Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: IVekmvPEHMVyyT9HVvy6hg2xeB2JXsgYpi7ShhpgR/k=
Subject key identifier: B1:21:97:4A:BA:C9:42:8E:8A:6D:E6:08:E1:32:3F:FF:74:58:9D:94
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 019A73019B7703A12729D05BBE7F8C71D4C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 13:01:16 +0000
Manifest this update: Tue 11 Nov 2025 13:01:16 +0000
Manifest next update: Wed 12 Nov 2025 13:01:16 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: HC5SLsljOHjdnXLOlJtQHBwyIhcB60g45s5ufy29OJQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:9b:77:03:a1:27:29:d0:5b:be:7f:8c:71:d4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Nov 11 13:01:16 2025 GMT
Not After : Nov 12 13:01:16 2025 GMT
Subject: CN=b121974abac9428e8a6de608e1323fff74589d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:09:e6:3e:4c:13:b6:3b:fe:72:41:d2:78:d4:
48:1d:51:a9:49:c5:40:c0:7d:65:c5:da:0e:89:66:
03:d0:4b:77:cc:b4:8f:47:aa:c5:f7:ae:c5:7b:97:
cd:cc:99:b2:fb:5b:ec:c9:65:f0:d3:7f:e0:1c:6f:
45:eb:4c:bf:3d:23:f7:ce:9b:10:3f:69:48:79:3a:
58:27:f7:97:e1:8a:f3:ea:06:67:4b:08:28:c1:6f:
43:51:a8:4c:8b:6e:73:cf:03:d8:15:a1:22:74:5f:
12:79:4c:0c:69:86:94:8f:a5:b3:0e:5a:f1:3b:c9:
f4:45:0a:35:b1:4a:d1:69:29:25:1b:21:f5:35:7f:
3c:08:c7:84:f5:67:9a:f4:d2:fc:dd:cd:cd:7d:82:
7d:59:5d:d1:29:b7:bb:fd:ad:ee:df:37:82:92:9e:
66:5f:5e:96:95:b5:fc:a8:43:f6:92:47:9b:00:00:
e7:01:28:61:7f:c5:c6:84:90:86:1a:c6:5a:0e:43:
b4:fb:5b:c0:52:36:b6:98:94:77:33:3e:da:f5:8c:
2c:b6:f3:77:f1:47:65:48:62:3a:c5:96:e8:73:a2:
b8:1a:9f:44:ab:9c:8c:b8:23:94:07:61:a1:ec:39:
e6:f8:ab:11:a7:0b:c5:e5:37:84:2f:98:cc:0d:80:
b0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:21:97:4A:BA:C9:42:8E:8A:6D:E6:08:E1:32:3F:FF:74:58:9D:94
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:a2:b4:bf:2d:80:14:96:1a:65:26:d0:96:18:cb:b7:25:ad:
15:bf:35:d0:4b:99:ad:62:34:e9:6c:1a:a4:a5:45:f1:3b:d1:
b1:39:f2:fe:b4:5e:75:8a:a6:52:0c:65:ea:67:f4:88:5b:de:
17:85:ba:72:51:17:c3:cf:dc:df:75:57:74:02:12:a2:00:44:
63:57:0f:ba:8e:57:19:0b:52:f8:65:05:94:81:3f:07:68:da:
72:5c:26:ab:22:07:dd:3f:53:ad:88:65:76:e3:3a:8f:05:74:
0b:0f:db:ae:15:e1:13:d1:45:c1:3c:e1:d9:dc:61:f1:a3:0c:
0d:cf:06:0b:97:c7:a9:e6:d0:d6:04:35:b7:42:6d:85:39:ed:
2e:7a:83:54:a9:06:a9:d8:f1:1d:25:37:9a:66:00:c1:11:84:
54:f6:3c:a1:8a:cd:aa:67:22:51:1e:3f:41:5a:7d:07:f9:3d:
aa:03:ec:03:a5:92:04:fb:ca:fe:12:3a:79:3a:ab:e9:05:eb:
ba:e2:d3:56:bc:5b:59:cf:a0:1f:fc:17:bc:bf:e4:ec:57:4f:
34:db:1f:77:b4:72:9f:53:aa:d6:7d:63:6f:33:77:45:43:c3:
89:7d:f4:ea:37:48:8f:f4:fe:c3:9c:26:f7:02:02:4f:ae:85:
6a:18:68:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAZt3A6EnKdBbvn+McdTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUxMTExMTMwMTE2WhcNMjUxMTEyMTMwMTE2WjAzMTEwLwYDVQQD
EyhiMTIxOTc0YWJhYzk0MjhlOGE2ZGU2MDhlMTMyM2ZmZjc0NTg5ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAnmPkwTtjv+ckHSeNRIHVGpScVA
wH1lxdoOiWYD0Et3zLSPR6rF967Fe5fNzJmy+1vsyWXw03/gHG9F60y/PSP3zpsQ
P2lIeTpYJ/eX4Yrz6gZnSwgowW9DUahMi25zzwPYFaEidF8SeUwMaYaUj6WzDlrx
O8n0RQo1sUrRaSklGyH1NX88CMeE9Wea9NL83c3NfYJ9WV3RKbe7/a3u3zeCkp5m
X16WlbX8qEP2kkebAADnAShhf8XGhJCGGsZaDkO0+1vAUja2mJR3Mz7a9YwstvN3
8UdlSGI6xZboc6K4Gp9Eq5yMuCOUB2Gh7Dnm+KsRpwvF5TeEL5jMDYCwKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEhl0q6yUKOim3mCOEyP/90WJ2UMB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXqK0vy2A
FJYaZSbQlhjLtyWtFb810EuZrWI06WwapKVF8TvRsTny/rRedYqmUgxl6mf0iFve
F4W6clEXw8/c33VXdAISogBEY1cPuo5XGQtS+GUFlIE/B2jaclwmqyIH3T9TrYhl
duM6jwV0Cw/brhXhE9FFwTzh2dxh8aMMDc8GC5fHqebQ1gQ1t0JthTntLnqDVKkG
qdjxHSU3mmYAwRGEVPY8oYrNqmciUR4/QVp9B/k9qgPsA6WSBPvK/hI6eTqr6QXr
uuLTVrxbWc+gH/wXvL/k7FdPNNsfd7Ryn1Oq1n1jbzN3RUPDiX306jdIj/T+w5wm
9wICT66FahhoXw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:36:01 2025 by rpki-client