Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.mft
File: PqFIQth34nvEBouYH-dK64vufnM.mft (raw, json)
Hash identifier: bo81VIsfbhQE1vl9UsHUyeYA8L/hvE0M5hW1ZcQH/6A=
Subject key identifier: 9F:44:F7:34:AD:21:29:99:B1:C7:F2:4E:72:A3:0F:C3:48:43:17:BA
Authority key identifier: 3E:A1:48:42:D8:77:E2:7B:C4:06:8B:98:1F:E7:4A:EB:8B:EE:7E:73
Certificate issuer: /CN=3ea14842d877e27bc4068b981fe74aeb8bee7e73
Certificate serial: 019A1AD16B84052DD9B1CC63D7613317A342
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqFIQth34nvEBouYH-dK64vufnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.mft
Manifest number: 16F2
Signing time: Sat 25 Oct 2025 10:02:03 +0000
Manifest this update: Sat 25 Oct 2025 10:02:03 +0000
Manifest next update: Sun 26 Oct 2025 10:02:03 +0000
Files and hashes: 1: PqFIQth34nvEBouYH-dK64vufnM.crl (hash: 9bMFKf/lEAO8phmKRV3g2KD2hV+bnlYP2y/6aJz0YS8=)
2: h5AoEy-X54Db83-jTlFH2Y1fCVw.roa (hash: HOh3C7TWeQ0O5hO+1P91yiEiZozSeSnp7F1/q290vZs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/PqFIQth34nvEBouYH-dK64vufnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 08:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1a:d1:6b:84:05:2d:d9:b1:cc:63:d7:61:33:17:a3:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea14842d877e27bc4068b981fe74aeb8bee7e73
Validity
Not Before: Oct 25 10:02:03 2025 GMT
Not After : Oct 26 10:02:03 2025 GMT
Subject: CN=9f44f734ad212999b1c7f24e72a30fc3484317ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a1:69:7a:75:63:e3:b9:b6:d0:33:7e:b6:07:
8b:90:89:a8:67:58:e8:46:46:41:8b:c5:a8:60:20:
30:20:c8:7b:f5:4d:09:27:70:61:d5:87:71:53:be:
68:b4:4d:cd:42:92:8f:be:4c:75:99:61:ac:fa:bc:
b4:fc:8d:2b:ab:c5:c1:1d:42:49:4e:99:0d:43:3d:
8c:90:9b:4a:da:4b:57:64:a3:bb:24:dc:7e:70:31:
0f:a2:e2:b5:a4:1c:e0:94:8d:a4:51:77:dd:0f:f6:
c4:56:b0:bb:0b:47:82:87:dc:91:66:be:2b:ad:0b:
1e:aa:7e:97:10:72:fa:cc:7e:91:ab:ec:e6:da:18:
ba:cd:a8:78:44:0c:86:72:50:e2:6b:37:a6:12:c1:
62:de:0e:cf:6f:3b:a2:f5:73:61:5d:89:34:5c:a5:
ab:d4:77:50:f7:8c:0e:b3:72:d7:f7:6f:ad:a9:90:
14:f9:b1:52:61:a2:44:22:fa:cc:73:0c:54:a1:30:
b4:10:78:fc:20:88:51:88:83:b6:85:df:b9:d6:cf:
a3:2c:f7:00:9d:5a:63:d5:0a:0f:58:12:54:42:22:
5c:f5:01:03:87:c1:fb:bd:f6:8f:ef:05:88:66:50:
65:03:bc:e1:a3:6d:14:ef:a9:4c:73:d8:b8:24:28:
c5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:44:F7:34:AD:21:29:99:B1:C7:F2:4E:72:A3:0F:C3:48:43:17:BA
X509v3 Authority Key Identifier:
keyid:3E:A1:48:42:D8:77:E2:7B:C4:06:8B:98:1F:E7:4A:EB:8B:EE:7E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqFIQth34nvEBouYH-dK64vufnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:a4:49:e3:db:d3:9c:2e:05:c5:95:08:7a:0c:ad:a1:13:bc:
6b:cf:1f:41:b9:0d:ba:c0:db:c2:7d:9e:ff:18:62:66:91:1a:
22:69:4b:bf:3f:94:8c:b9:77:7e:01:6c:85:3c:60:b4:0c:83:
16:57:52:a4:f3:83:d2:4b:1a:f3:78:7b:e9:ed:81:59:5e:d6:
1b:77:88:05:35:92:49:09:ae:7b:4f:fe:08:06:15:ad:e4:97:
fb:61:30:a2:da:7f:64:6b:30:fd:aa:5a:ed:05:33:b5:5d:69:
b4:6b:74:21:f5:80:f4:7b:6b:54:8f:42:37:df:45:ca:49:12:
b2:95:d8:83:18:5a:2f:cc:d2:0b:cb:17:f4:4f:37:14:51:a5:
e3:41:fc:03:c1:94:66:ea:03:76:4a:29:32:93:19:33:b5:4a:
0a:d3:53:3c:ca:38:6c:19:f1:48:5e:68:db:77:f0:06:b2:b7:
29:4b:4e:11:9a:a7:a7:4a:7d:7b:82:dc:29:76:b0:9a:3c:6b:
b4:4e:e4:7d:a8:38:0f:bf:7c:f2:c6:92:72:86:4e:df:47:2a:
b2:dc:fe:ed:11:14:bb:fd:47:89:db:81:78:89:22:9d:41:58:
64:89:5d:92:92:48:78:0c:41:03:2f:c8:c9:9b:de:6e:ea:4f:
5d:e4:17:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoa0WuEBS3Zscxj12EzF6NCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTE0ODQyZDg3N2UyN2JjNDA2OGI5ODFmZTc0YWViOGJl
ZTdlNzMwHhcNMjUxMDI1MTAwMjAzWhcNMjUxMDI2MTAwMjAzWjAzMTEwLwYDVQQD
Eyg5ZjQ0ZjczNGFkMjEyOTk5YjFjN2YyNGU3MmEzMGZjMzQ4NDMxN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6FpenVj47m20DN+tgeLkImoZ1jo
RkZBi8WoYCAwIMh79U0JJ3Bh1YdxU75otE3NQpKPvkx1mWGs+ry0/I0rq8XBHUJJ
TpkNQz2MkJtK2ktXZKO7JNx+cDEPouK1pBzglI2kUXfdD/bEVrC7C0eCh9yRZr4r
rQseqn6XEHL6zH6Rq+zm2hi6zah4RAyGclDiazemEsFi3g7Pbzui9XNhXYk0XKWr
1HdQ94wOs3LX92+tqZAU+bFSYaJEIvrMcwxUoTC0EHj8IIhRiIO2hd+51s+jLPcA
nVpj1QoPWBJUQiJc9QEDh8H7vfaP7wWIZlBlA7zho20U76lMc9i4JCjFGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9E9zStISmZscfyTnKjD8NIQxe6MB8GA1UdIwQY
MBaAFD6hSELYd+J7xAaLmB/nSuuL7n5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFGSVF0aDM0bnZFQm91WUgtZEs2NHZ1Zm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83OTcwNTctMjc4YS00ZjczLTgwYTEt
NGRjZTRmM2VhMTNlLzEvUHFGSVF0aDM0bnZFQm91WUgtZEs2NHZ1Zm5NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83OTcwNTctMjc4YS00ZjczLTgwYTEtNGRjZTRmM2VhMTNl
LzEvUHFGSVF0aDM0bnZFQm91WUgtZEs2NHZ1Zm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmKRJ49vT
nC4FxZUIegytoRO8a88fQbkNusDbwn2e/xhiZpEaImlLvz+UjLl3fgFshTxgtAyD
FldSpPOD0ksa83h76e2BWV7WG3eIBTWSSQmue0/+CAYVreSX+2Ewotp/ZGsw/apa
7QUztV1ptGt0IfWA9HtrVI9CN99FykkSspXYgxhaL8zSC8sX9E83FFGl40H8A8GU
ZuoDdkopMpMZM7VKCtNTPMo4bBnxSF5o23fwBrK3KUtOEZqnp0p9e4LcKXawmjxr
tE7kfag4D7988saScoZO30cqstz+7REUu/1HiduBeIkinUFYZIldkpJIeAxBAy/I
yZvebupPXeQXdw==
-----END CERTIFICATE-----
Generated at Sat Oct 25 14:00:36 2025 by rpki-client