Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c8313-ed1c-414b-b4cc-5ed057025516/1/_PU0Avp2-gY3bN6mvNOV4YAHnbc.mft
File: _PU0Avp2-gY3bN6mvNOV4YAHnbc.mft (raw, json)
Hash identifier: 0w7Yq3YpLnnbCn8pBCydXtL4liQxxAUr6izwqpLpCMg=
Subject key identifier: 9E:79:16:21:70:DC:A8:D5:AE:05:5A:D3:34:5A:E3:64:21:9B:36:2E
Authority key identifier: FC:F5:34:02:FA:76:FA:06:37:6C:DE:A6:BC:D3:95:E1:80:07:9D:B7
Certificate issuer: /CN=fcf53402fa76fa06376cdea6bcd395e180079db7
Certificate serial: 019A725C66A479BA41FA278AF6C2CEAA8032
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_PU0Avp2-gY3bN6mvNOV4YAHnbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c8313-ed1c-414b-b4cc-5ed057025516/1/_PU0Avp2-gY3bN6mvNOV4YAHnbc.mft
Manifest number: 142E
Signing time: Tue 11 Nov 2025 10:00:49 +0000
Manifest this update: Tue 11 Nov 2025 10:00:49 +0000
Manifest next update: Wed 12 Nov 2025 10:00:49 +0000
Files and hashes: 1: 5QVE77uQnSCLbr9iYF89fXdJU-M.roa (hash: IPgTEo7hNu+XjVm/3xLzVMgF8abs7044xMIbnapyQg8=)
2: _PU0Avp2-gY3bN6mvNOV4YAHnbc.crl (hash: 76PauO6pA692/5BAbXG/Epu6UYh4FKg1pqqLjwLRpUc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/8c8313-ed1c-414b-b4cc-5ed057025516/1/_PU0Avp2-gY3bN6mvNOV4YAHnbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/8c8313-ed1c-414b-b4cc-5ed057025516/1/_PU0Avp2-gY3bN6mvNOV4YAHnbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_PU0Avp2-gY3bN6mvNOV4YAHnbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:66:a4:79:ba:41:fa:27:8a:f6:c2:ce:aa:80:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcf53402fa76fa06376cdea6bcd395e180079db7
Validity
Not Before: Nov 11 10:00:49 2025 GMT
Not After : Nov 12 10:00:49 2025 GMT
Subject: CN=9e79162170dca8d5ae055ad3345ae364219b362e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:61:7c:3a:89:5b:9e:a0:47:2b:23:ee:1a:29:
dd:23:74:1d:60:d8:2e:f3:15:05:09:dc:68:29:e3:
b5:61:0e:da:a5:ef:1a:6f:ef:d5:47:bc:b9:6d:dd:
cd:26:60:83:cb:24:ef:12:6a:46:07:5f:c0:b0:1f:
e1:01:b7:59:51:bb:f2:15:0a:99:34:d2:69:2e:0a:
c3:af:de:4b:4e:80:df:11:db:1f:ae:f1:69:5f:f4:
4f:5b:e1:9e:b1:da:2a:e9:db:eb:85:0e:15:66:03:
92:62:4e:48:69:65:73:be:3f:ad:b2:32:64:28:7b:
dd:25:0c:f2:36:fe:38:e7:f2:dc:14:d0:ef:f5:2d:
47:e7:c9:57:86:b2:e1:12:10:b9:77:db:61:a2:a3:
66:7b:7e:b3:e6:ee:5e:af:85:6b:2b:c2:5a:27:5f:
2e:d8:d9:00:59:50:19:80:36:a5:2f:cd:a9:64:15:
b7:8e:ea:4b:7b:26:a5:d8:58:27:e4:0b:85:64:d9:
07:84:fc:4e:33:5e:d3:24:01:97:01:3f:a8:8c:e7:
47:a4:6e:bd:3b:7d:95:8a:dc:5d:0e:7a:b6:2b:1b:
96:76:a9:90:f0:3b:1f:36:58:0b:e1:f4:dc:df:c8:
43:01:0b:97:03:5a:50:39:6f:39:71:3c:42:2c:0e:
b2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:79:16:21:70:DC:A8:D5:AE:05:5A:D3:34:5A:E3:64:21:9B:36:2E
X509v3 Authority Key Identifier:
keyid:FC:F5:34:02:FA:76:FA:06:37:6C:DE:A6:BC:D3:95:E1:80:07:9D:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_PU0Avp2-gY3bN6mvNOV4YAHnbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c8313-ed1c-414b-b4cc-5ed057025516/1/_PU0Avp2-gY3bN6mvNOV4YAHnbc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c8313-ed1c-414b-b4cc-5ed057025516/1/_PU0Avp2-gY3bN6mvNOV4YAHnbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:8f:b0:35:7b:4d:27:7b:ba:15:7a:b0:3b:84:c9:b0:f1:46:
2c:a9:8e:98:7e:1d:9e:99:6a:d7:ac:75:d0:c0:76:db:0c:78:
9b:38:e7:e4:84:d1:21:b6:cd:69:42:fc:30:67:1c:ac:c5:25:
bc:f7:12:ba:87:90:4c:f1:9a:a7:d9:90:4b:1b:08:f9:f6:98:
a2:1a:81:e5:c3:80:01:33:7c:4e:57:d5:fc:77:be:7f:91:99:
b5:bb:09:0d:14:60:98:07:f2:ba:fe:f2:85:31:20:8c:64:a7:
50:54:8a:34:2b:ec:dd:aa:c7:81:26:2a:84:2e:aa:ca:f7:a1:
fa:c8:73:35:6d:f0:f0:14:10:3d:81:ea:31:2d:77:96:0e:4d:
f6:4e:57:ef:16:de:44:2f:74:8e:53:de:f8:27:a1:74:cd:9c:
9a:4e:53:85:7f:e8:7a:2e:1e:4e:6c:7c:e5:5e:0f:b6:e3:25:
83:be:71:b4:3d:e1:a7:e7:8b:9e:84:9d:e1:b8:4e:cd:3a:39:
b9:17:bd:f3:fe:83:06:f8:cc:ff:07:77:93:f9:08:48:59:77:
6a:c7:65:c6:e3:5d:e5:a9:cc:c4:fb:d4:35:38:cd:90:f3:4c:
06:29:47:90:6b:1f:86:6d:44:cc:8c:49:f1:24:d6:f6:9f:35:
af:15:30:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGakebpB+ieK9sLOqoAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZjUzNDAyZmE3NmZhMDYzNzZjZGVhNmJjZDM5NWUxODAw
NzlkYjcwHhcNMjUxMTExMTAwMDQ5WhcNMjUxMTEyMTAwMDQ5WjAzMTEwLwYDVQQD
Eyg5ZTc5MTYyMTcwZGNhOGQ1YWUwNTVhZDMzNDVhZTM2NDIxOWIzNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52F8OolbnqBHKyPuGindI3QdYNgu
8xUFCdxoKeO1YQ7ape8ab+/VR7y5bd3NJmCDyyTvEmpGB1/AsB/hAbdZUbvyFQqZ
NNJpLgrDr95LToDfEdsfrvFpX/RPW+Gesdoq6dvrhQ4VZgOSYk5IaWVzvj+tsjJk
KHvdJQzyNv445/LcFNDv9S1H58lXhrLhEhC5d9thoqNme36z5u5er4VrK8JaJ18u
2NkAWVAZgDalL82pZBW3jupLeyal2Fgn5AuFZNkHhPxOM17TJAGXAT+ojOdHpG69
O32VitxdDnq2KxuWdqmQ8DsfNlgL4fTc38hDAQuXA1pQOW85cTxCLA6ygQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ55FiFw3KjVrgVa0zRa42QhmzYuMB8GA1UdIwQY
MBaAFPz1NAL6dvoGN2zeprzTleGAB523MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1BVMEF2cDItZ1kzYk42bXZOT1Y0WUFIbmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzgzMTMtZWQxYy00MTRiLWI0Y2Mt
NWVkMDU3MDI1NTE2LzEvX1BVMEF2cDItZ1kzYk42bXZOT1Y0WUFIbmJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzgzMTMtZWQxYy00MTRiLWI0Y2MtNWVkMDU3MDI1NTE2
LzEvX1BVMEF2cDItZ1kzYk42bXZOT1Y0WUFIbmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPo+wNXtN
J3u6FXqwO4TJsPFGLKmOmH4dnplq16x10MB22wx4mzjn5ITRIbbNaUL8MGccrMUl
vPcSuoeQTPGap9mQSxsI+faYohqB5cOAATN8TlfV/He+f5GZtbsJDRRgmAfyuv7y
hTEgjGSnUFSKNCvs3arHgSYqhC6qyveh+shzNW3w8BQQPYHqMS13lg5N9k5X7xbe
RC90jlPe+CehdM2cmk5ThX/oei4eTmx85V4PtuMlg75xtD3hp+eLnoSd4bhOzTo5
uRe98/6DBvjM/wd3k/kISFl3asdlxuNd5anMxPvUNTjNkPNMBilHkGsfhm1EzIxJ
8STW9p81rxUwNg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:51:32 2025 by rpki-client