Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/pNMiaTAuHLzLqsDg5a-KhkSYoTU.mft
File: pNMiaTAuHLzLqsDg5a-KhkSYoTU.mft (raw, json)
Hash identifier: HwSSRcGU3QBcn9E6VsqRzydNXAZDGtIhcQYGdmQQpm0=
Subject key identifier: FB:10:76:4D:6A:C8:A2:EC:F5:F7:F3:07:61:F6:73:54:EF:00:21:01
Authority key identifier: A4:D3:22:69:30:2E:1C:BC:CB:AA:C0:E0:E5:AF:8A:86:44:98:A1:35
Certificate issuer: /CN=a4d32269302e1cbccbaac0e0e5af8a864498a135
Certificate serial: 019A7293575C9022DFCD6950FC1584943EC8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pNMiaTAuHLzLqsDg5a-KhkSYoTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/pNMiaTAuHLzLqsDg5a-KhkSYoTU.mft
Manifest number: 1005
Signing time: Tue 11 Nov 2025 11:00:50 +0000
Manifest this update: Tue 11 Nov 2025 11:00:50 +0000
Manifest next update: Wed 12 Nov 2025 11:00:50 +0000
Files and hashes: 1: WhtcuJJ0NSWsio8f8rQNMbqqeD8.roa (hash: uBIazeW9ZJrIEfawzpjRmH4sNuGdOT1AiFSbiZsPXDU=)
2: pNMiaTAuHLzLqsDg5a-KhkSYoTU.crl (hash: 7PPJ51k9J60ImlzDItzpdtfkKXM5EZvUJtUmYVt/mLM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/pNMiaTAuHLzLqsDg5a-KhkSYoTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/pNMiaTAuHLzLqsDg5a-KhkSYoTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/pNMiaTAuHLzLqsDg5a-KhkSYoTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:57:5c:90:22:df:cd:69:50:fc:15:84:94:3e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4d32269302e1cbccbaac0e0e5af8a864498a135
Validity
Not Before: Nov 11 11:00:50 2025 GMT
Not After : Nov 12 11:00:50 2025 GMT
Subject: CN=fb10764d6ac8a2ecf5f7f30761f67354ef002101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:d8:a5:47:21:4f:ac:a0:f0:de:4e:3c:ec:
3c:90:06:78:73:1b:6f:13:ac:f6:e0:a7:4d:7e:58:
07:d7:56:26:e6:ff:34:da:89:d1:74:6d:75:f7:53:
46:5c:b9:2e:fb:78:3d:2c:d4:cd:38:31:49:52:50:
35:48:c2:df:d2:d4:4a:61:db:47:4d:66:9a:d0:c9:
b4:92:bb:40:e0:c5:e3:0b:97:48:59:f1:92:ea:38:
6b:75:93:2b:5b:2c:ba:aa:41:d9:15:32:dd:03:e6:
68:84:c3:45:93:b2:fa:15:a3:f4:d7:7b:28:d3:48:
cb:22:e3:14:23:21:7e:84:87:52:47:4e:f7:df:ac:
74:bc:09:ab:21:71:5a:10:01:f7:13:76:ad:dc:72:
c6:52:44:d3:86:c5:3d:04:a3:c7:c1:e2:63:2a:d6:
74:10:6b:ee:a0:ee:63:9f:09:97:67:e9:07:59:44:
c6:b6:fe:72:25:f6:21:ba:2e:6a:b7:94:a2:e6:c3:
e4:da:3c:ab:60:c1:42:ff:9b:eb:64:6a:9c:15:67:
f9:bc:8c:ec:a8:03:e2:16:f9:1b:5c:a9:f0:43:ad:
83:06:7d:18:aa:31:db:5b:cd:8a:46:fc:f3:bd:00:
a3:2a:02:ae:48:dc:00:d7:43:b4:62:d6:51:b3:4e:
32:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:10:76:4D:6A:C8:A2:EC:F5:F7:F3:07:61:F6:73:54:EF:00:21:01
X509v3 Authority Key Identifier:
keyid:A4:D3:22:69:30:2E:1C:BC:CB:AA:C0:E0:E5:AF:8A:86:44:98:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNMiaTAuHLzLqsDg5a-KhkSYoTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/pNMiaTAuHLzLqsDg5a-KhkSYoTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/pNMiaTAuHLzLqsDg5a-KhkSYoTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:e6:01:ea:0d:c7:13:fd:f5:b0:00:b0:5f:b9:39:86:f9:f8:
16:0b:da:2f:56:4d:78:73:6c:e0:34:02:db:ef:66:0c:9a:20:
15:56:9e:b5:bd:f7:12:99:9a:bc:e7:b2:a6:e1:43:7a:3f:e1:
68:af:e4:06:94:d1:fb:c3:09:d7:43:11:c6:d6:cb:ff:b2:1d:
fb:82:8c:3b:37:cf:ef:17:84:b1:4f:8a:7c:0a:52:a1:cd:6b:
22:00:d9:2c:d8:58:53:31:20:ec:16:3f:8f:56:40:9f:60:63:
91:d2:ad:e4:3b:96:02:de:c1:3b:ab:48:91:ff:5c:98:50:d3:
fb:38:cb:a2:59:5a:c3:dd:dd:39:90:e8:1b:29:81:06:2e:18:
b1:5b:c0:47:51:30:3b:60:b4:34:56:45:67:9a:29:9d:07:ea:
df:f9:6c:d5:d4:f5:b9:31:3f:70:3e:69:b1:2f:56:62:ed:51:
b2:a0:8f:d2:f0:51:58:12:47:f7:84:43:5a:97:66:05:51:58:
41:fa:3c:d7:c6:bd:a9:74:94:5b:3c:a5:93:e1:c2:25:56:95:
71:ec:88:ac:31:3e:36:6c:3d:5d:cb:e5:28:44:f4:d2:db:3f:
fb:48:d6:0d:0e:40:a2:b7:15:33:16:04:84:f7:8e:a8:36:f1:
1e:48:e9:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk1dckCLfzWlQ/BWElD7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDMyMjY5MzAyZTFjYmNjYmFhYzBlMGU1YWY4YTg2NDQ5
OGExMzUwHhcNMjUxMTExMTEwMDUwWhcNMjUxMTEyMTEwMDUwWjAzMTEwLwYDVQQD
EyhmYjEwNzY0ZDZhYzhhMmVjZjVmN2YzMDc2MWY2NzM1NGVmMDAyMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmevYpUchT6yg8N5OPOw8kAZ4cxtv
E6z24KdNflgH11Ym5v802onRdG1191NGXLku+3g9LNTNODFJUlA1SMLf0tRKYdtH
TWaa0Mm0krtA4MXjC5dIWfGS6jhrdZMrWyy6qkHZFTLdA+ZohMNFk7L6FaP013so
00jLIuMUIyF+hIdSR07336x0vAmrIXFaEAH3E3at3HLGUkTThsU9BKPHweJjKtZ0
EGvuoO5jnwmXZ+kHWUTGtv5yJfYhui5qt5Si5sPk2jyrYMFC/5vrZGqcFWf5vIzs
qAPiFvkbXKnwQ62DBn0YqjHbW82KRvzzvQCjKgKuSNwA10O0YtZRs04yPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsQdk1qyKLs9ffzB2H2c1TvACEBMB8GA1UdIwQY
MBaAFKTTImkwLhy8y6rA4OWvioZEmKE1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5NaWFUQXVITHpMcXNEZzVhLUtoa1NZb1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85NjE2ZWUtMzgxZC00YWZlLTg5MGMt
NmVlNTE0YjI5MTE1LzEvcE5NaWFUQXVITHpMcXNEZzVhLUtoa1NZb1RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85NjE2ZWUtMzgxZC00YWZlLTg5MGMtNmVlNTE0YjI5MTE1
LzEvcE5NaWFUQXVITHpMcXNEZzVhLUtoa1NZb1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMOYB6g3H
E/31sACwX7k5hvn4FgvaL1ZNeHNs4DQC2+9mDJogFVaetb33EpmavOeypuFDej/h
aK/kBpTR+8MJ10MRxtbL/7Id+4KMOzfP7xeEsU+KfApSoc1rIgDZLNhYUzEg7BY/
j1ZAn2BjkdKt5DuWAt7BO6tIkf9cmFDT+zjLollaw93dOZDoGymBBi4YsVvAR1Ew
O2C0NFZFZ5opnQfq3/ls1dT1uTE/cD5psS9WYu1RsqCP0vBRWBJH94RDWpdmBVFY
Qfo818a9qXSUWzylk+HCJVaVceyIrDE+Nmw9XcvlKET00ts/+0jWDQ5AorcVMxYE
hPeOqDbxHkjp3g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:15:54 2025 by rpki-client