Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft
File: PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft (raw, json)
Hash identifier: b9UciBthXhzg/5Q1Rt4juxzwhonp6pLI/gLkbkOQ0TI=
Subject key identifier: 0B:32:12:0C:EE:70:B3:AF:09:FF:83:92:4C:8E:A7:A2:28:29:EB:01
Authority key identifier: 3D:76:7D:5F:E7:EF:3F:22:8B:DD:BD:E5:A0:E5:C1:80:06:F7:54:08
Certificate issuer: /CN=3d767d5fe7ef3f228bddbde5a0e5c18006f75408
Certificate serial: 019A70DC606FCDB367396CE64ED469889E3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXZ9X-fvPyKL3b3loOXBgAb3VAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft
Manifest number: 0FA5
Signing time: Tue 11 Nov 2025 03:01:21 +0000
Manifest this update: Tue 11 Nov 2025 03:01:21 +0000
Manifest next update: Wed 12 Nov 2025 03:01:21 +0000
Files and hashes: 1: J60Pw4hyKKjQhqi1eSTzFtauoi0.roa (hash: Pts66hPVy/S0JFZfVc88DLunALgdL+k1upaL/I3M97g=)
2: PXZ9X-fvPyKL3b3loOXBgAb3VAg.crl (hash: CO2XNP+wo2kb9VknsjoZeRvI6MN5pGxOWyjSFSwe2/M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXZ9X-fvPyKL3b3loOXBgAb3VAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:60:6f:cd:b3:67:39:6c:e6:4e:d4:69:88:9e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d767d5fe7ef3f228bddbde5a0e5c18006f75408
Validity
Not Before: Nov 11 03:01:21 2025 GMT
Not After : Nov 12 03:01:21 2025 GMT
Subject: CN=0b32120cee70b3af09ff83924c8ea7a22829eb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:8a:de:28:bb:e4:0f:19:65:24:86:45:ed:
f0:9d:4a:8f:ab:de:7a:63:33:91:93:4f:04:d8:e5:
41:cb:e2:f1:47:4e:48:41:2e:8e:ec:13:a8:6e:82:
79:d4:16:51:3b:b6:70:e0:40:ba:5f:34:42:b7:37:
08:8b:ba:d5:9f:63:c3:35:a1:89:85:e5:72:9b:15:
12:d2:d0:65:1e:61:1a:49:ca:8a:bf:a0:07:b5:66:
93:3e:c6:18:b3:6c:4a:60:d1:9f:4c:a0:70:49:99:
9b:76:24:f6:96:f9:c1:8c:48:be:f4:49:88:72:24:
06:87:22:2b:05:3b:83:0c:42:fb:6d:60:e7:ae:9a:
ad:c4:32:d3:20:0d:fd:f6:22:35:62:89:11:a7:89:
6a:fb:28:ef:41:7f:cb:5a:b4:18:f9:27:84:15:77:
50:59:40:5d:2a:0f:bc:cc:a4:e0:6b:cb:2c:20:51:
66:16:f8:84:9e:00:6f:d6:80:ce:26:df:12:fd:c5:
be:2c:19:09:1e:f1:c2:52:10:65:00:a1:95:c8:ad:
3a:db:71:ab:5a:37:c6:a1:de:d9:72:a2:8c:3e:43:
8f:e6:95:95:52:9f:d8:8d:cb:68:d4:a1:59:fa:c1:
bc:bd:29:4c:e9:af:a0:5e:4f:ca:74:47:5f:b3:30:
7c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:32:12:0C:EE:70:B3:AF:09:FF:83:92:4C:8E:A7:A2:28:29:EB:01
X509v3 Authority Key Identifier:
keyid:3D:76:7D:5F:E7:EF:3F:22:8B:DD:BD:E5:A0:E5:C1:80:06:F7:54:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXZ9X-fvPyKL3b3loOXBgAb3VAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:d0:7c:52:25:4c:ab:af:da:35:66:4b:26:9c:32:cb:ee:2f:
a9:1e:5c:95:42:2a:cc:65:46:36:59:5b:b9:95:ba:0a:46:63:
cf:6c:22:fd:29:9b:fa:ec:8b:00:56:91:f9:d2:6d:49:fb:b7:
0a:51:1e:26:a2:56:20:04:f8:43:de:04:41:fb:55:3b:31:69:
fb:86:bd:5e:17:a9:d8:2b:49:3b:08:01:95:eb:b4:e6:76:30:
6a:5c:7a:8e:f4:43:a0:2d:4d:31:42:48:c0:17:dc:0e:77:b9:
a9:64:bf:1b:9f:7e:f6:96:00:56:8b:c2:08:c1:9d:b1:c3:02:
23:9b:b2:8c:60:1a:e9:ec:5b:14:62:97:03:1e:d9:f8:3a:d9:
e0:e2:2a:24:e7:e8:0a:1b:54:f9:34:c7:0f:d6:27:2a:11:54:
bb:6b:e0:c5:81:b8:68:df:eb:1a:78:87:a0:d2:be:22:98:97:
ff:81:45:29:79:cf:25:b7:b8:64:15:df:a1:c7:d4:ff:fa:c9:
e6:52:ec:31:77:13:3f:f7:94:d8:ae:af:1a:53:5a:5a:75:80:
71:7a:96:19:f5:86:4f:47:e5:c2:c4:f5:50:a0:66:13:a5:61:
b5:1d:aa:83:1d:6a:91:55:05:ef:6d:ef:0a:0e:f8:92:9f:7f:
27:cf:27:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3GBvzbNnOWzmTtRpiJ4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzY3ZDVmZTdlZjNmMjI4YmRkYmRlNWEwZTVjMTgwMDZm
NzU0MDgwHhcNMjUxMTExMDMwMTIxWhcNMjUxMTEyMDMwMTIxWjAzMTEwLwYDVQQD
EygwYjMyMTIwY2VlNzBiM2FmMDlmZjgzOTI0YzhlYTdhMjI4MjllYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymGK3ii75A8ZZSSGRe3wnUqPq956
YzORk08E2OVBy+LxR05IQS6O7BOoboJ51BZRO7Zw4EC6XzRCtzcIi7rVn2PDNaGJ
heVymxUS0tBlHmEaScqKv6AHtWaTPsYYs2xKYNGfTKBwSZmbdiT2lvnBjEi+9EmI
ciQGhyIrBTuDDEL7bWDnrpqtxDLTIA399iI1YokRp4lq+yjvQX/LWrQY+SeEFXdQ
WUBdKg+8zKTga8ssIFFmFviEngBv1oDOJt8S/cW+LBkJHvHCUhBlAKGVyK0623Gr
WjfGod7ZcqKMPkOP5pWVUp/Yjcto1KFZ+sG8vSlM6a+gXk/KdEdfszB84wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsyEgzucLOvCf+DkkyOp6IoKesBMB8GA1UdIwQY
MBaAFD12fV/n7z8ii9295aDlwYAG91QIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhaOVgtZnZQeUtMM2IzbG9PWEJnQWIzVkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8wNzQ5ODItZGIwMS00NzQ3LTlkMTIt
ZmY3MmU0ZmE5M2E1LzEvUFhaOVgtZnZQeUtMM2IzbG9PWEJnQWIzVkFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8wNzQ5ODItZGIwMS00NzQ3LTlkMTItZmY3MmU0ZmE5M2E1
LzEvUFhaOVgtZnZQeUtMM2IzbG9PWEJnQWIzVkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU9B8UiVM
q6/aNWZLJpwyy+4vqR5clUIqzGVGNllbuZW6CkZjz2wi/Smb+uyLAFaR+dJtSfu3
ClEeJqJWIAT4Q94EQftVOzFp+4a9Xhep2CtJOwgBleu05nYwalx6jvRDoC1NMUJI
wBfcDne5qWS/G59+9pYAVovCCMGdscMCI5uyjGAa6exbFGKXAx7Z+DrZ4OIqJOfo
ChtU+TTHD9YnKhFUu2vgxYG4aN/rGniHoNK+IpiX/4FFKXnPJbe4ZBXfocfU//rJ
5lLsMXcTP/eU2K6vGlNaWnWAcXqWGfWGT0flwsT1UKBmE6VhtR2qgx1qkVUF723v
Cg74kp9/J88nYQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:39:14 2025 by rpki-client