Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
File: pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft (raw, json)
Hash identifier: HiEC3r4CX7hOMR3tqFm9d6KRhBq9hXJX8I5+rrRpE1Y=
Subject key identifier: 13:E9:A9:BC:BA:18:5B:AC:27:54:F9:BA:53:25:B0:24:8A:6F:BC:08
Authority key identifier: A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1
Certificate issuer: /CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
Certificate serial: 019916F630DC964E5750EBD6304CFD646A2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
Manifest number: 02FF
Signing time: Thu 04 Sep 2025 23:00:57 +0000
Manifest this update: Thu 04 Sep 2025 23:00:57 +0000
Manifest next update: Fri 05 Sep 2025 23:00:57 +0000
Files and hashes: 1: aU9nU6J43VKML7pOttC9ZY6jQ98.roa (hash: FbRy0Mzafv2hiOEuNsxPoMw70K3GoSJZXHuz7LnmQeE=)
2: pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl (hash: OHcvLxJ9Hd8T1oyBIw6iSvgor2NFmHrKNHHMq6YKjU8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 23:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:16:f6:30:dc:96:4e:57:50:eb:d6:30:4c:fd:64:6a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
Validity
Not Before: Sep 4 23:00:57 2025 GMT
Not After : Sep 5 23:00:57 2025 GMT
Subject: CN=13e9a9bcba185bac2754f9ba5325b0248a6fbc08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:07:c9:6a:8a:cb:b6:f1:e6:be:ab:e4:37:
24:12:ac:1e:70:48:a7:e4:a8:43:d6:72:0c:3a:e9:
79:ea:a9:a9:1d:d3:e0:91:58:e0:d6:6d:6e:b5:5f:
41:ea:85:02:44:99:9b:74:a0:63:18:b4:ef:a8:41:
15:86:33:e2:53:85:43:5f:f0:af:bf:90:00:bc:36:
6e:8b:b8:11:04:57:9f:50:8b:5f:56:00:3c:d4:ea:
47:fe:1e:3d:6d:db:5d:a0:e8:24:c8:4b:9b:7a:ad:
2d:36:2f:a8:c5:d9:d3:d8:e1:22:1c:32:4b:ac:45:
5a:e4:9d:9a:bb:bd:f2:47:e8:3c:3b:fd:eb:2f:aa:
67:80:0f:af:85:04:89:b0:00:72:ab:e1:f9:33:45:
e7:db:18:88:47:80:f1:39:fb:28:2a:30:c6:9d:0d:
e7:38:63:23:ae:d9:51:ee:85:ad:56:6a:e5:8e:b0:
5c:75:c6:38:f3:4c:05:bf:d7:bd:5d:b3:7c:4e:59:
f7:fa:01:49:6f:74:cf:6a:fa:36:f6:3b:eb:73:16:
52:92:94:4e:fe:25:e2:b0:98:7a:dc:b0:68:3e:0b:
98:71:3f:d4:81:79:e4:09:94:82:22:fd:cd:1f:fb:
98:6c:32:b2:2a:60:ad:d8:4a:e5:93:0e:c4:31:63:
3c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E9:A9:BC:BA:18:5B:AC:27:54:F9:BA:53:25:B0:24:8A:6F:BC:08
X509v3 Authority Key Identifier:
keyid:A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:02:b1:92:26:9a:31:1d:7b:1c:c3:3f:ab:d8:14:66:df:34:
49:68:06:36:08:71:2b:b5:d5:58:1a:0b:b4:90:72:f1:be:5b:
6a:4a:c6:90:1b:58:13:ed:1e:5c:5a:17:f8:00:b4:8d:90:6c:
ee:b4:fa:11:e0:e4:3a:46:db:ce:fe:11:23:14:7d:4b:1a:50:
50:06:9d:d0:40:b2:eb:06:48:c9:3c:43:20:30:d9:f4:4a:13:
e5:a6:fa:1d:b2:18:d3:fd:1c:54:26:65:fe:56:38:4e:c6:e6:
f2:a3:48:51:7a:e7:cd:d8:52:c4:8c:f4:4a:77:13:30:cc:3e:
f8:5f:90:01:6d:5d:cc:f9:5e:11:d1:c9:4d:eb:e9:e7:89:89:
fa:91:17:6d:97:d2:04:61:34:a8:c1:58:f5:99:ba:02:b2:bb:
51:62:c9:c3:23:c5:d8:9b:f2:a6:77:71:d5:23:29:a3:72:b4:
be:ee:bb:68:4f:44:17:fc:cc:94:bf:7f:0f:ee:f2:77:7a:63:
95:c6:25:f2:a7:24:31:e6:da:fe:89:72:49:dd:c0:ab:d6:88:
ac:7a:64:c9:5e:bd:25:fa:3a:15:63:a8:f5:93:87:cb:74:0d:
d1:61:cd:50:44:ae:b2:e4:54:0c:f3:c1:23:e2:2b:fc:f4:f3:
c0:ab:7f:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkW9jDclk5XUOvWMEz9ZGovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjU1MzNhNTI3YjI2NGNhMmU4MzczMjg1ZDc4MGQzM2Ey
YmQwYTEwHhcNMjUwOTA0MjMwMDU3WhcNMjUwOTA1MjMwMDU3WjAzMTEwLwYDVQQD
EygxM2U5YTliY2JhMTg1YmFjMjc1NGY5YmE1MzI1YjAyNDhhNmZiYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviQHyWqKy7bx5r6r5DckEqwecEin
5KhD1nIMOul56qmpHdPgkVjg1m1utV9B6oUCRJmbdKBjGLTvqEEVhjPiU4VDX/Cv
v5AAvDZui7gRBFefUItfVgA81OpH/h49bdtdoOgkyEubeq0tNi+oxdnT2OEiHDJL
rEVa5J2au73yR+g8O/3rL6pngA+vhQSJsAByq+H5M0Xn2xiIR4DxOfsoKjDGnQ3n
OGMjrtlR7oWtVmrljrBcdcY480wFv9e9XbN8Tln3+gFJb3TPavo29jvrcxZSkpRO
/iXisJh63LBoPguYcT/UgXnkCZSCIv3NH/uYbDKyKmCt2Erlkw7EMWM8CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPpqby6GFusJ1T5ulMlsCSKb7wIMB8GA1UdIwQY
MBaAFKT1UzpSeyZMoug3MoXXgNM6K9ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYt
NDI0NDYyYmM5NDliLzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYtNDI0NDYyYmM5NDli
LzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwKxkiaa
MR17HMM/q9gUZt80SWgGNghxK7XVWBoLtJBy8b5bakrGkBtYE+0eXFoX+AC0jZBs
7rT6EeDkOkbbzv4RIxR9SxpQUAad0ECy6wZIyTxDIDDZ9EoT5ab6HbIY0/0cVCZl
/lY4Tsbm8qNIUXrnzdhSxIz0SncTMMw++F+QAW1dzPleEdHJTevp54mJ+pEXbZfS
BGE0qMFY9Zm6ArK7UWLJwyPF2Jvypndx1SMpo3K0vu67aE9EF/zMlL9/D+7yd3pj
lcYl8qckMeba/olySd3Aq9aIrHpkyV69Jfo6FWOo9ZOHy3QN0WHNUESusuRUDPPB
I+Ir/PTzwKt/ow==
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:34:52 2025 by rpki-client