Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
File: pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft (raw, json)
Hash identifier: nFcNZv0RhWLynlkePB/8jrZIVuDO4hdsLkOidwEYunw=
Subject key identifier: 28:71:79:A1:92:63:6C:F8:57:69:73:42:2B:D1:F0:26:B8:63:68:AB
Authority key identifier: A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1
Certificate issuer: /CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
Certificate serial: 019A4DE2075136EED1CF617984039CA0260F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
Manifest number: 03A0
Signing time: Tue 04 Nov 2025 08:00:49 +0000
Manifest this update: Tue 04 Nov 2025 08:00:49 +0000
Manifest next update: Wed 05 Nov 2025 08:00:49 +0000
Files and hashes: 1: aU9nU6J43VKML7pOttC9ZY6jQ98.roa (hash: FbRy0Mzafv2hiOEuNsxPoMw70K3GoSJZXHuz7LnmQeE=)
2: pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl (hash: lJ+ZBNTtJ6u301LXjzJcpLVESACuW8FrFAJJs344R7o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:07:51:36:ee:d1:cf:61:79:84:03:9c:a0:26:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
Validity
Not Before: Nov 4 08:00:49 2025 GMT
Not After : Nov 5 08:00:49 2025 GMT
Subject: CN=287179a192636cf8576973422bd1f026b86368ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4f:49:25:2c:bd:dc:9b:8c:21:7f:d6:e7:c3:
0a:15:18:c5:33:d8:73:9f:6b:4b:3b:fa:45:81:26:
8b:47:98:44:6a:de:d7:b5:12:f1:e9:f2:a6:70:95:
36:54:50:bc:ac:53:22:5b:ae:b9:e8:55:7e:6c:f2:
83:cf:7b:99:5c:a9:b6:15:81:bc:1c:6e:49:ce:00:
c6:cd:ad:ed:da:6a:4d:68:af:01:9d:ca:6b:c4:43:
75:60:ce:83:4a:77:5c:92:d7:5c:92:71:ae:bc:2b:
9b:1b:12:b4:4a:bb:66:09:a8:61:09:15:8e:f2:7f:
4a:7b:4b:20:4c:ea:97:25:ec:d3:8d:c7:2a:f6:99:
21:7a:3d:2c:c2:13:4b:12:1f:d7:11:0e:32:2f:85:
13:3d:f6:13:a4:6e:83:ef:54:be:a3:1d:52:5d:80:
cd:48:2a:10:e8:f9:47:cd:57:84:a6:c3:17:1b:87:
88:c5:ff:9e:4f:40:a6:e3:c7:81:f0:51:97:c9:c4:
91:6c:3e:92:d0:2d:b9:b5:68:b4:ac:49:22:a4:6a:
3f:10:c5:1b:34:34:3b:b8:51:0e:51:37:21:d4:ca:
bb:df:e1:69:9e:47:52:90:3e:75:bb:b2:3e:97:cb:
12:f5:be:fd:9b:47:65:4c:63:5d:6b:83:ca:24:55:
ca:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:71:79:A1:92:63:6C:F8:57:69:73:42:2B:D1:F0:26:B8:63:68:AB
X509v3 Authority Key Identifier:
keyid:A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:38:b9:84:e3:8b:df:6d:a7:ef:0e:bf:8d:f9:53:0f:f0:52:
af:65:49:a8:2c:d3:0a:20:8a:37:7f:2d:4e:86:a2:1c:c1:eb:
10:34:87:af:7a:ea:10:40:83:83:4b:57:b3:f0:33:38:89:4f:
4e:8b:b3:81:10:4e:0e:b1:8a:f4:76:6a:eb:be:3a:dc:0f:6d:
5a:34:1b:67:50:5c:95:3a:b2:f2:06:f5:9f:bf:63:ca:32:dd:
88:fd:e8:2c:ad:a2:14:e8:72:97:06:d9:e8:5d:1d:68:fb:cb:
b4:da:de:98:c6:9a:ce:e8:02:2e:af:3f:a4:78:d4:f1:2a:67:
63:f0:04:f5:26:3d:60:96:97:72:38:01:a6:d5:a0:83:32:5b:
df:80:68:eb:e5:08:98:84:33:13:3c:f8:3e:f2:37:7e:3f:b8:
96:f5:f7:e5:10:a8:61:b4:93:24:58:ad:f1:da:6a:a8:46:c5:
96:36:ad:a9:7f:0c:e1:21:8c:dc:13:7d:f0:56:26:43:1c:58:
fd:4f:90:9d:06:c5:6c:c3:bd:6c:ef:00:a7:65:1c:db:ce:03:
1d:12:f8:15:92:be:e1:27:76:43:dd:fd:3c:ca:92:26:83:54:
3e:c8:ca:dd:3f:cf:ca:e4:09:8a:b9:b0:77:3c:05:38:ee:63:
93:89:96:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gdRNu7Rz2F5hAOcoCYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjU1MzNhNTI3YjI2NGNhMmU4MzczMjg1ZDc4MGQzM2Ey
YmQwYTEwHhcNMjUxMTA0MDgwMDQ5WhcNMjUxMTA1MDgwMDQ5WjAzMTEwLwYDVQQD
EygyODcxNzlhMTkyNjM2Y2Y4NTc2OTczNDIyYmQxZjAyNmI4NjM2OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE9JJSy93JuMIX/W58MKFRjFM9hz
n2tLO/pFgSaLR5hEat7XtRLx6fKmcJU2VFC8rFMiW6656FV+bPKDz3uZXKm2FYG8
HG5JzgDGza3t2mpNaK8BncprxEN1YM6DSndcktdcknGuvCubGxK0SrtmCahhCRWO
8n9Ke0sgTOqXJezTjccq9pkhej0swhNLEh/XEQ4yL4UTPfYTpG6D71S+ox1SXYDN
SCoQ6PlHzVeEpsMXG4eIxf+eT0Cm48eB8FGXycSRbD6S0C25tWi0rEkipGo/EMUb
NDQ7uFEOUTch1Mq73+FpnkdSkD51u7I+l8sS9b79m0dlTGNda4PKJFXKEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChxeaGSY2z4V2lzQivR8Ca4Y2irMB8GA1UdIwQY
MBaAFKT1UzpSeyZMoug3MoXXgNM6K9ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYt
NDI0NDYyYmM5NDliLzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYtNDI0NDYyYmM5NDli
LzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANTi5hOOL
322n7w6/jflTD/BSr2VJqCzTCiCKN38tToaiHMHrEDSHr3rqEECDg0tXs/AzOIlP
TouzgRBODrGK9HZq67463A9tWjQbZ1BclTqy8gb1n79jyjLdiP3oLK2iFOhylwbZ
6F0daPvLtNremMaazugCLq8/pHjU8SpnY/AE9SY9YJaXcjgBptWggzJb34Bo6+UI
mIQzEzz4PvI3fj+4lvX35RCoYbSTJFit8dpqqEbFljatqX8M4SGM3BN98FYmQxxY
/U+QnQbFbMO9bO8Ap2Uc284DHRL4FZK+4Sd2Q939PMqSJoNUPsjK3T/PyuQJirmw
dzwFOO5jk4mWAA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 13:38:43 2025 by rpki-client