Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/757f2b-4f01-4e70-b3d5-4fdba867e47a/1/PNKqcak6qcEye3NTigR45PeC9vc.mft
File: PNKqcak6qcEye3NTigR45PeC9vc.mft (raw, json)
Hash identifier: pWlP1WFv7ZH4Vm7yUp/khxnwnh97QYap5+7QounBsRY=
Subject key identifier: 34:E0:00:17:07:FB:0F:91:CE:CE:9E:C1:76:4B:58:44:49:61:F3:4A
Authority key identifier: 3C:D2:AA:71:A9:3A:A9:C1:32:7B:73:53:8A:04:78:E4:F7:82:F6:F7
Certificate issuer: /CN=3cd2aa71a93aa9c1327b73538a0478e4f782f6f7
Certificate serial: 019931FF66743E25C0AE71DD7BDA58CA7047
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNKqcak6qcEye3NTigR45PeC9vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/757f2b-4f01-4e70-b3d5-4fdba867e47a/1/PNKqcak6qcEye3NTigR45PeC9vc.mft
Manifest number: 0DF3
Signing time: Wed 10 Sep 2025 05:00:45 +0000
Manifest this update: Wed 10 Sep 2025 05:00:45 +0000
Manifest next update: Thu 11 Sep 2025 05:00:45 +0000
Files and hashes: 1: PNKqcak6qcEye3NTigR45PeC9vc.crl (hash: aBmlRCbFmtLfwsjeSfoSHe05Ncuq8kGfw3jnAbxPMO4=)
2: mkUXmgygJpYBMQ2Igm9L-tv-j1s.roa (hash: 9Fpz5SGKImESLClWOjbnaFAMtUoqIoi74+/yK2yHMuQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/757f2b-4f01-4e70-b3d5-4fdba867e47a/1/PNKqcak6qcEye3NTigR45PeC9vc.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/757f2b-4f01-4e70-b3d5-4fdba867e47a/1/PNKqcak6qcEye3NTigR45PeC9vc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PNKqcak6qcEye3NTigR45PeC9vc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:31:ff:66:74:3e:25:c0:ae:71:dd:7b:da:58:ca:70:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd2aa71a93aa9c1327b73538a0478e4f782f6f7
Validity
Not Before: Sep 10 05:00:45 2025 GMT
Not After : Sep 11 05:00:45 2025 GMT
Subject: CN=34e0001707fb0f91cece9ec1764b58444961f34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:05:60:c9:a2:47:65:2f:4a:04:d7:30:3f:c1:
ee:05:90:56:f5:db:38:93:ec:bd:ac:3a:ee:4a:37:
f2:5c:79:1c:13:b1:da:e6:64:20:08:cf:9a:ed:c1:
1d:31:ed:73:73:1c:14:b6:3d:d2:a5:ee:e4:ad:b3:
42:a8:43:5f:42:9c:fa:05:70:4e:0f:db:04:91:ed:
fd:0c:69:11:55:ff:7e:ee:be:88:4f:04:d6:4a:8e:
62:27:3d:10:a7:79:84:15:b9:09:10:43:4a:25:2c:
d1:22:ae:8b:de:19:e8:00:e7:0e:9d:ef:82:f2:c7:
f2:1d:5d:80:d5:84:8d:40:17:78:5b:80:02:4c:d8:
fb:5d:db:5f:20:1f:ac:b9:15:49:fe:25:d5:a6:85:
42:bb:0e:35:22:eb:b7:3b:b2:ec:f7:b2:d5:0c:58:
e2:17:8b:db:20:e6:de:b9:de:a4:e3:d8:7f:1b:33:
da:4e:5c:11:c6:e7:cc:20:cd:39:8e:26:e4:7e:d7:
50:84:30:42:8d:aa:b0:aa:71:42:19:d8:da:f2:b6:
3c:cb:c2:99:96:50:fb:b6:e6:03:e4:29:07:9f:c0:
6d:39:cf:d4:eb:29:49:fe:e8:a2:88:37:4f:c8:ae:
48:a3:83:31:7b:5b:d5:12:28:73:23:5a:8b:6e:46:
f6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E0:00:17:07:FB:0F:91:CE:CE:9E:C1:76:4B:58:44:49:61:F3:4A
X509v3 Authority Key Identifier:
keyid:3C:D2:AA:71:A9:3A:A9:C1:32:7B:73:53:8A:04:78:E4:F7:82:F6:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNKqcak6qcEye3NTigR45PeC9vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/757f2b-4f01-4e70-b3d5-4fdba867e47a/1/PNKqcak6qcEye3NTigR45PeC9vc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/757f2b-4f01-4e70-b3d5-4fdba867e47a/1/PNKqcak6qcEye3NTigR45PeC9vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:43:4e:aa:db:a0:31:03:4c:2a:fa:ae:64:6d:59:b0:f7:11:
f4:ba:17:1d:35:6d:57:34:43:98:9a:4a:33:8b:c5:27:63:f1:
cf:96:fe:d8:58:f2:33:87:0c:b8:14:ad:fb:35:9f:0f:87:d8:
b8:dc:d1:3a:8d:db:31:d0:df:a8:3e:e1:00:16:ea:17:43:7b:
fe:35:78:d6:a2:f3:d9:ae:f0:fc:5e:eb:71:26:cf:b4:a3:1c:
ba:b3:02:21:e9:92:e2:12:d8:ff:9d:75:42:37:01:8c:92:ae:
4e:9b:6a:79:c0:02:07:63:49:92:06:92:b5:f4:07:b8:5c:7b:
21:f4:ab:62:23:99:99:18:43:76:b6:88:45:75:c3:55:3c:67:
c8:f7:92:8d:c6:b5:3c:3d:98:e8:4e:dd:9e:c2:e5:ad:f1:cb:
c0:c0:86:92:4c:77:1e:7e:73:65:eb:5b:67:cb:e3:a6:f8:94:
6d:e7:d6:e8:70:54:99:71:96:29:82:da:f1:d2:8f:78:f0:31:
dc:98:71:f2:ab:17:96:b3:2b:17:f5:2a:13:39:85:a2:b1:ac:
e6:e8:dc:b1:84:ec:84:79:87:86:9b:83:80:0d:d7:d4:7f:ae:
36:c4:a5:99:fd:ba:47:a7:4c:a6:d2:dc:76:1b:f8:21:ff:93:
79:b7:e8:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkx/2Z0PiXArnHde9pYynBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDJhYTcxYTkzYWE5YzEzMjdiNzM1MzhhMDQ3OGU0Zjc4
MmY2ZjcwHhcNMjUwOTEwMDUwMDQ1WhcNMjUwOTExMDUwMDQ1WjAzMTEwLwYDVQQD
EygzNGUwMDAxNzA3ZmIwZjkxY2VjZTllYzE3NjRiNTg0NDQ5NjFmMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygVgyaJHZS9KBNcwP8HuBZBW9ds4
k+y9rDruSjfyXHkcE7Ha5mQgCM+a7cEdMe1zcxwUtj3Spe7krbNCqENfQpz6BXBO
D9sEke39DGkRVf9+7r6ITwTWSo5iJz0Qp3mEFbkJEENKJSzRIq6L3hnoAOcOne+C
8sfyHV2A1YSNQBd4W4ACTNj7XdtfIB+suRVJ/iXVpoVCuw41Iuu3O7Ls97LVDFji
F4vbIObeud6k49h/GzPaTlwRxufMIM05jibkftdQhDBCjaqwqnFCGdja8rY8y8KZ
llD7tuYD5CkHn8BtOc/U6ylJ/uiiiDdPyK5Io4Mxe1vVEihzI1qLbkb2swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTgABcH+w+Rzs6ewXZLWERJYfNKMB8GA1UdIwQY
MBaAFDzSqnGpOqnBMntzU4oEeOT3gvb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5LcWNhazZxY0V5ZTNOVGlnUjQ1UGVDOXZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83NTdmMmItNGYwMS00ZTcwLWIzZDUt
NGZkYmE4NjdlNDdhLzEvUE5LcWNhazZxY0V5ZTNOVGlnUjQ1UGVDOXZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83NTdmMmItNGYwMS00ZTcwLWIzZDUtNGZkYmE4NjdlNDdh
LzEvUE5LcWNhazZxY0V5ZTNOVGlnUjQ1UGVDOXZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxENOqtug
MQNMKvquZG1ZsPcR9LoXHTVtVzRDmJpKM4vFJ2Pxz5b+2FjyM4cMuBSt+zWfD4fY
uNzROo3bMdDfqD7hABbqF0N7/jV41qLz2a7w/F7rcSbPtKMcurMCIemS4hLY/511
QjcBjJKuTptqecACB2NJkgaStfQHuFx7IfSrYiOZmRhDdraIRXXDVTxnyPeSjca1
PD2Y6E7dnsLlrfHLwMCGkkx3Hn5zZetbZ8vjpviUbefW6HBUmXGWKYLa8dKPePAx
3Jhx8qsXlrMrF/UqEzmForGs5ujcsYTshHmHhpuDgA3X1H+uNsSlmf26R6dMptLc
dhv4If+Tebfouw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 14:15:54 2025 by rpki-client