Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
File: PnpcKTN0JfqBOVVRcmyMK35MUIc.mft (raw, json)
Hash identifier: nMzaCZsY2V4SKC3K28uzNGbfvnBqkoBYpjcf8vOilOA=
Subject key identifier: 3B:FA:22:3E:4D:99:68:F4:4B:EC:0B:82:E7:2E:78:40:11:DB:D2:81
Authority key identifier: 3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87
Certificate issuer: /CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
Certificate serial: 019A72259ED1534B9D8218A0E02F3B0F8885
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
Manifest number: 0467
Signing time: Tue 11 Nov 2025 09:00:59 +0000
Manifest this update: Tue 11 Nov 2025 09:00:59 +0000
Manifest next update: Wed 12 Nov 2025 09:00:59 +0000
Files and hashes: 1: PnpcKTN0JfqBOVVRcmyMK35MUIc.crl (hash: y2WQnxVUBrnzB9bh06qZLUi1N5hn6JxKl4/4+tHrmss=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:9e:d1:53:4b:9d:82:18:a0:e0:2f:3b:0f:88:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
Validity
Not Before: Nov 11 09:00:59 2025 GMT
Not After : Nov 12 09:00:59 2025 GMT
Subject: CN=3bfa223e4d9968f44bec0b82e72e784011dbd281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:68:4d:cb:1d:b0:d8:6c:a9:27:d4:d6:07:ad:
80:6d:79:83:52:ff:17:8f:52:92:b7:f8:2e:b3:6c:
69:ec:78:6a:44:6d:84:37:0c:16:ca:51:10:17:33:
74:d1:81:67:5d:18:90:70:07:43:b4:cc:77:27:93:
2d:be:71:a8:86:ac:9b:0e:76:e7:11:df:1b:82:96:
2e:64:82:b3:11:aa:eb:b5:62:80:0c:87:69:7a:3b:
98:b5:63:9e:64:97:79:8f:22:36:22:ea:c0:60:e7:
b3:40:e1:59:53:b7:e2:a8:0f:6e:3d:c8:4a:7c:03:
aa:eb:92:79:69:5e:5b:d3:d8:2f:ba:be:9b:c3:ab:
87:e9:b1:e1:fa:a6:57:28:a1:d9:a0:96:a5:ea:ad:
27:d2:a0:dd:08:98:07:3d:08:5e:c2:25:79:49:93:
3f:7b:2d:ad:c7:fd:a6:64:76:27:e1:83:68:a7:d6:
a3:ad:8d:44:07:7f:38:97:e8:61:e1:63:ad:ed:1a:
9b:49:d4:b1:52:66:75:d4:c0:52:26:2a:83:16:95:
2f:cf:a3:ca:42:f6:c5:58:b4:bb:66:9b:9e:53:5d:
8b:d4:79:2f:e5:96:1c:e4:4f:90:6f:e0:52:86:61:
ce:0a:f1:a3:b3:4a:c2:d3:b0:25:50:99:05:40:f5:
b3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:22:3E:4D:99:68:F4:4B:EC:0B:82:E7:2E:78:40:11:DB:D2:81
X509v3 Authority Key Identifier:
keyid:3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:c0:34:cd:e7:2f:31:6b:57:27:67:e1:98:0f:ea:5f:b8:45:
9b:c9:f9:90:c8:3a:f5:f1:bc:50:f6:64:31:07:76:0a:3e:80:
44:a6:46:44:74:21:79:a2:91:e3:5e:b6:58:b6:93:e9:0f:87:
87:27:70:bd:1f:cb:71:48:02:f6:2d:76:5e:13:d9:77:18:ba:
58:ad:f8:ac:51:30:a2:bc:5f:ab:24:45:7b:06:df:e2:76:f2:
35:92:44:a8:19:4a:fe:6b:32:50:52:27:81:d2:21:d1:19:86:
53:53:96:41:b7:03:e0:62:74:f8:3f:d3:e0:1e:5b:f1:d7:51:
ee:5f:46:8f:4d:70:b7:17:77:18:8d:3b:a2:30:4b:c3:c1:36:
b8:f8:be:95:5e:16:32:30:76:cd:5c:31:12:35:48:4d:ec:44:
70:5b:01:07:fa:36:e5:24:63:5a:e8:a0:fe:5a:5e:58:c4:d3:
20:f9:97:24:04:a4:f2:2f:27:0b:cb:fe:95:e4:79:c9:a4:f4:
72:d8:c9:56:75:16:e1:f3:f6:fb:d0:a4:45:a2:80:15:67:7d:
38:9c:25:5f:63:39:e9:70:04:9b:9f:fe:89:10:2e:42:77:12:
02:2a:88:5b:2a:bb:35:08:1d:87:59:bc:0a:05:0d:27:d8:49:
92:f3:28:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZ7RU0udghig4C87D4iFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2E1YzI5MzM3NDI1ZmE4MTM5NTU1MTcyNmM4YzJiN2U0
YzUwODcwHhcNMjUxMTExMDkwMDU5WhcNMjUxMTEyMDkwMDU5WjAzMTEwLwYDVQQD
EygzYmZhMjIzZTRkOTk2OGY0NGJlYzBiODJlNzJlNzg0MDExZGJkMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWhNyx2w2GypJ9TWB62AbXmDUv8X
j1KSt/gus2xp7HhqRG2ENwwWylEQFzN00YFnXRiQcAdDtMx3J5MtvnGohqybDnbn
Ed8bgpYuZIKzEarrtWKADIdpejuYtWOeZJd5jyI2IurAYOezQOFZU7fiqA9uPchK
fAOq65J5aV5b09gvur6bw6uH6bHh+qZXKKHZoJal6q0n0qDdCJgHPQhewiV5SZM/
ey2tx/2mZHYn4YNop9ajrY1EB384l+hh4WOt7RqbSdSxUmZ11MBSJiqDFpUvz6PK
QvbFWLS7ZpueU12L1Hkv5ZYc5E+Qb+BShmHOCvGjs0rC07AlUJkFQPWzWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDv6Ij5NmWj0S+wLgucueEAR29KBMB8GA1UdIwQY
MBaAFD56XCkzdCX6gTlVUXJsjCt+TFCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQt
Y2FhMzI5MTgxOTY0LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQtY2FhMzI5MTgxOTY0
LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmMA0zecv
MWtXJ2fhmA/qX7hFm8n5kMg69fG8UPZkMQd2Cj6ARKZGRHQheaKR4162WLaT6Q+H
hydwvR/LcUgC9i12XhPZdxi6WK34rFEworxfqyRFewbf4nbyNZJEqBlK/msyUFIn
gdIh0RmGU1OWQbcD4GJ0+D/T4B5b8ddR7l9Gj01wtxd3GI07ojBLw8E2uPi+lV4W
MjB2zVwxEjVITexEcFsBB/o25SRjWuig/lpeWMTTIPmXJASk8i8nC8v+leR5yaT0
ctjJVnUW4fP2+9CkRaKAFWd9OJwlX2M56XAEm5/+iRAuQncSAiqIWyq7NQgdh1m8
CgUNJ9hJkvMoBA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:43 2025 by rpki-client