Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: mVDR1TP09ykx4xZTOqcOCbmUizuBPxoNT4AYhyao9uU=
Subject key identifier: 59:8E:13:9A:20:8E:22:12:18:C1:51:EA:36:B6:F8:D9:98:5D:CB:3B
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 0199345BAC47E05F99D5C3C8D7BDDF9A8935
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 1061
Signing time: Wed 10 Sep 2025 16:00:47 +0000
Manifest this update: Wed 10 Sep 2025 16:00:47 +0000
Manifest next update: Thu 11 Sep 2025 16:00:47 +0000
Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: o1aaWdQi86H4oO5noRUx47w8EcrFkPmIC/3710mCGA4=)
2: jH9C8p9nitrfAItNyA_YLJEP6ds.roa (hash: qAfQVpQ0k0QfJ2KTETvmr94XZk/rf+3SC4Qevdx1ZDY=)
3: tah1yfASreRchTqTj8AtcpkBGXY.roa (hash: 3mvJQGarrUT5b42icY1PPyWBBa9VfBbfud+/MFWuiN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:5b:ac:47:e0:5f:99:d5:c3:c8:d7:bd:df:9a:89:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Sep 10 16:00:47 2025 GMT
Not After : Sep 11 16:00:47 2025 GMT
Subject: CN=598e139a208e221218c151ea36b6f8d9985dcb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:bf:79:3e:45:50:76:1e:09:e5:cf:ec:60:7d:
d5:da:91:ac:3e:4c:60:f1:e5:c9:83:b4:e7:c0:6f:
b2:0f:ad:47:ac:c3:85:69:f2:37:9b:5d:32:2c:5e:
25:08:23:33:30:ab:1c:e2:ba:84:12:f4:a9:30:2c:
5c:1d:12:33:f6:07:ef:fa:ed:4b:41:d1:13:85:f5:
ea:f0:d0:18:7a:f4:f3:6e:98:2b:2a:ae:b1:01:2d:
64:b3:42:ec:af:e5:aa:f3:9c:37:dc:e7:63:96:e0:
28:7d:df:c5:ab:00:b6:4c:81:c9:b1:da:83:64:bc:
32:ae:7e:9c:d8:74:d0:f6:bc:1a:a6:c7:45:7e:54:
fc:e4:4b:55:68:57:61:50:ff:3a:45:4d:2d:8a:78:
4d:a1:e4:32:36:cb:9b:a0:85:50:a7:fc:61:6a:6a:
fb:a0:55:7c:57:28:e6:14:fe:5e:45:ab:1d:c6:24:
42:c7:8f:7c:4e:4c:ab:4f:60:9a:a5:99:54:ad:be:
d1:1c:1b:11:75:36:ad:be:e7:d3:09:57:e8:c4:3c:
d5:f7:ff:44:5f:46:c0:c8:29:47:90:e1:50:07:4a:
f6:1e:e4:89:5c:a7:a9:b2:36:c8:9c:21:dc:e2:f6:
7e:bb:2b:e9:63:13:83:2e:b3:e8:8e:2a:96:51:93:
9b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8E:13:9A:20:8E:22:12:18:C1:51:EA:36:B6:F8:D9:98:5D:CB:3B
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:ea:58:df:bd:59:ef:d5:20:40:ba:e3:8a:c0:d8:e1:20:1e:
6a:02:6c:38:75:73:b0:cb:a9:65:6c:d0:bf:ab:9f:3c:46:b7:
f1:f8:80:8b:80:58:8b:1c:4e:9f:88:7a:4b:fa:35:6a:90:72:
71:50:b0:bb:10:4c:f0:96:34:d1:2f:8b:7c:c0:9f:75:ee:fa:
d3:8e:bc:b9:87:03:e0:b3:1d:66:26:3a:07:b4:13:cf:d9:25:
3c:00:15:7f:4c:7a:f7:fd:47:08:ce:96:69:c0:e9:5a:1a:97:
26:44:76:7e:f5:27:11:1a:b9:61:4f:b1:0b:e3:11:ce:6c:7f:
2b:b1:96:c7:e3:10:d5:f1:55:2a:5c:af:c3:33:2d:82:db:4d:
e6:cf:e9:c9:ff:49:2a:86:59:3b:ac:95:dd:40:0b:ee:28:67:
81:aa:cd:15:b1:97:63:c4:5a:31:42:18:64:08:33:22:60:b0:
cd:16:64:f8:ff:a8:63:9f:74:52:48:b5:07:08:df:3f:d0:89:
22:ac:6b:94:69:19:a7:3a:a5:cd:13:31:81:41:e6:b0:f8:a5:
39:66:33:3c:2a:3e:c7:8c:30:b2:48:fe:f3:54:d3:5e:7f:64:
7f:5a:07:32:0e:17:b8:26:18:d6:2b:2b:29:4d:5a:34:b9:bc:
c2:98:54:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk0W6xH4F+Z1cPI173fmok1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjUwOTEwMTYwMDQ3WhcNMjUwOTExMTYwMDQ3WjAzMTEwLwYDVQQD
Eyg1OThlMTM5YTIwOGUyMjEyMThjMTUxZWEzNmI2ZjhkOTk4NWRjYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6r95PkVQdh4J5c/sYH3V2pGsPkxg
8eXJg7TnwG+yD61HrMOFafI3m10yLF4lCCMzMKsc4rqEEvSpMCxcHRIz9gfv+u1L
QdEThfXq8NAYevTzbpgrKq6xAS1ks0Lsr+Wq85w33OdjluAofd/FqwC2TIHJsdqD
ZLwyrn6c2HTQ9rwapsdFflT85EtVaFdhUP86RU0tinhNoeQyNsuboIVQp/xhamr7
oFV8VyjmFP5eRasdxiRCx498TkyrT2CapZlUrb7RHBsRdTatvufTCVfoxDzV9/9E
X0bAyClHkOFQB0r2HuSJXKepsjbInCHc4vZ+uyvpYxODLrPojiqWUZObEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmOE5ogjiISGMFR6ja2+NmYXcs7MB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYupY371Z
79UgQLrjisDY4SAeagJsOHVzsMupZWzQv6ufPEa38fiAi4BYixxOn4h6S/o1apBy
cVCwuxBM8JY00S+LfMCfde760468uYcD4LMdZiY6B7QTz9klPAAVf0x69/1HCM6W
acDpWhqXJkR2fvUnERq5YU+xC+MRzmx/K7GWx+MQ1fFVKlyvwzMtgttN5s/pyf9J
KoZZO6yV3UAL7ihngarNFbGXY8RaMUIYZAgzImCwzRZk+P+oY590Uki1BwjfP9CJ
IqxrlGkZpzqlzRMxgUHmsPilOWYzPCo+x4wwskj+81TTXn9kf1oHMg4XuCYY1isr
KU1aNLm8wphUUw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 23:00:43 2025 by rpki-client