Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: bcvT3bfJ6/r9EtredaKXF8bowR3dMpnaxMF57U5IFtY=
Subject key identifier: 47:2E:6C:6D:5C:B2:03:33:E4:19:2A:10:0A:FC:DF:EB:BE:82:17:20
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 019A21ADCB1EEF7CDB5B6229C475B184C827
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 10DC
Signing time: Sun 26 Oct 2025 18:00:29 +0000
Manifest this update: Sun 26 Oct 2025 18:00:29 +0000
Manifest next update: Mon 27 Oct 2025 18:00:29 +0000
Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: U1y6eChNEuW1ws2bxb6tlZI57KaSDiWU+WZgzqUXonU=)
2: jH9C8p9nitrfAItNyA_YLJEP6ds.roa (hash: qAfQVpQ0k0QfJ2KTETvmr94XZk/rf+3SC4Qevdx1ZDY=)
3: tah1yfASreRchTqTj8AtcpkBGXY.roa (hash: 3mvJQGarrUT5b42icY1PPyWBBa9VfBbfud+/MFWuiN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 14:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:ad:cb:1e:ef:7c:db:5b:62:29:c4:75:b1:84:c8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Oct 26 18:00:29 2025 GMT
Not After : Oct 27 18:00:29 2025 GMT
Subject: CN=472e6c6d5cb20333e4192a100afcdfebbe821720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:45:80:0e:7a:23:40:35:3a:fa:d5:78:5c:5a:
dc:80:8a:6c:68:83:ad:1d:cb:bc:db:45:d9:c7:12:
07:d6:c1:3f:86:ff:3c:2c:bf:06:51:dd:06:c7:e9:
65:69:e5:f9:93:19:4b:36:c4:49:8f:14:38:2d:fe:
c3:4a:51:c1:ec:d3:9c:ef:62:3a:96:51:c9:e2:d7:
d6:7a:cb:f7:38:ab:db:b9:4d:d3:81:9b:45:9e:2e:
d1:10:86:2c:87:15:a9:90:17:66:4e:e0:51:9a:45:
63:c2:b0:5b:4d:8e:07:31:a5:7c:8c:fb:a9:7b:b1:
61:30:74:e2:b8:de:76:4c:fe:42:e9:cc:82:f2:a4:
52:34:f2:ce:58:61:03:85:20:26:fd:66:22:7e:78:
05:3d:4f:8a:1d:88:49:a6:8d:f4:39:2c:ef:ba:3c:
1a:3b:74:5e:26:66:6b:6f:af:83:af:a8:07:75:c1:
44:8c:8b:6f:20:cb:03:81:83:4b:04:ce:8a:1b:f6:
08:41:03:0a:9e:91:1b:98:80:76:3d:39:6a:ee:ca:
a3:65:df:55:14:f8:34:a4:c6:dd:e3:80:1d:15:fb:
be:c3:24:1f:5b:84:1b:31:65:97:15:cb:d4:ad:44:
f3:47:a0:21:c3:25:bb:91:2c:b3:53:b2:84:48:8d:
59:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2E:6C:6D:5C:B2:03:33:E4:19:2A:10:0A:FC:DF:EB:BE:82:17:20
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:74:30:6e:5e:d3:61:27:af:f0:e1:cd:ae:0b:8a:36:e6:58:
77:4b:c2:43:0a:83:ca:0f:b1:28:a0:eb:8f:b8:a9:ac:58:38:
6a:0d:58:0a:31:93:f1:cf:32:7c:27:8c:a2:dc:e1:c2:d2:c0:
f9:b9:31:f5:48:c2:5d:61:3b:02:98:75:54:d4:9c:21:b7:68:
49:d3:5e:c2:44:65:6c:f8:83:63:4f:cb:02:05:bc:36:dd:5e:
21:85:ff:f5:05:01:c6:1a:6c:f5:6d:cd:f7:4e:76:ac:9e:20:
c8:13:78:f7:74:2b:6c:d0:89:b0:3d:0c:88:ee:0c:85:47:4c:
58:44:23:ff:cf:21:9c:a6:59:3f:2b:46:ef:71:9b:d7:bd:a1:
ee:e0:59:31:8b:ab:6c:a2:79:eb:a3:46:db:55:a0:cf:99:61:
df:b4:39:eb:4a:27:e1:00:02:fb:f8:0d:e0:46:61:2e:b9:55:
82:8b:fe:d1:1a:24:67:c5:b4:0c:07:1b:47:d2:8f:45:3d:8c:
a2:30:b5:47:d0:f0:0c:bf:6c:a8:0f:87:5d:2f:85:49:cb:11:
f7:dd:cd:ac:71:31:b6:77:d8:5e:7f:40:c1:5d:d1:f1:30:04:
34:f5:5d:e8:f6:ae:86:52:4a:96:f9:1c:12:79:43:90:e7:fb:
f1:96:f6:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohrcse73zbW2IpxHWxhMgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjUxMDI2MTgwMDI5WhcNMjUxMDI3MTgwMDI5WjAzMTEwLwYDVQQD
Eyg0NzJlNmM2ZDVjYjIwMzMzZTQxOTJhMTAwYWZjZGZlYmJlODIxNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEWADnojQDU6+tV4XFrcgIpsaIOt
Hcu820XZxxIH1sE/hv88LL8GUd0Gx+llaeX5kxlLNsRJjxQ4Lf7DSlHB7NOc72I6
llHJ4tfWesv3OKvbuU3TgZtFni7REIYshxWpkBdmTuBRmkVjwrBbTY4HMaV8jPup
e7FhMHTiuN52TP5C6cyC8qRSNPLOWGEDhSAm/WYifngFPU+KHYhJpo30OSzvujwa
O3ReJmZrb6+Dr6gHdcFEjItvIMsDgYNLBM6KG/YIQQMKnpEbmIB2PTlq7sqjZd9V
FPg0pMbd44AdFfu+wyQfW4QbMWWXFcvUrUTzR6AhwyW7kSyzU7KESI1ZewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcubG1csgMz5BkqEAr83+u+ghcgMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAXQwbl7T
YSev8OHNrguKNuZYd0vCQwqDyg+xKKDrj7iprFg4ag1YCjGT8c8yfCeMotzhwtLA
+bkx9UjCXWE7Aph1VNScIbdoSdNewkRlbPiDY0/LAgW8Nt1eIYX/9QUBxhps9W3N
9052rJ4gyBN493QrbNCJsD0MiO4MhUdMWEQj/88hnKZZPytG73Gb172h7uBZMYur
bKJ566NG21Wgz5lh37Q560on4QAC+/gN4EZhLrlVgov+0RokZ8W0DAcbR9KPRT2M
ojC1R9DwDL9sqA+HXS+FScsR993NrHExtnfYXn9AwV3R8TAENPVd6PauhlJKlvkc
EnlDkOf78Zb2iQ==
-----END CERTIFICATE-----
Generated at Sun Oct 26 22:58:20 2025 by rpki-client