Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
File: PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json)
Hash identifier: 0F+fAAnBJmoYvbRAjoAhQEK0Nm4VNxZFW0lxVtISpWI=
Subject key identifier: 71:6D:E0:BB:92:D3:DA:53:92:73:00:90:49:10:7A:49:74:30:A6:B6
Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
Certificate issuer: /CN=3d43340fad246465de8e614d039563a699657d8d
Certificate serial: 019A24778770C90872DE3EEDCA078C7549C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
Manifest number: 0187
Signing time: Mon 27 Oct 2025 07:00:04 +0000
Manifest this update: Mon 27 Oct 2025 07:00:04 +0000
Manifest next update: Tue 28 Oct 2025 07:00:04 +0000
Files and hashes: 1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: Pw5b+dthdjLsfOknkfKOg1QfXxh+GzX/0nk8EVAeu1g=)
2: wtKFjn0luOKNhpCBH0YWKLpKHKU.roa (hash: Z6YfBfkr08FSM8yJ/BnA5aNSDpKZqhovD8OdV3xTXpI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:77:87:70:c9:08:72:de:3e:ed:ca:07:8c:75:49:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d43340fad246465de8e614d039563a699657d8d
Validity
Not Before: Oct 27 07:00:04 2025 GMT
Not After : Oct 28 07:00:04 2025 GMT
Subject: CN=716de0bb92d3da539273009049107a497430a6b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2f:2d:67:41:9b:50:7a:7b:f5:a2:f7:3f:c6:
93:bd:c8:79:d1:fb:ae:18:4e:0a:c3:df:d2:f9:6b:
6b:e0:89:de:c0:34:e8:ea:3e:b4:49:95:59:c7:1c:
53:24:7b:82:d0:b5:bd:2a:43:d3:55:db:e3:2c:ce:
c3:e5:12:2a:61:cf:b6:fb:81:5b:ed:1a:2e:53:5f:
79:2b:49:33:6b:5d:ea:7d:07:85:69:82:9e:cb:77:
4a:cd:23:2e:65:7d:b4:1f:c5:21:7d:56:92:b8:55:
59:79:51:b2:4d:7c:f4:03:77:f7:0c:04:fb:27:24:
c7:de:82:c6:32:f9:0d:54:e1:7c:cf:8a:38:1c:9f:
ba:c9:55:fc:e3:ac:04:bc:0f:b4:ec:42:bc:a2:9c:
5a:90:66:45:a0:51:63:48:a6:bc:2e:6a:5f:53:ff:
6c:16:0f:64:0d:62:db:45:c2:76:da:af:92:e3:0d:
d6:59:15:60:88:bb:8c:79:d5:11:1a:07:8a:61:a5:
25:bf:12:20:12:fa:5f:79:79:26:3b:26:1a:58:9d:
14:4f:0b:13:58:7f:14:89:d3:ac:a0:ff:29:15:b8:
5a:00:60:1a:1f:87:f8:aa:17:c3:1d:ad:1a:df:d0:
36:20:84:15:df:a1:dc:33:f7:6c:32:ee:15:a2:4a:
6f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6D:E0:BB:92:D3:DA:53:92:73:00:90:49:10:7A:49:74:30:A6:B6
X509v3 Authority Key Identifier:
keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:b2:08:07:1b:0e:8e:31:16:94:83:b3:f6:ab:19:4f:72:07:
e5:dc:5c:11:3e:35:10:aa:56:71:47:72:c2:42:f0:a3:75:f0:
c7:9f:82:62:9c:47:cb:e5:33:29:5d:b3:4a:3c:9c:e3:40:1a:
03:7d:7a:95:e1:33:2d:a6:c2:de:fa:9f:2a:85:e3:5c:87:63:
12:c7:b0:7d:c3:19:2c:3f:5a:ce:8c:ea:97:80:6b:33:61:4e:
2f:ad:fc:52:c1:8c:a8:91:fb:78:80:75:b7:3e:97:56:46:7f:
28:1e:92:e7:7a:9b:f5:1a:8c:e9:29:4f:e9:a5:ad:32:34:fd:
40:d3:07:b3:92:3b:49:95:57:b1:d2:f8:d4:73:14:5e:67:a4:
9b:cd:51:01:8c:16:4c:a2:b7:46:c8:94:05:9f:c4:b7:ee:6f:
70:42:12:eb:bb:df:6d:f5:c7:bd:b3:b9:17:c9:b4:fd:2c:f1:
e1:aa:71:f7:b1:90:d2:9f:6d:94:72:ac:83:d4:63:fa:2b:4c:
34:58:b8:1d:38:53:d4:fd:ff:d7:d7:58:35:b8:13:6e:cb:9c:
f0:ec:95:73:50:61:9b:9f:5c:6b:3a:65:79:dd:3a:f5:eb:a2:
a7:9d:c7:00:ab:27:ad:8f:56:43:4b:95:31:49:ce:fc:27:90:
7c:08:30:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokd4dwyQhy3j7tygeMdUnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2
NTdkOGQwHhcNMjUxMDI3MDcwMDA0WhcNMjUxMDI4MDcwMDA0WjAzMTEwLwYDVQQD
Eyg3MTZkZTBiYjkyZDNkYTUzOTI3MzAwOTA0OTEwN2E0OTc0MzBhNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS8tZ0GbUHp79aL3P8aTvch50fuu
GE4Kw9/S+Wtr4InewDTo6j60SZVZxxxTJHuC0LW9KkPTVdvjLM7D5RIqYc+2+4Fb
7RouU195K0kza13qfQeFaYKey3dKzSMuZX20H8UhfVaSuFVZeVGyTXz0A3f3DAT7
JyTH3oLGMvkNVOF8z4o4HJ+6yVX846wEvA+07EK8opxakGZFoFFjSKa8LmpfU/9s
Fg9kDWLbRcJ22q+S4w3WWRVgiLuMedURGgeKYaUlvxIgEvpfeXkmOyYaWJ0UTwsT
WH8UidOsoP8pFbhaAGAaH4f4qhfDHa0a39A2IIQV36HcM/dsMu4VokpvtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFt4LuS09pTknMAkEkQekl0MKa2MB8GA1UdIwQY
MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt
YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx
LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkbIIBxsO
jjEWlIOz9qsZT3IH5dxcET41EKpWcUdywkLwo3Xwx5+CYpxHy+UzKV2zSjyc40Aa
A316leEzLabC3vqfKoXjXIdjEsewfcMZLD9azozql4BrM2FOL638UsGMqJH7eIB1
tz6XVkZ/KB6S53qb9RqM6SlP6aWtMjT9QNMHs5I7SZVXsdL41HMUXmekm81RAYwW
TKK3RsiUBZ/Et+5vcEIS67vfbfXHvbO5F8m0/Szx4apx97GQ0p9tlHKsg9Rj+itM
NFi4HThT1P3/19dYNbgTbsuc8OyVc1Bhm59cazpled069euip53HAKsnrY9WQ0uV
MUnO/CeQfAgw0A==
-----END CERTIFICATE-----
Generated at Mon Oct 27 14:29:38 2025 by rpki-client