13:89:77:28:30:33:c8:68:33:b1:b0:
35:7f:7c:f6:02:5a:ae:a9:16:5e:c9:7a:9d:63:ad:fb:e3:bc:
cf:fe:23:ae:8b:3f:74:2e:fb:f7:e7:2a:58:6f:fe:1d:19:62:
32:24:0e:c8:b8:57:23:3a:82:73:07:f1:ac:a2:d9:5b:ef:55:
15:2c:ec:f1:83:06:f0:09:52:b2:0c:d2:be:13:8b:8b:5d:eb:
8a:72:a9:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgxRf6s78+bS8kdfkiXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDNiMWRkNDEwMDcwYWQ2MmU0YTJmYzY2YTEzYjRlYjYx
MzY4ZjQwHhcNMjUxMTExMDkwMTI3WhcNMjUxMTEyMDkwMTI3WjAzMTEwLwYDVQQD
Eyg2MGQ3NjM3MWUwZjE1Y2JjMWU1ZGQ1ZWY3NmI2MDg4YzkxYTM0YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDxJzti+ZufIqHWC/gG7x6JXOpYw
3pUumk0j4Ks824SVe0yZ1pq2hbyzuIe5wHdgnI0qORmLE26S2aZkv73AA6VlFS2L
dEA7h0if6WwVDMAWgMIcF/ajN2UR3p9RwK/zjFug4/aDnLKWoPprAeyKlN8Sfs/e
x0YbJYJmxVg2cplLro56t9bIcfuyLDm5KytTLYrOWh5jKpMZId1w6QnrMe2ZkrV+
asL26B8pVP01AppgZfLzjaBp8G3h+f/AC5bfkCK3e17O/8E1we0d0Kj6q8lPl+QH
PDH/Akrxrnqj/yZAXgn6wh6YBzQYF83dt8bUwAQJrN0QscSojs1S40KLMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDXY3Hg8Vy8Hl3V73a2CIyRo0xyMB8GA1UdIwQY
MBaAFKUDsd1BAHCtYuSi/GahO062E2j0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjct
MDEzNWQ5MTI4ZTg2LzEvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjctMDEzNWQ5MTI4ZTg2
LzEvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmDX2KS/V
MQo4+TOfyRrhx8UOvB5sUzD0a6pg8RFE63BSBgW4hKdWT1VWpcGheQD+uMvPE3aR
dB3uSoPHVlEIIm/6sramcXTsOLjLbiRsFs9iQd6WhzA5y+0IwqLXpv2Wg1sHmdHr
SciaFPYZiaQ8ERKGUd2u96oc7TuY7YpSbS6VZ0JTk2R11lDIrpj65X4qmR8tH00V
MNACz23cS3llVw/SeTWHWZgZMBOJdygwM8hoM7GwNX989gJarqkWXsl6nWOt++O8
z/4jros/dC779+cqWG/+HRliMiQOyLhXIzqCcwfxrKLZW+9VFSzs8YMG8AlSsgzS
vhOLi13rinKpew==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:38:00 2025 by rpki-client