Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.mft
File: pgD8lkBCiaxYthBH3fhiGH9asn4.mft (raw, json)
Hash identifier: wauToUes0OuyI2g3FGi5EoqWDGVJbvRfmOCWbL1kfQM=
Subject key identifier: 37:00:48:A6:FE:D3:B0:1B:06:B2:16:81:34:29:CC:FD:CA:13:4F:EB
Authority key identifier: A6:00:FC:96:40:42:89:AC:58:B6:10:47:DD:F8:62:18:7F:5A:B2:7E
Certificate issuer: /CN=a600fc96404289ac58b61047ddf862187f5ab27e
Certificate serial: 0199FFFE8C0AC49A1588C95F281F75574605
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.mft
Manifest number: 16E5
Signing time: Mon 20 Oct 2025 05:01:36 +0000
Manifest this update: Mon 20 Oct 2025 05:01:36 +0000
Manifest next update: Tue 21 Oct 2025 05:01:36 +0000
Files and hashes: 1: BFaJClF3p4qT7dCc22lWmwjl7l0.roa (hash: 8kW6E4fmgwFFVui51mNwFwgDzJW114zoN23nienu6x8=)
2: pgD8lkBCiaxYthBH3fhiGH9asn4.crl (hash: ZRAXaJDa+2UPIx63DsKJYIQCCsOjMOVWaINEiLucRjY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:8c:0a:c4:9a:15:88:c9:5f:28:1f:75:57:46:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a600fc96404289ac58b61047ddf862187f5ab27e
Validity
Not Before: Oct 20 05:01:36 2025 GMT
Not After : Oct 21 05:01:36 2025 GMT
Subject: CN=370048a6fed3b01b06b216813429ccfdca134feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d4:07:bd:77:2b:1d:23:26:d6:85:fd:4d:9b:
df:d3:26:bd:c7:57:e8:d9:4b:27:fa:3f:5f:f2:18:
aa:3b:94:da:fc:00:00:15:48:49:7c:d4:cb:d4:0e:
16:2f:ae:58:83:f1:d8:0b:db:5b:9d:a7:35:66:df:
5f:ac:bc:49:b1:8b:50:85:cd:33:1d:db:cf:be:89:
c5:9e:f6:fc:b9:7a:93:85:2d:9b:8f:8c:a5:8a:af:
bd:5e:17:59:9d:3c:ce:5d:9c:cd:79:57:62:ed:f7:
b5:f6:38:4a:6e:5c:04:a0:7c:49:62:b9:44:d3:31:
6d:80:d1:e6:ae:01:59:b8:45:4c:e7:0c:d8:96:38:
37:ff:87:7e:9a:17:dc:20:b0:70:6c:4e:64:84:d3:
71:35:33:48:5b:4d:37:01:73:71:26:3e:a4:8e:da:
13:0b:f8:e2:e8:a1:41:48:84:76:7a:e4:b1:b6:ca:
5a:3d:48:66:27:ae:48:4c:1a:e1:18:2e:98:c8:f9:
b7:01:5b:f5:f0:28:57:6c:01:6a:46:8a:63:d3:0f:
e8:c6:ce:72:19:3d:2c:a3:ae:ca:54:94:1e:57:21:
8e:2a:51:95:32:4f:db:c8:65:4f:40:76:27:18:61:
5b:a5:24:ab:a7:35:5d:7b:e5:99:17:aa:f2:03:5e:
b0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:00:48:A6:FE:D3:B0:1B:06:B2:16:81:34:29:CC:FD:CA:13:4F:EB
X509v3 Authority Key Identifier:
keyid:A6:00:FC:96:40:42:89:AC:58:B6:10:47:DD:F8:62:18:7F:5A:B2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:80:38:17:09:9e:c3:d2:24:06:c4:57:c5:03:00:72:33:d1:
17:7a:a9:5a:75:e0:b9:66:7c:9b:a6:bf:3a:29:8a:f3:73:8a:
b0:b2:db:da:47:30:fe:2c:f7:14:63:ee:1c:37:21:4d:e3:36:
e4:80:c1:4a:f3:28:37:b1:96:61:93:70:fb:6e:d4:cf:e7:a2:
09:30:e5:06:70:4b:0a:45:47:d7:54:d4:61:e4:5c:b3:27:9d:
ab:d8:45:fd:82:2b:07:6d:7d:5a:76:1f:4c:0c:ad:a1:30:cb:
20:91:f3:22:c6:da:1f:a8:18:c5:6a:f0:ca:cc:d5:45:90:19:
b5:66:81:57:ed:20:c8:00:ed:39:cf:e1:b3:c8:12:68:a8:08:
e5:8c:32:7a:87:41:41:35:9d:f8:bf:29:84:a7:54:ef:15:51:
26:5e:05:84:0f:76:d4:67:ef:b3:08:03:29:41:9c:60:37:97:
b2:0e:59:d7:5a:7f:26:fa:cf:e6:0a:a4:a5:b2:a1:c4:7f:44:
5f:29:e2:c3:af:03:ba:9f:f9:7c:c9:46:f8:14:7b:73:2e:02:
b2:d1:0e:4e:10:26:33:b6:99:5f:3b:29:e3:dc:2b:38:5a:41:
07:d0:c5:db:d6:08:b4:6b:c0:07:52:ad:53:45:d4:d5:42:e3:
3e:57:93:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//owKxJoViMlfKB91V0YFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDBmYzk2NDA0Mjg5YWM1OGI2MTA0N2RkZjg2MjE4N2Y1
YWIyN2UwHhcNMjUxMDIwMDUwMTM2WhcNMjUxMDIxMDUwMTM2WjAzMTEwLwYDVQQD
EygzNzAwNDhhNmZlZDNiMDFiMDZiMjE2ODEzNDI5Y2NmZGNhMTM0ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tQHvXcrHSMm1oX9TZvf0ya9x1fo
2Usn+j9f8hiqO5Ta/AAAFUhJfNTL1A4WL65Yg/HYC9tbnac1Zt9frLxJsYtQhc0z
HdvPvonFnvb8uXqThS2bj4yliq+9XhdZnTzOXZzNeVdi7fe19jhKblwEoHxJYrlE
0zFtgNHmrgFZuEVM5wzYljg3/4d+mhfcILBwbE5khNNxNTNIW003AXNxJj6kjtoT
C/ji6KFBSIR2euSxtspaPUhmJ65ITBrhGC6YyPm3AVv18ChXbAFqRopj0w/oxs5y
GT0so67KVJQeVyGOKlGVMk/byGVPQHYnGGFbpSSrpzVde+WZF6ryA16wlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcASKb+07AbBrIWgTQpzP3KE0/rMB8GA1UdIwQY
MBaAFKYA/JZAQomsWLYQR934Yhh/WrJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdEOGxrQkNpYXhZdGhCSDNmaGlHSDlhc240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zZDdiOGEtZTA3NC00ZjE2LWE2Mjkt
MjEyOGQ4NDBjNDI5LzEvcGdEOGxrQkNpYXhZdGhCSDNmaGlHSDlhc240Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zZDdiOGEtZTA3NC00ZjE2LWE2MjktMjEyOGQ4NDBjNDI5
LzEvcGdEOGxrQkNpYXhZdGhCSDNmaGlHSDlhc240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4A4Fwme
w9IkBsRXxQMAcjPRF3qpWnXguWZ8m6a/OimK83OKsLLb2kcw/iz3FGPuHDchTeM2
5IDBSvMoN7GWYZNw+27Uz+eiCTDlBnBLCkVH11TUYeRcsyedq9hF/YIrB219WnYf
TAytoTDLIJHzIsbaH6gYxWrwyszVRZAZtWaBV+0gyADtOc/hs8gSaKgI5YwyeodB
QTWd+L8phKdU7xVRJl4FhA921GfvswgDKUGcYDeXsg5Z11p/JvrP5gqkpbKhxH9E
Xyniw68Dup/5fMlG+BR7cy4CstEOThAmM7aZXzsp49wrOFpBB9DF29YItGvAB1Kt
U0XU1ULjPleTEw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:22:39 2025 by rpki-client