Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
File: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json)
Hash identifier: eKTciJnMRJtV+y7XXwmN5SZb9Co25PXr3YNBdsqNEkg=
Subject key identifier: 35:FC:0D:0A:DF:52:B6:F0:CE:17:CD:7E:BD:39:A8:09:94:F3:50:DA
Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Certificate serial: 019A164E83C9B097AC3C8FE5D466A066ED17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
Manifest number: 0C72
Signing time: Fri 24 Oct 2025 13:00:35 +0000
Manifest this update: Fri 24 Oct 2025 13:00:35 +0000
Manifest next update: Sat 25 Oct 2025 13:00:35 +0000
Files and hashes: 1: E8EItKN2__9iKd7VUUHBehRVQCo.roa (hash: mIn23TrAWNsxopm3nGDSwuz19rtPaaB79Dzo0Qrhuqk=)
2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: rDXJ7g34gTHvputrD3WZ8LQ4w74AZHc9X00JzaUmUWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:4e:83:c9:b0:97:ac:3c:8f:e5:d4:66:a0:66:ed:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Validity
Not Before: Oct 24 13:00:35 2025 GMT
Not After : Oct 25 13:00:35 2025 GMT
Subject: CN=35fc0d0adf52b6f0ce17cd7ebd39a80994f350da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:cb:71:f0:e4:ea:91:46:0f:12:f1:75:5a:
ef:4c:af:cc:be:6f:ed:b8:ad:45:89:61:57:13:59:
9a:80:97:9d:6b:d6:2b:07:c8:46:0c:92:81:af:92:
dd:a9:97:31:70:39:7b:53:f7:61:c3:f3:1e:2d:ea:
03:14:1e:b1:ca:9c:0b:22:2c:02:34:12:2b:1f:76:
46:b7:50:78:56:5a:06:a1:18:46:b1:dd:c9:35:0f:
25:a4:e7:7f:9e:b8:d8:c6:aa:a3:4d:d2:bc:db:9e:
b6:5e:57:6b:c4:81:f2:e7:c3:dd:a7:70:99:8a:01:
d1:bb:4a:a5:63:65:4a:09:17:3e:50:85:de:83:21:
4f:2b:0e:f7:18:24:b7:07:b1:6a:1d:c1:18:47:bf:
f2:17:1c:f9:58:74:dd:36:89:9f:e4:65:b5:66:8d:
c1:96:3d:0e:7e:de:ee:71:31:be:ed:2f:e0:cb:32:
ea:4c:62:ec:0c:61:ef:f4:53:e0:ff:a7:70:11:9d:
fc:7b:72:2f:23:5f:08:c8:47:20:e8:c9:ef:ca:d3:
f4:ed:65:49:24:0d:fb:51:4b:de:c6:2b:63:0e:f4:
9c:50:d4:44:c5:73:9b:92:b4:46:b8:65:e0:8f:fe:
13:e9:9d:d2:fe:8d:98:1f:67:37:37:13:a6:27:b7:
72:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FC:0D:0A:DF:52:B6:F0:CE:17:CD:7E:BD:39:A8:09:94:F3:50:DA
X509v3 Authority Key Identifier:
keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:54:bb:3d:fa:bb:84:32:23:2a:a9:21:4e:95:81:77:ce:f5:
15:63:80:38:03:97:da:f1:51:8c:83:b1:99:91:16:7c:62:62:
6c:de:27:ff:be:b8:db:bd:13:66:2a:b5:fd:b4:b8:8b:ed:b9:
f3:4e:d6:e8:3a:71:01:b4:ba:0b:5b:ca:e2:19:28:4c:e4:4d:
ab:50:81:a2:be:b9:65:36:2f:c1:66:19:59:39:32:9b:42:61:
0f:ce:c9:60:7c:48:b4:a5:16:db:c2:b9:1b:e5:ee:b5:0d:16:
90:de:1d:4f:49:ff:df:96:84:4d:eb:76:7d:0c:19:6d:3f:72:
0a:58:5d:ce:5c:65:bd:81:dd:05:e3:be:65:3e:9b:8f:f5:60:
1b:f7:eb:cf:fb:98:12:81:5d:65:79:a4:87:94:b6:b4:c7:a4:
0d:b7:21:e1:76:fa:bf:f3:31:a3:9b:ac:01:08:9b:47:c6:4e:
13:50:37:a1:40:28:0b:9d:4d:b0:06:bb:19:53:2e:d7:25:d9:
d1:58:1d:b3:4b:21:28:b1:3d:13:6f:af:b7:c8:55:00:81:bd:
6c:e2:11:1b:13:c7:1c:73:be:26:ad:55:a3:ed:80:f8:d3:c3:
ef:d7:57:7f:38:8f:c3:cc:cf:2c:99:68:97:61:41:5b:e8:ed:
be:60:f4:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoWToPJsJesPI/l1GagZu0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk
NDNjZDAwHhcNMjUxMDI0MTMwMDM1WhcNMjUxMDI1MTMwMDM1WjAzMTEwLwYDVQQD
EygzNWZjMGQwYWRmNTJiNmYwY2UxN2NkN2ViZDM5YTgwOTk0ZjM1MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLvLcfDk6pFGDxLxdVrvTK/Mvm/t
uK1FiWFXE1magJeda9YrB8hGDJKBr5LdqZcxcDl7U/dhw/MeLeoDFB6xypwLIiwC
NBIrH3ZGt1B4VloGoRhGsd3JNQ8lpOd/nrjYxqqjTdK82562XldrxIHy58Pdp3CZ
igHRu0qlY2VKCRc+UIXegyFPKw73GCS3B7FqHcEYR7/yFxz5WHTdNomf5GW1Zo3B
lj0Oft7ucTG+7S/gyzLqTGLsDGHv9FPg/6dwEZ38e3IvI18IyEcg6MnvytP07WVJ
JA37UUvexitjDvScUNRExXObkrRGuGXgj/4T6Z3S/o2YH2c3NxOmJ7dy5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDX8DQrfUrbwzhfNfr05qAmU81DaMB8GA1UdIwQY
MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It
ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk
LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfFS7Pfq7
hDIjKqkhTpWBd871FWOAOAOX2vFRjIOxmZEWfGJibN4n/764270TZiq1/bS4i+25
807W6DpxAbS6C1vK4hkoTORNq1CBor65ZTYvwWYZWTkym0JhD87JYHxItKUW28K5
G+XutQ0WkN4dT0n/35aETet2fQwZbT9yClhdzlxlvYHdBeO+ZT6bj/VgG/frz/uY
EoFdZXmkh5S2tMekDbch4Xb6v/Mxo5usAQibR8ZOE1A3oUAoC51NsAa7GVMu1yXZ
0Vgds0shKLE9E2+vt8hVAIG9bOIRGxPHHHO+Jq1Vo+2A+NPD79dXfziPw8zPLJlo
l2FBW+jtvmD0xQ==
-----END CERTIFICATE-----
Generated at Fri Oct 24 18:09:48 2025 by rpki-client