Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
File: pZyqKnNoBpiyyeGmyWQadPPOdug.mft (raw, json)
Hash identifier: pWfY2QDpuGlWor/ecvWVy2/YBXBPPtMKYuKMdnUID5s=
Subject key identifier: 94:8C:27:AB:7C:48:B8:8E:0B:F7:DE:33:CB:A6:09:CB:A9:3A:23:10
Authority key identifier: A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
Certificate issuer: /CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Certificate serial: 019A736EFC478BA16BCC45C0900C7D8D44D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
Manifest number: 0BB5
Signing time: Tue 11 Nov 2025 15:00:44 +0000
Manifest this update: Tue 11 Nov 2025 15:00:44 +0000
Manifest next update: Wed 12 Nov 2025 15:00:44 +0000
Files and hashes: 1: _c_c0M25UwpZ7eHBk4pzeagMlVQ.roa (hash: 8jqy4hlWYt18GsvMo6F88//T4bDxnnNcBAAfWfrvPK8=)
2: pZyqKnNoBpiyyeGmyWQadPPOdug.crl (hash: AkHb+JEL+LsHhuE9dRbte4h1r1caX45MB2EciH/f284=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:6e:fc:47:8b:a1:6b:cc:45:c0:90:0c:7d:8d:44:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Validity
Not Before: Nov 11 15:00:44 2025 GMT
Not After : Nov 12 15:00:44 2025 GMT
Subject: CN=948c27ab7c48b88e0bf7de33cba609cba93a2310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7c:71:3b:de:4d:04:40:53:ed:58:7c:06:9b:
cd:5e:10:48:45:e0:e8:bc:81:8c:f5:8e:bd:8c:6c:
2f:7b:bf:df:97:4e:f3:74:3b:67:b1:62:ea:32:df:
f3:17:a3:b2:45:0d:bf:32:80:ab:9e:e2:1d:1f:d2:
8b:6e:45:72:bf:5f:1d:af:6d:67:be:46:50:26:7c:
d2:a6:76:cd:09:89:57:72:11:19:83:b1:c0:fe:a2:
e1:4c:d0:b7:13:fd:d7:69:e9:44:c7:8d:0c:1b:f5:
87:b0:98:79:36:b0:66:f4:02:32:a5:3c:87:db:6b:
d4:75:bd:b6:94:49:f8:69:34:dc:24:08:41:05:b0:
c7:a9:44:d2:63:e6:d0:b7:a0:19:d4:2d:db:63:e9:
9f:e1:c3:77:43:39:78:5a:f2:01:21:ec:fc:6f:44:
6c:fa:81:ab:72:8b:be:4b:64:a0:b2:e5:28:d5:f3:
fb:be:91:4c:56:08:f6:8f:bf:09:e0:06:02:bc:e7:
1b:c5:05:0c:14:6f:94:58:12:35:81:2e:5d:5e:5a:
78:d8:bb:8f:17:ca:78:f1:75:6f:24:5a:88:54:68:
ca:7c:96:6f:07:3f:23:76:f6:04:7e:54:12:8c:db:
bf:d9:6f:b6:53:a1:f7:c6:03:4e:c5:0c:06:ab:fb:
1d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8C:27:AB:7C:48:B8:8E:0B:F7:DE:33:CB:A6:09:CB:A9:3A:23:10
X509v3 Authority Key Identifier:
keyid:A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:ef:c9:c7:50:07:30:24:5d:ee:39:2c:a3:7f:81:39:f3:93:
c6:6e:f0:d7:6c:3a:6b:8f:16:56:b7:13:e3:d7:e3:5d:df:a7:
e7:fb:9e:3b:93:2a:eb:fa:d5:db:d4:31:26:76:56:9f:5e:dd:
47:ee:e6:24:b8:5e:09:a8:86:7f:47:66:78:c6:d5:34:0e:59:
73:bd:b9:65:9a:2c:a0:05:63:da:a8:37:1f:7d:59:32:6c:db:
70:15:c0:99:49:b9:39:32:2d:b7:ed:5e:18:c1:40:ff:d3:cf:
af:69:78:23:cf:51:2e:24:55:81:b2:91:2a:3c:32:40:46:d6:
37:82:05:df:03:73:d3:7d:35:69:7d:96:10:27:b3:64:e1:ee:
54:8c:7b:17:6d:2b:24:51:00:93:de:f8:9d:15:1c:a8:da:81:
71:d4:42:f5:0c:0f:7d:ec:c0:74:56:e1:e2:64:07:c1:80:9d:
74:f1:a8:38:b9:c2:73:60:c3:d6:aa:43:c3:93:c0:43:e3:3c:
69:72:2e:20:3f:38:ca:e5:88:e8:b2:22:08:b2:a1:29:b5:e5:
74:04:00:1b:20:ac:ba:77:1a:86:67:b1:ba:88:ca:4f:e1:6d:
a9:ea:de:69:56:5e:70:5b:9b:64:f1:bb:22:3c:00:a7:68:65:
5a:bc:d8:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzbvxHi6FrzEXAkAx9jUTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWNhYTJhNzM2ODA2OThiMmM5ZTFhNmM5NjQxYTc0ZjNj
ZTc2ZTgwHhcNMjUxMTExMTUwMDQ0WhcNMjUxMTEyMTUwMDQ0WjAzMTEwLwYDVQQD
Eyg5NDhjMjdhYjdjNDhiODhlMGJmN2RlMzNjYmE2MDljYmE5M2EyMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnxxO95NBEBT7Vh8BpvNXhBIReDo
vIGM9Y69jGwve7/fl07zdDtnsWLqMt/zF6OyRQ2/MoCrnuIdH9KLbkVyv18dr21n
vkZQJnzSpnbNCYlXchEZg7HA/qLhTNC3E/3XaelEx40MG/WHsJh5NrBm9AIypTyH
22vUdb22lEn4aTTcJAhBBbDHqUTSY+bQt6AZ1C3bY+mf4cN3Qzl4WvIBIez8b0Rs
+oGrcou+S2SgsuUo1fP7vpFMVgj2j78J4AYCvOcbxQUMFG+UWBI1gS5dXlp42LuP
F8p48XVvJFqIVGjKfJZvBz8jdvYEflQSjNu/2W+2U6H3xgNOxQwGq/sdYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSMJ6t8SLiOC/feM8umCcupOiMQMB8GA1UdIwQY
MBaAFKWcqipzaAaYssnhpslkGnTzznboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYt
YWU5MWFiMzQyYmUxLzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYtYWU5MWFiMzQyYmUx
LzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdu/Jx1AH
MCRd7jkso3+BOfOTxm7w12w6a48WVrcT49fjXd+n5/ueO5Mq6/rV29QxJnZWn17d
R+7mJLheCaiGf0dmeMbVNA5Zc725ZZosoAVj2qg3H31ZMmzbcBXAmUm5OTItt+1e
GMFA/9PPr2l4I89RLiRVgbKRKjwyQEbWN4IF3wNz0301aX2WECezZOHuVIx7F20r
JFEAk974nRUcqNqBcdRC9QwPfezAdFbh4mQHwYCddPGoOLnCc2DD1qpDw5PAQ+M8
aXIuID84yuWI6LIiCLKhKbXldAQAGyCsuncahmexuojKT+FtqereaVZecFubZPG7
IjwAp2hlWrzYAA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:23:43 2025 by rpki-client