Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.mft
File: PQ70NYrbBA8zPZNhpCYeoOUNOKs.mft (raw, json)
Hash identifier: WbBNjTtp3NF+cyo/qSLUfn1Vw0SGl1g/rp+lL5pVKws=
Subject key identifier: E5:85:73:98:A0:BE:1A:F9:8B:C5:B3:25:19:B9:06:E7:31:D0:E2:06
Authority key identifier: 3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
Certificate issuer: /CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Certificate serial: 019A71B89B2401A6E7B777440F7C629A921C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:01:54 +0000
Manifest this update: Tue 11 Nov 2025 07:01:54 +0000
Manifest next update: Wed 12 Nov 2025 07:01:54 +0000
Files and hashes: 1: PQ70NYrbBA8zPZNhpCYeoOUNOKs.crl (hash: ryaSJNQ+48jhKRfjkwWBN0mslXL2Ikl8E9tqtcvPu8Y=)
2: baHbcRR9kf1ghjeGFAS82cVbM5E.roa (hash: ryV49aEsL3mdbzWN2VnZ4BiiOTM51N9BlYGHQV8L9fI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:9b:24:01:a6:e7:b7:77:44:0f:7c:62:9a:92:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Validity
Not Before: Nov 11 07:01:54 2025 GMT
Not After : Nov 12 07:01:54 2025 GMT
Subject: CN=e5857398a0be1af98bc5b32519b906e731d0e206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:54:91:63:e1:79:79:89:8d:c8:f7:f6:13:
e1:5c:60:68:73:45:04:31:06:e1:66:e0:71:5e:0d:
88:2f:c9:a4:d3:48:d5:f2:ef:36:0e:d3:11:c5:60:
ee:fe:26:42:e8:84:bf:1d:8c:84:c8:41:04:ce:99:
18:03:1a:12:eb:98:19:92:36:09:67:cf:24:a1:8a:
b8:4d:4b:7f:e4:08:f7:1f:02:5c:ff:42:b0:95:9f:
e3:0e:2c:5f:47:c1:2b:d7:a2:24:92:89:fa:b9:85:
1f:c0:02:1f:4f:a9:f5:7f:00:a4:c7:b4:06:5f:d2:
07:a5:18:0e:e6:ee:15:b7:de:08:9e:10:86:f9:77:
6b:51:cd:51:3c:63:a4:a7:a6:2f:a6:92:63:ed:c4:
bd:7e:19:78:ca:e2:2f:d7:f3:21:d6:f7:a3:66:cb:
df:e7:ef:5f:c8:0f:0f:f5:14:b9:32:7d:b1:74:23:
a3:74:57:80:33:f7:89:48:9c:f3:3e:77:ee:17:c2:
61:c4:7d:01:85:1e:c0:f6:b4:75:60:12:3e:d8:c2:
09:00:eb:5e:02:2e:9a:31:9f:3b:bf:ed:99:21:8a:
c7:88:3e:ed:61:b2:10:9d:44:9d:0f:7e:da:f8:c0:
50:fd:73:f0:1c:f5:b2:ed:f9:d7:b7:71:17:dc:0e:
8a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:85:73:98:A0:BE:1A:F9:8B:C5:B3:25:19:B9:06:E7:31:D0:E2:06
X509v3 Authority Key Identifier:
keyid:3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:de:ec:9a:08:4c:90:9f:48:a2:9c:e8:40:2e:40:b6:3d:0d:
5f:bf:1c:86:af:b2:59:4a:f8:78:99:a1:35:e4:3e:98:da:4b:
d0:21:00:6e:ce:e7:c8:34:ea:84:8c:a4:ca:b7:d1:16:d5:4b:
d4:c1:13:3c:79:14:15:b8:d8:e8:d5:a0:7d:67:36:0c:85:55:
be:35:8d:6f:ab:2e:ea:02:c2:03:b4:af:21:59:4b:62:34:53:
41:3c:5b:4e:b0:9a:d6:19:52:d0:d6:6d:05:ea:a8:42:35:86:
d4:a2:93:df:ae:85:e7:b6:39:50:63:f2:f2:1e:0e:75:2c:40:
57:4f:0f:55:4c:25:c4:a9:74:7c:af:b2:43:8d:95:d0:78:fb:
b6:b1:ef:db:c7:27:c7:c6:ed:7f:fe:9f:5f:5f:37:08:22:40:
06:b1:83:06:e1:2e:57:6a:8f:35:f4:fa:44:c2:b8:71:67:5b:
d7:43:42:82:63:13:0e:dc:4d:f2:2e:6a:a2:87:7d:fe:b5:d8:
91:f1:c1:a2:1f:66:bd:c8:98:c7:53:d5:06:a5:68:0d:d9:e3:
49:2d:e1:c0:cc:1d:ae:6e:de:db:ec:95:9c:73:d0:f0:d7:2e:
e8:2d:d5:13:2c:65:3f:72:56:b1:35:87:fa:2b:ed:f4:b0:ce:
bf:91:f1:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuJskAabnt3dED3ximpIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMGVmNDM1OGFkYjA0MGYzMzNkOTM2MWE0MjYxZWEwZTUw
ZDM4YWIwHhcNMjUxMTExMDcwMTU0WhcNMjUxMTEyMDcwMTU0WjAzMTEwLwYDVQQD
EyhlNTg1NzM5OGEwYmUxYWY5OGJjNWIzMjUxOWI5MDZlNzMxZDBlMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtitUkWPheXmJjcj39hPhXGBoc0UE
MQbhZuBxXg2IL8mk00jV8u82DtMRxWDu/iZC6IS/HYyEyEEEzpkYAxoS65gZkjYJ
Z88koYq4TUt/5Aj3HwJc/0KwlZ/jDixfR8Er16Ikkon6uYUfwAIfT6n1fwCkx7QG
X9IHpRgO5u4Vt94InhCG+XdrUc1RPGOkp6YvppJj7cS9fhl4yuIv1/Mh1vejZsvf
5+9fyA8P9RS5Mn2xdCOjdFeAM/eJSJzzPnfuF8JhxH0BhR7A9rR1YBI+2MIJAOte
Ai6aMZ87v+2ZIYrHiD7tYbIQnUSdD37a+MBQ/XPwHPWy7fnXt3EX3A6KGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWFc5igvhr5i8WzJRm5Bucx0OIGMB8GA1UdIwQY
MBaAFD0O9DWK2wQPMz2TYaQmHqDlDTirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDct
ZDJiYzk2YTk4YTE4LzEvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDctZDJiYzk2YTk4YTE4
LzEvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc97smghM
kJ9IopzoQC5Atj0NX78chq+yWUr4eJmhNeQ+mNpL0CEAbs7nyDTqhIykyrfRFtVL
1METPHkUFbjY6NWgfWc2DIVVvjWNb6su6gLCA7SvIVlLYjRTQTxbTrCa1hlS0NZt
BeqoQjWG1KKT366F57Y5UGPy8h4OdSxAV08PVUwlxKl0fK+yQ42V0Hj7trHv28cn
x8btf/6fX183CCJABrGDBuEuV2qPNfT6RMK4cWdb10NCgmMTDtxN8i5qood9/rXY
kfHBoh9mvciYx1PVBqVoDdnjSS3hwMwdrm7e2+yVnHPQ8Ncu6C3VEyxlP3JWsTWH
+ivt9LDOv5Hx5g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:11:19 2025 by rpki-client