Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
File: pavEOvztcvuSd4covuVxxnj1OFM.mft (raw, json)
Hash identifier: 6fAoCBqTrZG9LrOOLtvzASP+FCIyjRVIg9CPsShukb8=
Subject key identifier: 6D:8D:61:CF:3A:4A:3B:73:C1:F4:7C:03:DF:3D:3F:51:A3:7B:C3:21
Authority key identifier: A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53
Certificate issuer: /CN=a5abc43afced72fb92778728bee571c678f53853
Certificate serial: 019A18736306D7AA96BE52D8AA077018614A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
Manifest number: 16F2
Signing time: Fri 24 Oct 2025 23:00:06 +0000
Manifest this update: Fri 24 Oct 2025 23:00:06 +0000
Manifest next update: Sat 25 Oct 2025 23:00:06 +0000
Files and hashes: 1: XTYDavgtknOlnwhLwE8YM7gzGNo.roa (hash: PldFwC0OKAPE16YsYJiSJ7/6hQNZV4y5TLuWK0kyNJ0=)
2: pavEOvztcvuSd4covuVxxnj1OFM.crl (hash: Lrw7z+O7zz7ZnDeXGEZgKUH/k2fEU54yQeB+158fXKw=)
3: sSPz7KsWNIMKyyRHlSkiZwosgKw.roa (hash: wjM7pq8MRvpOQBEJDje34R/IkWbdszEvqnHRsuBbId4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 23:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:18:73:63:06:d7:aa:96:be:52:d8:aa:07:70:18:61:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5abc43afced72fb92778728bee571c678f53853
Validity
Not Before: Oct 24 23:00:06 2025 GMT
Not After : Oct 25 23:00:06 2025 GMT
Subject: CN=6d8d61cf3a4a3b73c1f47c03df3d3f51a37bc321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b8:0f:ce:a2:02:69:ec:d9:70:70:bf:21:a0:
ca:96:8d:f6:b0:66:52:14:48:77:b1:ac:71:a0:5f:
d4:83:e8:ac:9d:5b:78:2d:53:72:9f:33:3c:39:48:
0e:23:a5:cc:59:4d:4a:77:85:43:d2:e5:57:1e:2c:
83:8f:30:92:5e:c5:32:79:09:6e:2a:ba:cb:c8:0e:
bb:55:fd:34:81:97:4f:d9:6b:81:cd:0c:ae:93:03:
6a:89:14:66:d2:95:46:34:04:1b:f1:48:26:8f:ef:
e2:3a:25:65:4a:66:67:4b:97:17:94:8f:d2:25:3b:
40:46:66:51:7b:ba:6b:bf:82:5e:65:55:8e:24:5c:
b7:8f:45:a7:b2:9e:ba:66:c9:85:ea:f0:6e:a7:62:
96:3d:d3:ee:45:79:b8:d7:04:f9:9e:d8:db:ed:94:
c5:82:4c:08:98:6f:46:7e:04:c2:1f:11:5b:f4:4a:
ff:76:e0:5f:6c:ad:40:b8:21:b4:bd:96:70:a0:da:
f1:d0:83:1d:3a:f7:02:c6:26:1e:17:12:62:ce:6f:
e8:d3:97:2c:c6:f0:3d:d8:81:14:87:ee:87:3e:18:
75:f9:99:4a:c9:d9:4b:a1:a2:2d:3b:7f:fb:5a:41:
cd:c2:26:cd:06:a5:ff:18:ff:a1:5e:66:cb:ea:ad:
56:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:61:CF:3A:4A:3B:73:C1:F4:7C:03:DF:3D:3F:51:A3:7B:C3:21
X509v3 Authority Key Identifier:
keyid:A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:d4:e1:b0:66:18:fe:f6:71:5f:b3:ec:e7:48:8a:29:87:f1:
b8:e4:f2:b5:1d:9a:87:82:1c:5b:4e:a4:85:bc:b4:c3:ed:9d:
d8:89:a5:14:f3:ec:d5:71:3e:a3:b5:3c:e1:47:14:cb:92:35:
c7:02:45:79:ca:f9:b7:50:6d:28:13:93:ec:6f:d8:35:8f:e1:
6d:96:d4:6f:4d:84:6d:d3:23:74:14:d2:1b:b5:9b:d5:57:4a:
48:4b:55:55:63:0b:b7:bb:95:32:82:de:6b:cf:6f:ca:e4:c6:
17:63:b0:9d:eb:91:44:4a:44:7e:65:22:2d:f1:c6:6f:52:24:
0e:db:87:77:19:84:b1:59:ae:93:93:f2:44:47:5c:b2:61:96:
e7:e6:e4:5c:f0:7f:f8:f9:b7:b9:4f:25:c0:d0:bb:49:ad:08:
a9:17:d4:83:73:44:a7:f5:67:d5:97:a1:f5:6d:fb:91:67:f3:
23:94:a7:90:23:8a:0f:00:f1:95:a7:29:c6:87:a7:88:9e:21:
ab:96:56:bd:ec:be:6c:42:2f:da:64:1c:73:41:1c:18:85:1f:
fc:a0:e7:f0:6e:63:34:07:47:43:d4:a7:49:c4:b6:52:da:2c:
dc:a7:f0:26:74:ea:2c:1c:dd:a4:94:a2:2c:9c:44:d9:1c:45:
d0:5b:3b:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoYc2MG16qWvlLYqgdwGGFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWJjNDNhZmNlZDcyZmI5Mjc3ODcyOGJlZTU3MWM2Nzhm
NTM4NTMwHhcNMjUxMDI0MjMwMDA2WhcNMjUxMDI1MjMwMDA2WjAzMTEwLwYDVQQD
Eyg2ZDhkNjFjZjNhNGEzYjczYzFmNDdjMDNkZjNkM2Y1MWEzN2JjMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bgPzqICaezZcHC/IaDKlo32sGZS
FEh3saxxoF/Ug+isnVt4LVNynzM8OUgOI6XMWU1Kd4VD0uVXHiyDjzCSXsUyeQlu
KrrLyA67Vf00gZdP2WuBzQyukwNqiRRm0pVGNAQb8Ugmj+/iOiVlSmZnS5cXlI/S
JTtARmZRe7prv4JeZVWOJFy3j0Wnsp66ZsmF6vBup2KWPdPuRXm41wT5ntjb7ZTF
gkwImG9GfgTCHxFb9Er/duBfbK1AuCG0vZZwoNrx0IMdOvcCxiYeFxJizm/o05cs
xvA92IEUh+6HPhh1+ZlKydlLoaItO3/7WkHNwibNBqX/GP+hXmbL6q1W8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2NYc86SjtzwfR8A989P1Gje8MhMB8GA1UdIwQY
MBaAFKWrxDr87XL7kneHKL7lccZ49ThTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9lOWI3NmEtMTBiMy00N2MwLWE1MTct
YjVlOTFmYzY1MDUxLzEvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9lOWI3NmEtMTBiMy00N2MwLWE1MTctYjVlOTFmYzY1MDUx
LzEvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAndThsGYY
/vZxX7Ps50iKKYfxuOTytR2ah4IcW06khby0w+2d2ImlFPPs1XE+o7U84UcUy5I1
xwJFecr5t1BtKBOT7G/YNY/hbZbUb02EbdMjdBTSG7Wb1VdKSEtVVWMLt7uVMoLe
a89vyuTGF2OwneuRREpEfmUiLfHGb1IkDtuHdxmEsVmuk5PyREdcsmGW5+bkXPB/
+Pm3uU8lwNC7Sa0IqRfUg3NEp/Vn1Zeh9W37kWfzI5SnkCOKDwDxlacpxoeniJ4h
q5ZWvey+bEIv2mQcc0EcGIUf/KDn8G5jNAdHQ9SnScS2Utos3KfwJnTqLBzdpJSi
LJxE2RxF0Fs7SA==
-----END CERTIFICATE-----
Generated at Sat Oct 25 09:00:11 2025 by rpki-client