Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft
File: pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft (raw, json)
Hash identifier: gliL8YjyrJcmZ1U9mV3DuAveqImsE8BqwxeQsr2O1dg=
Subject key identifier: 1B:28:24:7F:62:FF:EF:BE:0A:97:30:62:99:65:71:C6:E4:98:92:BD
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 019A0C019A93008AB75C9F10AB405999FA7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft
Manifest number: 16F7
Signing time: Wed 22 Oct 2025 13:00:22 +0000
Manifest this update: Wed 22 Oct 2025 13:00:22 +0000
Manifest next update: Thu 23 Oct 2025 13:00:22 +0000
Files and hashes: 1: Clf1O67BMO2Rhs6Zi3d5eqYtS78.roa (hash: gEsGT+BkcxrPL5LEXQ9nd6Eso8OhYDY6ncvwiqyMT9o=)
2: pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl (hash: OYFQrNDvVI5XL0vO+qUsAjX01TflKz164BpktpBJz+w=)
3: y4LRZvQWH9l19-R4kCc6PgUW78w.roa (hash: 2GDs3fd+T8RC8u9/aToLiIMcmZgcmmJt7vgNbq6rFsw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 13:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:01:9a:93:00:8a:b7:5c:9f:10:ab:40:59:99:fa:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Oct 22 13:00:22 2025 GMT
Not After : Oct 23 13:00:22 2025 GMT
Subject: CN=1b28247f62ffefbe0a973062996571c6e49892bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:59:88:88:66:2c:2a:c9:dd:07:76:70:c8:4a:
15:11:4e:c9:5b:88:62:16:11:c9:e9:f5:cd:fe:aa:
2d:b3:de:40:27:97:01:c8:cf:23:03:e7:76:2f:17:
c2:25:2e:15:ed:69:97:0c:dc:f3:ca:dc:9e:03:7a:
c2:d5:7f:39:73:a5:37:a3:f0:83:9e:40:82:4a:97:
fc:58:51:bb:dd:16:1b:1b:5f:0a:87:e7:4e:6d:57:
fe:3e:d5:de:d5:84:92:b5:9d:94:7f:15:83:22:61:
6f:de:d3:91:3a:2a:cf:61:0f:16:0b:d6:e5:3a:11:
0e:ac:d7:33:5c:f2:75:08:db:57:a9:94:7a:2b:40:
d2:26:01:6f:e2:61:85:1d:d0:5d:ec:4e:cf:36:4b:
e4:e4:a0:0d:37:0d:8f:88:36:c8:89:93:a2:72:3d:
ee:86:da:a4:89:88:df:e4:9a:55:6e:3c:ab:6b:ab:
b4:70:f7:7c:e3:be:f0:5f:8a:7b:8d:05:f7:63:31:
d5:fa:d5:ec:66:4a:00:a8:01:cf:66:2c:73:d1:de:
3f:ac:26:da:74:76:62:3f:14:07:40:89:48:6a:24:
09:8a:57:81:d5:d4:c9:bf:2c:55:79:81:64:da:e6:
a3:59:a8:e5:ce:e5:43:14:02:f9:55:33:dc:36:93:
d2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:28:24:7F:62:FF:EF:BE:0A:97:30:62:99:65:71:C6:E4:98:92:BD
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:4d:46:90:6a:33:b1:33:cf:6a:b0:f2:3a:d9:2a:4c:23:07:
d4:5e:c3:90:5e:bd:fb:78:a2:97:e0:53:0e:88:c2:c5:da:dc:
20:f8:58:bf:5d:91:27:b6:cc:5b:53:ed:23:fd:ff:7c:72:fd:
30:5f:65:7a:c9:91:ef:96:83:64:b9:cb:8a:10:80:ab:22:30:
98:c4:ed:8c:bc:37:43:b6:a2:f3:17:e7:f7:28:c8:89:6e:4f:
87:75:34:71:d3:6b:5c:a8:73:c4:82:8e:71:00:e2:64:08:94:
72:8b:b4:93:a2:e6:60:64:85:cb:c6:03:80:18:d0:35:3d:5b:
0a:6b:92:1d:09:c3:46:0b:b1:cc:6f:7d:2e:85:e7:17:73:51:
1a:3d:81:66:fd:c6:03:7b:98:5d:88:b6:a0:80:64:15:f1:b3:
43:f4:9a:cc:eb:b8:d4:52:64:4e:c3:d4:d5:59:29:7a:cd:ce:
53:18:7e:1b:b7:48:54:67:a1:26:9c:4b:b5:73:7c:40:8f:95:
a3:70:70:f8:41:5f:9d:71:72:79:60:42:64:90:7f:2b:c1:d1:
3c:41:b7:a6:82:51:7c:12:ce:a7:e9:91:2e:ff:20:82:1f:14:
32:44:0d:0a:d7:b5:37:3f:43:a6:b3:05:e5:d6:b1:38:67:37:
3f:ff:44:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoMAZqTAIq3XJ8Qq0BZmfp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjUxMDIyMTMwMDIyWhcNMjUxMDIzMTMwMDIyWjAzMTEwLwYDVQQD
EygxYjI4MjQ3ZjYyZmZlZmJlMGE5NzMwNjI5OTY1NzFjNmU0OTg5MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1mIiGYsKsndB3ZwyEoVEU7JW4hi
FhHJ6fXN/qots95AJ5cByM8jA+d2LxfCJS4V7WmXDNzzytyeA3rC1X85c6U3o/CD
nkCCSpf8WFG73RYbG18Kh+dObVf+PtXe1YSStZ2UfxWDImFv3tOROirPYQ8WC9bl
OhEOrNczXPJ1CNtXqZR6K0DSJgFv4mGFHdBd7E7PNkvk5KANNw2PiDbIiZOicj3u
htqkiYjf5JpVbjyra6u0cPd8477wX4p7jQX3YzHV+tXsZkoAqAHPZixz0d4/rCba
dHZiPxQHQIlIaiQJileB1dTJvyxVeYFk2uajWajlzuVDFAL5VTPcNpPStQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsoJH9i/+++CpcwYpllccbkmJK9MB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEk1GkGoz
sTPParDyOtkqTCMH1F7DkF69+3iil+BTDojCxdrcIPhYv12RJ7bMW1PtI/3/fHL9
MF9lesmR75aDZLnLihCAqyIwmMTtjLw3Q7ai8xfn9yjIiW5Ph3U0cdNrXKhzxIKO
cQDiZAiUcou0k6LmYGSFy8YDgBjQNT1bCmuSHQnDRguxzG99LoXnF3NRGj2BZv3G
A3uYXYi2oIBkFfGzQ/SazOu41FJkTsPU1Vkpes3OUxh+G7dIVGehJpxLtXN8QI+V
o3Bw+EFfnXFyeWBCZJB/K8HRPEG3poJRfBLOp+mRLv8ggh8UMkQNCte1Nz9DprMF
5daxOGc3P/9EQg==
-----END CERTIFICATE-----
Generated at Wed Oct 22 21:42:30 2025 by rpki-client