Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: LzlrOpFGLZBVeaHr1pw4Cm+kUZqhiYK+sumTys6GcdY=
Subject key identifier: 50:3B:DC:F0:40:CB:DA:DB:F1:17:3E:33:19:4E:4D:C7:A7:0E:78:BF
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 0198D5BBE74624DCE1995C7F5296556A9682
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 1030
Signing time: Sat 23 Aug 2025 07:01:58 +0000
Manifest this update: Sat 23 Aug 2025 07:01:58 +0000
Manifest next update: Sun 24 Aug 2025 07:01:58 +0000
Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: s0OpUuM9xembvoFc1pe5eWJX959h1BsJgwIN0AdyaHE=)
2: jH9C8p9nitrfAItNyA_YLJEP6ds.roa (hash: qAfQVpQ0k0QfJ2KTETvmr94XZk/rf+3SC4Qevdx1ZDY=)
3: tah1yfASreRchTqTj8AtcpkBGXY.roa (hash: 3mvJQGarrUT5b42icY1PPyWBBa9VfBbfud+/MFWuiN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bb:e7:46:24:dc:e1:99:5c:7f:52:96:55:6a:96:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Aug 23 07:01:58 2025 GMT
Not After : Aug 24 07:01:58 2025 GMT
Subject: CN=503bdcf040cbdadbf1173e33194e4dc7a70e78bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cd:a6:e0:98:2d:c8:b4:e4:62:7a:e7:5d:b3:
4e:37:98:c4:bd:44:dd:4e:10:40:b8:ed:c1:b8:95:
d7:d4:fc:3f:85:86:6e:13:a7:a2:69:1c:41:93:d7:
a6:be:9e:b3:24:88:85:5a:3e:7a:f0:04:ef:8b:48:
95:02:25:d5:0f:34:10:80:01:7a:a7:95:bc:de:2b:
2f:8d:64:39:70:94:e1:63:ca:4f:3b:0c:76:b5:ab:
a3:85:2b:a0:6b:69:e3:eb:bc:1f:52:a4:09:a6:58:
66:9c:15:52:8a:c5:93:90:3a:73:a7:56:ba:c1:78:
6c:76:4e:ba:03:28:47:0f:1f:8b:cf:17:0d:fb:df:
77:31:d0:bc:a4:84:68:d4:c2:0e:6f:4a:4b:97:70:
39:f9:fd:18:72:c1:2f:b7:a4:d0:02:21:6e:fa:8d:
9c:c6:b9:72:84:59:14:1d:69:b9:c2:97:2d:52:31:
73:f3:20:66:bd:d4:ae:50:8e:d9:3f:78:fe:50:80:
41:3d:3e:74:c2:14:6e:f9:36:3f:02:c4:60:51:10:
89:82:48:12:f4:96:97:bb:a9:2c:95:19:a5:df:cd:
1e:b7:6b:d0:22:98:a7:98:ee:16:90:fe:2a:92:f0:
02:f4:de:21:f8:90:0a:b8:10:53:aa:26:71:f7:8b:
f5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3B:DC:F0:40:CB:DA:DB:F1:17:3E:33:19:4E:4D:C7:A7:0E:78:BF
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:8c:a5:06:77:18:9d:39:05:54:ff:54:8e:56:38:da:99:c1:
38:b6:46:47:c3:be:04:fe:c8:40:c4:2c:9a:af:35:e8:64:91:
76:70:f9:f8:e6:53:8b:8a:40:36:4f:f8:a3:30:d5:cd:61:d8:
f8:75:b5:28:11:1d:31:b0:ab:43:1a:6c:1a:25:13:06:91:8c:
37:4b:97:d3:a0:3a:76:6a:80:b6:1a:43:8c:2f:c5:2d:f0:02:
fe:94:8a:4b:4e:d3:81:74:f5:f0:60:b9:b4:95:4f:71:1f:f8:
0e:b6:1d:f5:a7:19:95:ec:a8:37:c0:66:27:6f:0b:57:98:b6:
44:77:d5:73:d5:bf:5d:16:30:33:e8:ac:15:81:e1:c6:f2:29:
d6:b7:b5:8e:b5:3f:36:21:53:b4:ca:af:b2:24:74:04:9b:79:
0f:e6:ad:69:d3:0b:5f:f8:a7:d1:b5:88:e4:c3:e5:3a:32:6d:
f6:4d:50:3e:2f:df:3b:12:41:ce:c3:55:77:8d:0e:49:60:c7:
bf:27:27:e9:c0:38:48:b1:bd:51:b7:de:c6:75:b4:f3:26:80:
88:91:ca:80:d8:7c:c0:73:bc:70:5b:1d:00:39:98:05:af:47:
34:98:56:01:22:90:77:72:91:7e:2f:45:38:48:3a:c2:ad:d3:
86:bf:9a:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu+dGJNzhmVx/UpZVapaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjUwODIzMDcwMTU4WhcNMjUwODI0MDcwMTU4WjAzMTEwLwYDVQQD
Eyg1MDNiZGNmMDQwY2JkYWRiZjExNzNlMzMxOTRlNGRjN2E3MGU3OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs2m4JgtyLTkYnrnXbNON5jEvUTd
ThBAuO3BuJXX1Pw/hYZuE6eiaRxBk9emvp6zJIiFWj568ATvi0iVAiXVDzQQgAF6
p5W83isvjWQ5cJThY8pPOwx2taujhSuga2nj67wfUqQJplhmnBVSisWTkDpzp1a6
wXhsdk66AyhHDx+LzxcN+993MdC8pIRo1MIOb0pLl3A5+f0YcsEvt6TQAiFu+o2c
xrlyhFkUHWm5wpctUjFz8yBmvdSuUI7ZP3j+UIBBPT50whRu+TY/AsRgURCJgkgS
9JaXu6kslRml380et2vQIpinmO4WkP4qkvAC9N4h+JAKuBBTqiZx94v1hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFA73PBAy9rb8Rc+MxlOTcenDni/MB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIylBncY
nTkFVP9UjlY42pnBOLZGR8O+BP7IQMQsmq816GSRdnD5+OZTi4pANk/4ozDVzWHY
+HW1KBEdMbCrQxpsGiUTBpGMN0uX06A6dmqAthpDjC/FLfAC/pSKS07TgXT18GC5
tJVPcR/4DrYd9acZleyoN8BmJ28LV5i2RHfVc9W/XRYwM+isFYHhxvIp1re1jrU/
NiFTtMqvsiR0BJt5D+atadMLX/in0bWI5MPlOjJt9k1QPi/fOxJBzsNVd40OSWDH
vycn6cA4SLG9UbfexnW08yaAiJHKgNh8wHO8cFsdADmYBa9HNJhWASKQd3KRfi9F
OEg6wq3Thr+aiA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:48:39 2025 by rpki-client