Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/PzTUjYQaUqQifUn6PvhbpavyIkg.mft
File: PzTUjYQaUqQifUn6PvhbpavyIkg.mft (raw, json)
Hash identifier: 7+JU8Fk43TQcxBP2pR2atrvzu2dlCYIROSuWISHxyFM=
Subject key identifier: 5F:76:05:CF:CC:50:72:BC:37:8F:49:31:CF:A4:54:C2:63:7E:B7:CF
Authority key identifier: 3F:34:D4:8D:84:1A:52:A4:22:7D:49:FA:3E:F8:5B:A5:AB:F2:22:48
Certificate issuer: /CN=3f34d48d841a52a4227d49fa3ef85ba5abf22248
Certificate serial: 019A71EEEE0D8562AE05F33E0421D86A3977
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PzTUjYQaUqQifUn6PvhbpavyIkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/PzTUjYQaUqQifUn6PvhbpavyIkg.mft
Manifest number: 0635
Signing time: Tue 11 Nov 2025 08:01:15 +0000
Manifest this update: Tue 11 Nov 2025 08:01:15 +0000
Manifest next update: Wed 12 Nov 2025 08:01:15 +0000
Files and hashes: 1: 3AeTUsXDpEDl-IBh12u95RTXsxA.roa (hash: xYJhYHzSW71ucg3KnoWi7bZYFU9f0FjUJ5BTtmWX8vQ=)
2: PzTUjYQaUqQifUn6PvhbpavyIkg.crl (hash: KijkVaRoj++Bdd1gYnJvtZpC43NbER496P7K1fBLPCg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/PzTUjYQaUqQifUn6PvhbpavyIkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/PzTUjYQaUqQifUn6PvhbpavyIkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PzTUjYQaUqQifUn6PvhbpavyIkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ee:0d:85:62:ae:05:f3:3e:04:21:d8:6a:39:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f34d48d841a52a4227d49fa3ef85ba5abf22248
Validity
Not Before: Nov 11 08:01:15 2025 GMT
Not After : Nov 12 08:01:15 2025 GMT
Subject: CN=5f7605cfcc5072bc378f4931cfa454c2637eb7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:88:90:8a:b8:61:d2:2a:32:2e:ae:b9:93:
51:bc:be:1c:f7:39:d6:6c:aa:66:14:df:80:7a:19:
ee:63:a7:c2:15:85:9b:21:5b:d2:da:76:c6:09:ce:
a0:5a:fc:86:d0:93:30:ec:83:05:c7:f5:1b:45:e0:
d5:39:c5:0a:67:ca:6a:85:06:2c:90:5d:32:1d:4b:
2b:c6:3b:16:fc:89:24:14:90:95:b6:72:63:64:36:
87:f9:8d:fb:96:81:6e:76:be:28:12:d9:cc:ed:37:
bb:77:a8:8b:4f:9b:d9:de:69:c6:fd:d9:3b:a1:78:
dd:3f:88:c8:8f:1f:75:40:35:ef:fe:01:d4:67:7f:
bc:d2:af:49:68:81:41:98:e7:1b:91:8c:20:67:4a:
e7:c2:6b:3d:0c:f3:5a:da:d8:34:53:1e:0b:51:65:
81:ae:f4:e6:83:d7:25:dc:6a:0a:84:e4:8c:67:fc:
ad:ae:c0:56:03:eb:a4:e8:0a:97:fa:cc:dc:ac:84:
ea:df:cd:5d:4a:15:47:a8:00:df:42:72:d8:10:28:
44:ce:37:74:0b:50:2c:aa:da:61:e4:24:6c:c5:92:
7e:dc:e2:2d:ea:71:cc:12:bb:9c:36:c2:da:c3:32:
95:98:c5:32:fd:d2:e9:dc:52:05:ad:45:b7:44:17:
df:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:76:05:CF:CC:50:72:BC:37:8F:49:31:CF:A4:54:C2:63:7E:B7:CF
X509v3 Authority Key Identifier:
keyid:3F:34:D4:8D:84:1A:52:A4:22:7D:49:FA:3E:F8:5B:A5:AB:F2:22:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzTUjYQaUqQifUn6PvhbpavyIkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/PzTUjYQaUqQifUn6PvhbpavyIkg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/PzTUjYQaUqQifUn6PvhbpavyIkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:96:33:58:26:58:d2:a9:a3:53:fc:4b:1a:09:77:fe:cb:cb:
2b:78:06:ff:32:be:9a:7f:24:72:f2:f8:f4:ad:c5:a4:96:ce:
f8:99:e9:c2:75:a9:89:a8:79:6a:6c:ac:26:f4:74:f9:b0:ee:
c5:b3:f4:ff:4f:a2:fa:e9:cc:6c:37:94:42:62:84:54:77:9b:
97:bc:a9:03:6b:2d:05:4c:23:fa:a3:b9:65:80:ee:7f:db:e7:
ad:2a:bf:09:5a:80:c7:c1:ab:a2:89:f9:78:c2:0f:2a:7a:2e:
03:ad:01:e7:6b:5e:70:c0:d2:f9:e2:4a:ab:02:d1:8c:4b:d5:
ba:8f:27:93:de:a8:a2:25:14:de:5e:1d:38:a6:b5:d8:de:9f:
b0:44:39:ad:98:08:e3:a7:ac:d7:69:de:d4:ee:8e:7f:85:9b:
5d:91:4d:d5:40:c0:be:c6:0b:81:04:dc:53:1e:b8:42:ef:09:
85:ac:21:39:f5:15:7a:ca:8a:03:bb:be:e8:87:20:86:0f:4f:
07:51:19:27:8d:bd:64:4b:62:1d:e7:18:e5:a2:a1:ea:8c:38:
53:9f:f8:ac:72:90:53:09:dc:42:26:49:86:72:e0:cf:4f:db:
55:48:4e:dc:08:23:24:90:b4:9a:20:ad:d4:77:b6:7e:c5:20:
c0:7a:e3:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7u4NhWKuBfM+BCHYajl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzRkNDhkODQxYTUyYTQyMjdkNDlmYTNlZjg1YmE1YWJm
MjIyNDgwHhcNMjUxMTExMDgwMTE1WhcNMjUxMTEyMDgwMTE1WjAzMTEwLwYDVQQD
Eyg1Zjc2MDVjZmNjNTA3MmJjMzc4ZjQ5MzFjZmE0NTRjMjYzN2ViN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojeIkIq4YdIqMi6uuZNRvL4c9znW
bKpmFN+AehnuY6fCFYWbIVvS2nbGCc6gWvyG0JMw7IMFx/UbReDVOcUKZ8pqhQYs
kF0yHUsrxjsW/IkkFJCVtnJjZDaH+Y37loFudr4oEtnM7Te7d6iLT5vZ3mnG/dk7
oXjdP4jIjx91QDXv/gHUZ3+80q9JaIFBmOcbkYwgZ0rnwms9DPNa2tg0Ux4LUWWB
rvTmg9cl3GoKhOSMZ/ytrsBWA+uk6AqX+szcrITq381dShVHqADfQnLYEChEzjd0
C1Asqtph5CRsxZJ+3OIt6nHMErucNsLawzKVmMUy/dLp3FIFrUW3RBfffQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF92Bc/MUHK8N49JMc+kVMJjfrfPMB8GA1UdIwQY
MBaAFD801I2EGlKkIn1J+j74W6Wr8iJIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpUVWpZUWFVcVFpZlVuNlB2aGJwYXZ5SWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lYjcwMzctZGVlZC00YTIzLWIzYTQt
MDQ1OGMxNWNmZDBiLzEvUHpUVWpZUWFVcVFpZlVuNlB2aGJwYXZ5SWtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lYjcwMzctZGVlZC00YTIzLWIzYTQtMDQ1OGMxNWNmZDBi
LzEvUHpUVWpZUWFVcVFpZlVuNlB2aGJwYXZ5SWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASJYzWCZY
0qmjU/xLGgl3/svLK3gG/zK+mn8kcvL49K3FpJbO+JnpwnWpiah5amysJvR0+bDu
xbP0/0+i+unMbDeUQmKEVHebl7ypA2stBUwj+qO5ZYDuf9vnrSq/CVqAx8Groon5
eMIPKnouA60B52tecMDS+eJKqwLRjEvVuo8nk96ooiUU3l4dOKa12N6fsEQ5rZgI
46es12ne1O6Of4WbXZFN1UDAvsYLgQTcUx64Qu8JhawhOfUVesqKA7u+6Icghg9P
B1EZJ429ZEtiHecY5aKh6ow4U5/4rHKQUwncQiZJhnLgz0/bVUhO3AgjJJC0miCt
1He2fsUgwHrjig==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:08 2025 by rpki-client