Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
File: P-XZqjR4a6oW1Fa9857K-12XMPg.mft (raw, json)
Hash identifier: FzoO3+x5QKXm3OCvQCJ/tmooFSH8RRG43tSeVtkdYfA=
Subject key identifier: 97:CF:4C:50:1C:7A:81:4A:BA:50:DD:D5:34:A0:74:8C:98:84:36:56
Authority key identifier: 3F:E5:D9:AA:34:78:6B:AA:16:D4:56:BD:F3:9E:CA:FB:5D:97:30:F8
Certificate issuer: /CN=3fe5d9aa34786baa16d456bdf39ecafb5d9730f8
Certificate serial: 019A71B7FA0D6372E49AAD837CE8882ACF95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 07:01:13 +0000
Manifest this update: Tue 11 Nov 2025 07:01:13 +0000
Manifest next update: Wed 12 Nov 2025 07:01:13 +0000
Files and hashes: 1: I8Hl2QUOJ6pW-HzuzhburaAUCcs.roa (hash: TO7xgPDDMwBnfoyPmeOZq+S6vszklMWr0Jg0Yq+3Oiw=)
2: P-XZqjR4a6oW1Fa9857K-12XMPg.crl (hash: H7wxryyYFZ9w30SD4JnUjjmV6+e6NAsR36qU1T4iVt0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:fa:0d:63:72:e4:9a:ad:83:7c:e8:88:2a:cf:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe5d9aa34786baa16d456bdf39ecafb5d9730f8
Validity
Not Before: Nov 11 07:01:13 2025 GMT
Not After : Nov 12 07:01:13 2025 GMT
Subject: CN=97cf4c501c7a814aba50ddd534a0748c98843656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cc:76:51:e0:56:db:fa:de:28:81:a4:8a:2b:
67:66:6b:ea:80:b0:33:e8:18:17:71:fd:16:a7:02:
72:4e:eb:d2:06:23:25:7b:33:dc:6e:96:d2:ff:50:
0e:cc:59:3b:4c:0f:d2:70:3c:b2:fb:b4:a7:2b:fe:
e0:90:e5:39:4a:1d:23:e9:d7:19:17:c8:26:8d:eb:
b2:25:27:07:31:2a:80:8f:22:ce:f7:29:48:ee:bc:
39:1d:77:f2:6d:18:bd:ca:94:52:02:d7:b1:09:7b:
67:92:05:0c:97:fd:f1:98:9b:cb:a3:b0:c8:3e:57:
f0:7b:7c:5f:9c:a8:51:b3:93:f1:7d:a3:ed:b4:3e:
ee:bb:d6:98:94:23:74:82:0e:98:ce:9d:d0:ee:06:
24:c4:c2:20:39:bf:ac:b4:aa:79:a6:f2:4a:24:ca:
4d:39:04:fb:38:9a:72:91:7e:a0:87:37:a4:93:5c:
c4:b2:33:23:be:32:6f:cc:73:b1:20:41:ec:82:09:
28:eb:ab:62:c4:cd:0a:62:f9:ea:5d:a6:aa:de:c9:
33:fb:51:98:82:5c:87:28:89:7a:b0:bc:38:69:87:
19:3e:4c:ab:45:01:1e:f2:d1:fc:96:a8:73:e7:6a:
61:6e:f0:96:da:5c:3b:b6:6e:9b:39:36:d4:67:df:
8f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CF:4C:50:1C:7A:81:4A:BA:50:DD:D5:34:A0:74:8C:98:84:36:56
X509v3 Authority Key Identifier:
keyid:3F:E5:D9:AA:34:78:6B:AA:16:D4:56:BD:F3:9E:CA:FB:5D:97:30:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:57:a6:07:79:c7:9f:31:57:f5:c8:f5:9d:4f:e4:8e:e0:e2:
d2:57:2e:3e:c3:d4:7f:1c:bb:4b:cd:d5:75:09:64:11:47:03:
e8:41:ce:3b:93:a8:f7:80:d3:ae:27:e5:1b:bb:d8:a1:d1:7b:
4a:7c:69:e8:fb:cb:63:d9:60:3a:63:5f:00:a4:3c:9e:b6:1b:
b6:a5:d2:93:7d:1b:d1:cd:d8:65:ba:78:3c:42:57:00:a7:48:
26:8d:67:d3:2e:99:de:19:55:01:bc:17:9f:51:d8:25:e7:ab:
fe:a2:dc:02:b5:d7:1e:2e:13:ff:d9:97:b5:db:12:f9:ae:12:
7c:d3:84:42:0d:95:03:d1:c0:f2:2e:6a:92:34:73:7a:17:af:
d8:ed:d0:0e:7e:98:26:9e:1f:c1:df:6a:d9:0e:bc:78:31:c7:
1b:fb:ac:20:c4:5e:ec:97:bc:c3:0a:ca:e1:7e:cb:3e:30:16:
87:02:1b:4c:a1:f7:2f:30:0a:fe:93:1f:af:3c:1c:a7:67:08:
df:09:ea:fa:5c:5f:58:4c:9d:d1:e7:17:b8:8c:d5:7e:6f:07:
cd:e1:d3:68:42:04:8c:37:c5:4a:19:65:f5:63:aa:a1:bd:7d:
e0:1e:56:4c:9c:90:fd:a7:92:d8:24:41:75:58:99:a8:e9:09:
09:9d:00:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/oNY3Lkmq2DfOiIKs+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTVkOWFhMzQ3ODZiYWExNmQ0NTZiZGYzOWVjYWZiNWQ5
NzMwZjgwHhcNMjUxMTExMDcwMTEzWhcNMjUxMTEyMDcwMTEzWjAzMTEwLwYDVQQD
Eyg5N2NmNGM1MDFjN2E4MTRhYmE1MGRkZDUzNGEwNzQ4Yzk4ODQzNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycx2UeBW2/reKIGkiitnZmvqgLAz
6BgXcf0WpwJyTuvSBiMlezPcbpbS/1AOzFk7TA/ScDyy+7SnK/7gkOU5Sh0j6dcZ
F8gmjeuyJScHMSqAjyLO9ylI7rw5HXfybRi9ypRSAtexCXtnkgUMl/3xmJvLo7DI
Plfwe3xfnKhRs5PxfaPttD7uu9aYlCN0gg6Yzp3Q7gYkxMIgOb+stKp5pvJKJMpN
OQT7OJpykX6ghzekk1zEsjMjvjJvzHOxIEHsggko66tixM0KYvnqXaaq3skz+1GY
glyHKIl6sLw4aYcZPkyrRQEe8tH8lqhz52phbvCW2lw7tm6bOTbUZ9+P4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfPTFAceoFKulDd1TSgdIyYhDZWMB8GA1UdIwQY
MBaAFD/l2ao0eGuqFtRWvfOeyvtdlzD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9hMmZlNjgtNzYxZC00ZTZjLTlkY2Qt
NTk0YzFhY2Q5ZGFmLzEvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9hMmZlNjgtNzYxZC00ZTZjLTlkY2QtNTk0YzFhY2Q5ZGFm
LzEvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn1emB3nH
nzFX9cj1nU/kjuDi0lcuPsPUfxy7S83VdQlkEUcD6EHOO5Oo94DTriflG7vYodF7
Snxp6PvLY9lgOmNfAKQ8nrYbtqXSk30b0c3YZbp4PEJXAKdIJo1n0y6Z3hlVAbwX
n1HYJeer/qLcArXXHi4T/9mXtdsS+a4SfNOEQg2VA9HA8i5qkjRzehev2O3QDn6Y
Jp4fwd9q2Q68eDHHG/usIMRe7Je8wwrK4X7LPjAWhwIbTKH3LzAK/pMfrzwcp2cI
3wnq+lxfWEyd0ecXuIzVfm8HzeHTaEIEjDfFShll9WOqob194B5WTJyQ/aeS2CRB
dViZqOkJCZ0AqQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:30 2025 by rpki-client