Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
File: PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft (raw, json)
Hash identifier: dEWm+2m/YkBNDM+EOOsIYU1bIOtH0lLOqdI5xIoh3BY=
Subject key identifier: 59:42:51:C7:33:7A:DD:B7:FA:B7:5B:4F:7E:B5:AC:55:6F:78:FF:BA
Authority key identifier: 3D:6A:BE:5C:48:AE:CE:BD:4A:23:7E:15:3C:36:84:F3:06:08:D4:44
Certificate issuer: /CN=3d6abe5c48aecebd4a237e153c3684f30608d444
Certificate serial: 019A722586AF5514F34EEB991254E16A4BBC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
Manifest number: 0524
Signing time: Tue 11 Nov 2025 09:00:53 +0000
Manifest this update: Tue 11 Nov 2025 09:00:53 +0000
Manifest next update: Wed 12 Nov 2025 09:00:53 +0000
Files and hashes: 1: 0-NbRqc8zQ3-jTIYZOwXbybz260.roa (hash: F4aAH1P/CqccbM0rJQ6/jB1mC+tQi8oCbtTD8Uif+I8=)
2: PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl (hash: 85bLMbNINS7R3zpgCT7YuQx/7P2PwP7pIB8+HgNZBAU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:86:af:55:14:f3:4e:eb:99:12:54:e1:6a:4b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d6abe5c48aecebd4a237e153c3684f30608d444
Validity
Not Before: Nov 11 09:00:53 2025 GMT
Not After : Nov 12 09:00:53 2025 GMT
Subject: CN=594251c7337addb7fab75b4f7eb5ac556f78ffba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:90:95:d5:7a:29:32:c2:25:4a:da:74:0f:c0:
b8:f4:7f:b7:ad:9c:ff:31:9e:1b:23:3b:ea:a3:c8:
bd:36:c3:64:e2:f9:15:fd:30:e9:90:fa:bf:27:75:
7b:4f:b2:c9:73:0f:b6:2e:60:1c:6f:0d:8d:87:ac:
a6:2f:41:55:06:7c:67:71:6e:5d:51:0a:fe:0f:26:
c3:56:22:7c:06:bc:84:1e:ee:c5:ea:8c:55:1c:a6:
43:53:39:58:e7:56:19:15:8a:b3:22:c7:4c:84:0e:
3a:d0:bb:2f:45:cf:5b:63:a6:57:59:61:6e:f0:7d:
c2:ce:82:f4:98:49:a0:91:19:2c:0b:6d:6a:75:be:
b0:f1:ff:6c:4c:86:44:40:5e:a1:47:7a:83:ad:f9:
21:81:ec:91:ca:5b:da:b4:05:37:94:d1:0d:f5:21:
f4:db:bc:d7:a9:cd:33:4e:3d:a0:d0:b8:24:c6:6d:
41:93:d6:1f:82:39:16:2d:e6:0c:9c:08:23:52:3d:
15:71:2b:ca:c6:14:38:c9:40:92:83:8c:5d:14:e5:
3b:57:2d:80:39:9f:73:14:55:06:e5:a3:01:56:e0:
17:38:82:24:2b:b6:43:f4:70:2c:54:4c:58:7c:3a:
ab:f3:56:78:f7:3a:a8:ca:77:9f:bd:d9:ec:b5:81:
15:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:42:51:C7:33:7A:DD:B7:FA:B7:5B:4F:7E:B5:AC:55:6F:78:FF:BA
X509v3 Authority Key Identifier:
keyid:3D:6A:BE:5C:48:AE:CE:BD:4A:23:7E:15:3C:36:84:F3:06:08:D4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:40:f6:c4:e2:47:5b:22:81:bf:94:50:4b:d2:0a:6b:8e:40:
2e:3f:47:03:71:d5:6c:04:06:6d:3f:e3:be:dc:ec:5a:57:79:
c0:22:d8:59:b7:27:10:36:ed:5f:21:24:c3:5a:60:97:8a:15:
59:1f:ad:cb:5a:bf:13:f0:bf:d1:45:56:dc:5c:46:b2:41:51:
6a:ab:8b:3c:cb:60:1e:74:b1:89:16:60:98:3d:78:5f:2a:a5:
81:cf:20:51:a6:e9:ef:fc:8c:7a:79:eb:eb:37:73:ca:81:74:
00:3c:6a:2d:16:ca:d5:f4:28:c6:f2:f3:4f:fa:d0:eb:c0:cb:
4a:d7:f0:de:d8:63:be:b8:9c:fa:15:e0:b3:5a:69:af:68:3e:
e2:5a:0c:07:3d:64:dd:f1:1a:c4:1b:2a:e0:a6:3e:c8:07:c0:
c0:cf:42:98:56:f4:db:9a:5e:51:b6:78:dd:7c:24:c4:7e:97:
c3:3e:52:8c:36:fb:6e:cd:98:07:34:4a:39:dd:50:80:48:e3:
de:20:7d:7c:cb:e6:10:e3:d9:d0:52:b7:8c:4b:22:51:95:79:
5f:12:04:5d:6f:22:04:84:f1:9d:32:3b:c3:d2:04:8a:65:d3:
ba:00:71:e3:c5:6a:a0:12:2f:37:ba:15:24:f1:79:32:e6:2d:
49:16:14:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYavVRTzTuuZElThaku8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmFiZTVjNDhhZWNlYmQ0YTIzN2UxNTNjMzY4NGYzMDYw
OGQ0NDQwHhcNMjUxMTExMDkwMDUzWhcNMjUxMTEyMDkwMDUzWjAzMTEwLwYDVQQD
Eyg1OTQyNTFjNzMzN2FkZGI3ZmFiNzViNGY3ZWI1YWM1NTZmNzhmZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZCV1XopMsIlStp0D8C49H+3rZz/
MZ4bIzvqo8i9NsNk4vkV/TDpkPq/J3V7T7LJcw+2LmAcbw2Nh6ymL0FVBnxncW5d
UQr+DybDViJ8BryEHu7F6oxVHKZDUzlY51YZFYqzIsdMhA460LsvRc9bY6ZXWWFu
8H3CzoL0mEmgkRksC21qdb6w8f9sTIZEQF6hR3qDrfkhgeyRylvatAU3lNEN9SH0
27zXqc0zTj2g0Lgkxm1Bk9YfgjkWLeYMnAgjUj0VcSvKxhQ4yUCSg4xdFOU7Vy2A
OZ9zFFUG5aMBVuAXOIIkK7ZD9HAsVExYfDqr81Z49zqoynefvdnstYEV7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlCUcczet23+rdbT361rFVveP+6MB8GA1UdIwQY
MBaAFD1qvlxIrs69SiN+FTw2hPMGCNREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81ZmI4MDMtNDMzMy00MTc1LTkwZGYt
YWVjMTRlYTE3ZWJmLzEvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81ZmI4MDMtNDMzMy00MTc1LTkwZGYtYWVjMTRlYTE3ZWJm
LzEvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKkD2xOJH
WyKBv5RQS9IKa45ALj9HA3HVbAQGbT/jvtzsWld5wCLYWbcnEDbtXyEkw1pgl4oV
WR+ty1q/E/C/0UVW3FxGskFRaquLPMtgHnSxiRZgmD14Xyqlgc8gUabp7/yMennr
6zdzyoF0ADxqLRbK1fQoxvLzT/rQ68DLStfw3thjvric+hXgs1ppr2g+4loMBz1k
3fEaxBsq4KY+yAfAwM9CmFb025peUbZ43XwkxH6Xwz5SjDb7bs2YBzRKOd1QgEjj
3iB9fMvmEOPZ0FK3jEsiUZV5XxIEXW8iBITxnTI7w9IEimXTugBx48VqoBIvN7oV
JPF5MuYtSRYUdg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:18:31 2025 by rpki-client