Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: zVTYSS4CPJTYvuyWFiftRceRi6ZqozVHT1F+uMH6vUA=
Subject key identifier: 42:8D:1A:A4:6D:76:BF:3B:06:A4:CF:43:33:09:EB:A9:64:2B:F8:0C
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 019922FA6C2FE08E3E7635547C67A5119C4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 166E
Signing time: Sun 07 Sep 2025 07:01:00 +0000
Manifest this update: Sun 07 Sep 2025 07:01:00 +0000
Manifest next update: Mon 08 Sep 2025 07:01:00 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: jpEoduH9hk0HCqOtdQNFTHFWFsAL5a3Q/7a5/Ve8eGY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:fa:6c:2f:e0:8e:3e:76:35:54:7c:67:a5:11:9c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Sep 7 07:01:00 2025 GMT
Not After : Sep 8 07:01:00 2025 GMT
Subject: CN=428d1aa46d76bf3b06a4cf433309eba9642bf80c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ba:35:16:36:55:be:ee:89:7f:5a:48:7f:1b:
9b:75:7b:a8:11:d3:ef:ad:e0:bc:7e:dc:51:e0:9a:
59:63:fa:83:d8:0f:e9:26:78:38:4d:64:d8:4a:0f:
9d:3d:1a:d8:2c:0f:bb:01:89:28:79:eb:fb:9e:80:
68:27:d9:26:99:ae:85:14:10:8d:98:86:bb:ba:1f:
1b:42:c2:7f:7f:0a:6f:a3:25:0f:5b:d8:37:95:bc:
d8:fe:83:9a:10:e0:09:0c:e9:f1:c5:bd:05:01:6d:
17:59:7f:28:26:a9:93:08:a8:55:e5:3e:44:50:00:
aa:30:ff:09:07:c3:ae:bd:ac:77:50:0b:ad:4d:cd:
ab:6c:3d:e9:04:8a:d0:ab:59:6b:54:5c:44:b1:3a:
12:84:7b:29:0f:c8:f6:2e:5d:7a:c5:b4:69:9f:c0:
af:98:45:61:e6:db:8e:82:e8:0c:09:0f:27:08:53:
0f:d1:ec:55:3b:f3:8b:e7:1a:39:26:d9:7b:3f:ce:
1a:45:25:82:f2:51:2f:3d:09:0e:d0:84:59:25:f0:
7c:0f:84:e9:bd:28:bb:94:74:e5:f9:12:d5:91:1a:
37:59:ba:9b:fc:ab:33:44:f6:18:fb:8d:04:ac:e9:
e8:4d:18:17:2b:8f:29:cc:33:3c:19:71:6a:f3:eb:
48:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8D:1A:A4:6D:76:BF:3B:06:A4:CF:43:33:09:EB:A9:64:2B:F8:0C
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:03:d8:88:6d:00:ef:c9:a8:39:1f:f1:5f:a3:f9:ad:9b:84:
90:94:4a:22:2c:5a:6b:e4:a6:90:9e:03:93:50:f8:db:8a:99:
00:31:20:2c:ee:45:4e:bf:f0:53:3f:27:9e:17:c6:d0:d6:38:
54:88:a3:33:2a:70:14:c0:35:a6:7f:27:24:8e:71:57:f1:3e:
d1:de:5d:bb:f9:3d:b1:07:3e:1a:e7:f6:d6:b1:50:a2:34:0d:
f6:f4:f8:1d:c6:06:4b:ad:09:b4:64:54:47:82:f9:8e:e4:1a:
f1:aa:c4:6c:64:8d:b6:bf:22:af:d3:73:ba:45:a8:6d:d4:53:
54:75:f7:35:f0:f0:33:69:b7:22:41:1d:02:c1:a5:49:85:80:
7d:19:d6:07:37:46:23:79:cf:46:9f:1d:da:6a:7e:f3:e1:95:
d5:7b:b5:52:c8:99:92:88:56:f8:04:e6:b4:5f:99:21:06:d5:
bd:4e:0e:1e:40:5d:97:76:5a:66:aa:61:df:08:1a:a2:48:a5:
3f:ca:1d:9c:67:b9:d4:9e:5d:73:5d:34:bf:75:98:f4:df:40:
a8:72:e5:5b:59:18:60:45:02:6c:2d:10:b5:7d:0b:db:89:fb:
b1:4a:78:f2:67:59:76:45:1a:b0:f1:09:59:d3:da:d5:48:e9:
23:9e:cc:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+mwv4I4+djVUfGelEZxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUwOTA3MDcwMTAwWhcNMjUwOTA4MDcwMTAwWjAzMTEwLwYDVQQD
Eyg0MjhkMWFhNDZkNzZiZjNiMDZhNGNmNDMzMzA5ZWJhOTY0MmJmODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7o1FjZVvu6Jf1pIfxubdXuoEdPv
reC8ftxR4JpZY/qD2A/pJng4TWTYSg+dPRrYLA+7AYkoeev7noBoJ9kmma6FFBCN
mIa7uh8bQsJ/fwpvoyUPW9g3lbzY/oOaEOAJDOnxxb0FAW0XWX8oJqmTCKhV5T5E
UACqMP8JB8Ouvax3UAutTc2rbD3pBIrQq1lrVFxEsToShHspD8j2Ll16xbRpn8Cv
mEVh5tuOgugMCQ8nCFMP0exVO/OL5xo5Jtl7P84aRSWC8lEvPQkO0IRZJfB8D4Tp
vSi7lHTl+RLVkRo3Wbqb/KszRPYY+40ErOnoTRgXK48pzDM8GXFq8+tIJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKNGqRtdr87BqTPQzMJ66lkK/gMMB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALgPYiG0A
78moOR/xX6P5rZuEkJRKIixaa+SmkJ4Dk1D424qZADEgLO5FTr/wUz8nnhfG0NY4
VIijMypwFMA1pn8nJI5xV/E+0d5du/k9sQc+Guf21rFQojQN9vT4HcYGS60JtGRU
R4L5juQa8arEbGSNtr8ir9NzukWobdRTVHX3NfDwM2m3IkEdAsGlSYWAfRnWBzdG
I3nPRp8d2mp+8+GV1Xu1UsiZkohW+ATmtF+ZIQbVvU4OHkBdl3ZaZqph3wgaokil
P8odnGe51J5dc100v3WY9N9AqHLlW1kYYEUCbC0QtX0L24n7sUp48mdZdkUasPEJ
WdPa1UjpI57MOA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 09:58:24 2025 by rpki-client