Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft
File: PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft (raw, json)
Hash identifier: 5871VkZ9mq4hxlSWgOdq/ysav48ExmsQIpwXTOLw8cc=
Subject key identifier: 3D:B7:F2:7D:64:0B:EB:F4:78:78:0E:83:94:93:BA:30:DE:4E:FE:F6
Authority key identifier: 3F:21:77:A3:E8:6C:83:9C:FD:19:3D:BB:46:ED:A8:08:7D:82:14:1A
Certificate issuer: /CN=3f2177a3e86c839cfd193dbb46eda8087d82141a
Certificate serial: 019A71B8AE0B5BE75F65DDC457FE1DBB3DE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyF3o-hsg5z9GT27Ru2oCH2CFBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft
Manifest number: 140D
Signing time: Tue 11 Nov 2025 07:01:59 +0000
Manifest this update: Tue 11 Nov 2025 07:01:59 +0000
Manifest next update: Wed 12 Nov 2025 07:01:59 +0000
Files and hashes: 1: PyF3o-hsg5z9GT27Ru2oCH2CFBo.crl (hash: BWlR8UTqsqZUnjgoyUnyajRNjmvaEnzWCr8rPJOYL/s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/PyF3o-hsg5z9GT27Ru2oCH2CFBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:ae:0b:5b:e7:5f:65:dd:c4:57:fe:1d:bb:3d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f2177a3e86c839cfd193dbb46eda8087d82141a
Validity
Not Before: Nov 11 07:01:59 2025 GMT
Not After : Nov 12 07:01:59 2025 GMT
Subject: CN=3db7f27d640bebf478780e839493ba30de4efef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:ba:be:37:1a:0e:ac:c2:5f:8e:9d:97:b5:
9d:ea:b6:76:f7:8d:91:23:fd:e5:9d:35:d9:d8:09:
88:98:92:f8:a7:76:77:6c:c9:cd:94:a6:33:f5:a5:
0e:87:b1:b1:d6:3f:41:71:b0:b2:a7:0c:c1:cf:7c:
a4:7c:82:9e:ac:9c:ac:5e:ec:65:9b:cb:d3:16:90:
b7:70:e4:72:50:5b:d0:7e:d8:ad:43:f0:6b:f0:7b:
65:e9:36:b7:08:07:7c:e4:d9:a7:e3:38:c7:84:01:
a8:28:b2:96:20:a4:65:ce:74:85:f1:0f:75:32:cd:
14:85:4f:86:c5:5c:d5:4a:36:97:d4:40:f1:bc:eb:
9e:a2:90:3b:bc:8f:42:e1:82:83:5e:f3:fc:0c:be:
1e:47:b3:17:74:ba:82:44:1a:97:b7:95:ec:5a:27:
fc:46:d2:24:2e:d8:64:39:e5:b6:3d:ac:7b:1b:14:
98:be:64:3a:21:9b:56:cd:da:7f:ac:d0:da:32:43:
19:36:89:99:ad:f9:8b:c5:fa:86:42:88:a6:4c:3b:
e8:1a:f6:4b:9b:e0:5c:c7:cd:36:47:81:ac:c9:ad:
2e:c0:2d:fd:ac:de:8b:96:49:92:06:40:8d:c8:00:
88:b8:cd:9f:fe:f8:e2:eb:85:87:3c:18:0d:c5:97:
7b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B7:F2:7D:64:0B:EB:F4:78:78:0E:83:94:93:BA:30:DE:4E:FE:F6
X509v3 Authority Key Identifier:
keyid:3F:21:77:A3:E8:6C:83:9C:FD:19:3D:BB:46:ED:A8:08:7D:82:14:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyF3o-hsg5z9GT27Ru2oCH2CFBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2cf926-810e-411e-bd5b-161e513ebdc2/1/PyF3o-hsg5z9GT27Ru2oCH2CFBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:cb:b7:fc:0b:84:2a:69:00:f9:77:e7:ce:76:68:96:df:36:
00:cc:9e:43:48:1b:d5:d4:07:52:9c:38:1e:a5:c9:fe:b7:0f:
99:83:58:8b:50:83:1e:7d:d0:7d:17:77:15:00:4e:4b:ea:17:
04:c4:a6:e1:9f:7c:52:aa:d1:d3:f5:2e:66:c2:d6:49:71:ac:
2f:c8:b2:39:06:7e:27:5f:9e:c9:a1:57:6f:ed:58:81:f8:f3:
70:e0:ba:d7:71:13:3d:3f:e3:a5:cc:86:df:91:b5:9e:63:03:
1d:a9:52:6c:01:65:38:15:d9:65:d6:c5:2d:b2:09:eb:bf:7d:
21:85:fb:fb:45:77:61:79:1c:26:94:86:3b:c2:3e:ec:47:fa:
9c:35:0f:02:4e:43:b3:43:c0:09:cb:1b:77:c5:cd:60:56:aa:
9e:72:9b:c5:07:aa:f7:7d:55:c6:75:5d:3a:76:2b:82:7c:26:
76:4e:68:90:a9:90:d4:dd:c2:da:35:c9:7f:ea:18:59:0e:37:
98:fd:d1:41:2a:ec:38:a5:40:a8:fa:5f:f1:e1:cf:62:d4:01:
2c:07:23:2a:4b:10:25:4f:38:b3:cb:78:b1:6c:62:51:4e:1e:
f6:d1:63:78:00:3f:05:30:bb:a7:40:5e:5f:86:7f:98:49:58:
d6:30:5a:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuK4LW+dfZd3EV/4duz3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjE3N2EzZTg2YzgzOWNmZDE5M2RiYjQ2ZWRhODA4N2Q4
MjE0MWEwHhcNMjUxMTExMDcwMTU5WhcNMjUxMTEyMDcwMTU5WjAzMTEwLwYDVQQD
EygzZGI3ZjI3ZDY0MGJlYmY0Nzg3ODBlODM5NDkzYmEzMGRlNGVmZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGK6vjcaDqzCX46dl7Wd6rZ2942R
I/3lnTXZ2AmImJL4p3Z3bMnNlKYz9aUOh7Gx1j9BcbCypwzBz3ykfIKerJysXuxl
m8vTFpC3cORyUFvQftitQ/Br8Htl6Ta3CAd85Nmn4zjHhAGoKLKWIKRlznSF8Q91
Ms0UhU+GxVzVSjaX1EDxvOueopA7vI9C4YKDXvP8DL4eR7MXdLqCRBqXt5XsWif8
RtIkLthkOeW2Pax7GxSYvmQ6IZtWzdp/rNDaMkMZNomZrfmLxfqGQoimTDvoGvZL
m+Bcx802R4Gsya0uwC39rN6LlkmSBkCNyACIuM2f/vji64WHPBgNxZd7cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD238n1kC+v0eHgOg5STujDeTv72MB8GA1UdIwQY
MBaAFD8hd6PobIOc/Rk9u0btqAh9ghQaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlGM28taHNnNXo5R1QyN1J1Mm9DSDJDRkJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yY2Y5MjYtODEwZS00MTFlLWJkNWIt
MTYxZTUxM2ViZGMyLzEvUHlGM28taHNnNXo5R1QyN1J1Mm9DSDJDRkJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yY2Y5MjYtODEwZS00MTFlLWJkNWItMTYxZTUxM2ViZGMy
LzEvUHlGM28taHNnNXo5R1QyN1J1Mm9DSDJDRkJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMu3/AuE
KmkA+XfnznZolt82AMyeQ0gb1dQHUpw4HqXJ/rcPmYNYi1CDHn3QfRd3FQBOS+oX
BMSm4Z98UqrR0/UuZsLWSXGsL8iyOQZ+J1+eyaFXb+1YgfjzcOC613ETPT/jpcyG
35G1nmMDHalSbAFlOBXZZdbFLbIJ6799IYX7+0V3YXkcJpSGO8I+7Ef6nDUPAk5D
s0PACcsbd8XNYFaqnnKbxQeq931VxnVdOnYrgnwmdk5okKmQ1N3C2jXJf+oYWQ43
mP3RQSrsOKVAqPpf8eHPYtQBLAcjKksQJU84s8t4sWxiUU4e9tFjeAA/BTC7p0Be
X4Z/mElY1jBaAg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:36:51 2025 by rpki-client