Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
File: pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json)
Hash identifier: /a6w2nXXm7k4ag+tiz4/5hkepP2NVX81KREYL2GLQS4=
Subject key identifier: 2E:1C:43:5E:74:F6:6E:95:EE:B0:CC:18:1B:0B:C0:A8:FA:C7:90:49
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial: 019931235B063321F200060EA6A91EBF2CA6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
Manifest number: 0953
Signing time: Wed 10 Sep 2025 01:00:24 +0000
Manifest this update: Wed 10 Sep 2025 01:00:24 +0000
Manifest next update: Thu 11 Sep 2025 01:00:24 +0000
Files and hashes: 1: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: Mk7j++GexARXYQqmK7B+dXkqO7/knGZR/iSr2pft38Y=)
2: rWk5sIUEQt5GM5tD9jvlVGxlmoc.roa (hash: bdSHmybqlxfqe2LDlmT/vhR2hatifsBsFgj+STLVUXQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:31:23:5b:06:33:21:f2:00:06:0e:a6:a9:1e:bf:2c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
Validity
Not Before: Sep 10 01:00:24 2025 GMT
Not After : Sep 11 01:00:24 2025 GMT
Subject: CN=2e1c435e74f66e95eeb0cc181b0bc0a8fac79049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cd:67:2f:8f:d1:7a:9d:e1:d3:50:35:32:df:
34:df:1c:7a:28:d4:72:a8:13:11:5e:dc:2e:cf:eb:
da:89:8d:ba:1c:70:fa:63:ff:24:93:70:b8:76:27:
b2:6e:0d:52:6c:d6:e1:b6:36:0b:27:19:2a:f2:bd:
33:bc:7f:17:08:af:d9:6c:bd:fc:e6:c7:7c:3d:f6:
0f:11:64:c5:cf:e7:57:ac:d6:f2:7b:50:11:d3:36:
69:28:98:6a:fa:01:6d:50:d7:f2:0a:6f:52:c7:9c:
07:be:b5:ff:a6:3a:66:c9:1b:02:3a:14:62:cc:b2:
e4:2d:e3:8b:a3:51:f3:a8:c3:6b:48:a0:2a:ca:ad:
cb:1c:97:8f:dc:5a:dd:3c:57:1b:bc:65:cb:8b:f1:
e7:c2:0e:05:d3:a5:8f:68:7d:38:0a:64:63:39:d2:
0f:89:d5:93:21:24:7c:32:07:e9:0b:8f:39:4a:6e:
a0:e9:dc:38:20:01:7f:e6:97:9d:4b:f1:d3:f6:26:
0a:bb:44:d5:06:e4:24:50:ff:cd:48:91:08:6f:b7:
90:0c:da:8f:3c:b1:fd:83:2f:2c:e8:76:8f:49:bc:
17:f0:97:f0:c3:02:91:02:a7:20:54:ca:a8:63:a8:
d9:41:b1:0d:25:28:04:0a:2f:76:0a:26:87:24:8f:
18:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1C:43:5E:74:F6:6E:95:EE:B0:CC:18:1B:0B:C0:A8:FA:C7:90:49
X509v3 Authority Key Identifier:
keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:83:95:65:eb:cc:e4:73:36:97:2d:5f:e9:8e:1e:8f:81:95:
64:f6:71:be:ca:c6:29:64:6c:60:83:90:06:c8:48:6b:40:2c:
9c:8e:95:ad:fa:30:28:e7:b5:ed:b7:a4:6f:b5:38:4d:a8:d4:
2c:f1:a3:13:27:45:6d:14:72:86:9d:d0:46:45:73:b3:68:b7:
e3:60:36:4f:24:1a:28:36:cf:21:7a:f6:f4:88:1c:31:d9:58:
0a:e7:b7:6c:f0:00:11:f2:fa:bf:39:bd:e4:bd:94:91:fc:03:
57:d2:d6:b0:b7:23:5a:d0:2d:fb:62:4c:22:1a:04:33:04:22:
24:56:ea:c4:8f:b0:cc:97:f6:d0:15:88:87:c7:9e:67:1a:33:
39:05:53:92:b8:25:9f:de:ca:bf:f0:24:3a:7b:05:b4:6d:f3:
fe:1b:fa:66:9e:fb:2d:8f:b0:cb:7a:92:f7:14:45:7c:0d:87:
af:3d:73:b1:8a:55:08:9f:e9:42:1e:39:0e:a7:5e:c7:ed:e9:
a8:16:17:ba:79:b8:be:35:a4:30:26:6b:4e:20:45:39:c6:9d:
be:0f:33:7c:e1:e4:91:88:e7:76:01:89:2c:69:84:7f:5d:50:
6d:ab:f4:4b:c4:fd:5c:0e:d4:bf:72:8f:bd:e4:a7:97:28:b6:
a6:d4:1a:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkxI1sGMyHyAAYOpqkevyymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjUwOTEwMDEwMDI0WhcNMjUwOTExMDEwMDI0WjAzMTEwLwYDVQQD
EygyZTFjNDM1ZTc0ZjY2ZTk1ZWViMGNjMTgxYjBiYzBhOGZhYzc5MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7s1nL4/Rep3h01A1Mt803xx6KNRy
qBMRXtwuz+vaiY26HHD6Y/8kk3C4dieybg1SbNbhtjYLJxkq8r0zvH8XCK/ZbL38
5sd8PfYPEWTFz+dXrNbye1AR0zZpKJhq+gFtUNfyCm9Sx5wHvrX/pjpmyRsCOhRi
zLLkLeOLo1HzqMNrSKAqyq3LHJeP3FrdPFcbvGXLi/Hnwg4F06WPaH04CmRjOdIP
idWTISR8MgfpC485Sm6g6dw4IAF/5pedS/HT9iYKu0TVBuQkUP/NSJEIb7eQDNqP
PLH9gy8s6HaPSbwX8JfwwwKRAqcgVMqoY6jZQbENJSgECi92CiaHJI8YZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4cQ1509m6V7rDMGBsLwKj6x5BJMB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArYOVZevM
5HM2ly1f6Y4ej4GVZPZxvsrGKWRsYIOQBshIa0AsnI6VrfowKOe17bekb7U4TajU
LPGjEydFbRRyhp3QRkVzs2i342A2TyQaKDbPIXr29IgcMdlYCue3bPAAEfL6vzm9
5L2UkfwDV9LWsLcjWtAt+2JMIhoEMwQiJFbqxI+wzJf20BWIh8eeZxozOQVTkrgl
n97Kv/AkOnsFtG3z/hv6Zp77LY+wy3qS9xRFfA2Hrz1zsYpVCJ/pQh45Dqdex+3p
qBYXunm4vjWkMCZrTiBFOcadvg8zfOHkkYjndgGJLGmEf11Qbav0S8T9XA7Uv3KP
veSnlyi2ptQa8Q==
-----END CERTIFICATE-----
Generated at Wed Sep 10 04:14:39 2025 by rpki-client