Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier: IeVYDQ5CvVYFTsfBTLVshLIRqpmwcqOaxwCvS19/Hxs=
Subject key identifier: 09:FF:F6:DD:C3:63:A4:2E:1D:62:89:D2:E1:5E:27:B2:9E:A5:1C:87
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial: 0199FB0F32B6140D282ACF12A596CB4C1409
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number: 10C8
Signing time: Sun 19 Oct 2025 06:01:41 +0000
Manifest this update: Sun 19 Oct 2025 06:01:41 +0000
Manifest next update: Mon 20 Oct 2025 06:01:41 +0000
Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: xpCL3kKYDCBYc96w2HzvBRH7nYEH0dZQd689qngaKms=)
2: jH9C8p9nitrfAItNyA_YLJEP6ds.roa (hash: qAfQVpQ0k0QfJ2KTETvmr94XZk/rf+3SC4Qevdx1ZDY=)
3: tah1yfASreRchTqTj8AtcpkBGXY.roa (hash: 3mvJQGarrUT5b42icY1PPyWBBa9VfBbfud+/MFWuiN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:0f:32:b6:14:0d:28:2a:cf:12:a5:96:cb:4c:14:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Validity
Not Before: Oct 19 06:01:41 2025 GMT
Not After : Oct 20 06:01:41 2025 GMT
Subject: CN=09fff6ddc363a42e1d6289d2e15e27b29ea51c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cd:78:e6:1e:b3:5e:23:5f:1e:d5:c0:bc:7c:
b8:90:81:71:d8:c9:da:33:9d:48:6c:3b:1d:7c:93:
cb:3d:42:bd:51:cd:d6:88:51:5c:cb:b7:70:76:b0:
56:da:b3:0e:38:db:7c:cc:85:21:9e:65:cc:a6:be:
8f:48:66:3c:96:2e:60:22:d5:19:f1:5a:b6:a9:49:
e8:a5:9d:40:1c:b6:8e:21:9f:01:30:e6:4a:65:91:
b0:39:fc:4f:b2:c6:91:d2:dc:ab:05:6a:67:c8:ef:
e7:88:f1:d6:46:8b:40:01:bb:67:3e:c4:4d:99:e1:
a7:20:b9:5f:e4:be:c7:e2:d8:a5:05:43:4a:db:3b:
4a:67:28:37:3a:5e:d9:72:7c:3c:0e:00:42:d4:36:
f5:a1:59:7a:c4:b0:d0:d1:95:aa:90:c1:83:2a:95:
cc:84:9e:2b:a6:60:1c:17:39:0c:04:59:73:06:ed:
b5:8c:8d:18:12:fe:05:5d:d6:94:09:16:a4:f4:c3:
ba:32:22:d1:0e:64:18:1f:b4:f9:66:10:c1:d8:90:
29:b1:90:6a:90:b3:6a:d9:17:53:75:0e:04:38:9c:
8f:b8:5d:49:fa:61:8a:02:62:74:c4:b5:2e:13:80:
95:cb:a3:a1:6f:db:1e:7c:8d:25:38:bd:8a:b6:ea:
7d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FF:F6:DD:C3:63:A4:2E:1D:62:89:D2:E1:5E:27:B2:9E:A5:1C:87
X509v3 Authority Key Identifier:
keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:52:aa:06:3b:f5:52:29:28:4a:73:d1:65:dd:55:c9:77:f5:
09:12:7e:40:1c:8f:87:d4:0d:60:01:58:96:d8:e8:fc:a8:b1:
40:40:b5:02:a2:01:23:06:63:6b:23:69:71:b3:0f:97:30:11:
13:54:21:ff:5e:92:83:c0:28:d5:c2:af:ad:ae:e0:a1:27:72:
da:d4:ce:e1:46:74:60:6e:e4:b3:91:f3:88:c2:7b:94:3c:94:
91:d9:e3:f1:08:0e:6d:64:18:ba:87:92:5c:3b:d7:08:f3:a0:
1f:db:f1:0e:7e:1c:5e:f6:66:85:1c:38:f2:2c:7c:e8:4b:4a:
da:3b:00:b4:6d:95:a1:77:d2:72:9e:78:4f:04:45:e9:6a:63:
d5:22:88:e0:0a:f3:45:14:fb:46:e3:a3:5f:6f:f4:ab:7f:5e:
2a:50:9f:a0:5b:c6:f9:29:cf:53:71:df:72:25:58:f7:b1:76:
e0:78:f6:1a:1f:ae:ea:d3:10:e4:e7:78:1b:16:b4:7b:15:8e:
5d:67:c1:83:f0:dd:fe:bc:5d:61:24:60:d1:e9:cf:41:57:ba:
1c:fe:8d:1b:86:2c:81:57:ee:82:fa:1b:22:c0:7e:f1:10:02:
71:96:b8:1e:0e:24:77:ca:1e:ae:fb:ef:2f:ca:2a:7b:3c:c7:
5e:41:e4:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DzK2FA0oKs8SpZbLTBQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjUxMDE5MDYwMTQxWhcNMjUxMDIwMDYwMTQxWjAzMTEwLwYDVQQD
EygwOWZmZjZkZGMzNjNhNDJlMWQ2Mjg5ZDJlMTVlMjdiMjllYTUxYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8145h6zXiNfHtXAvHy4kIFx2Mna
M51IbDsdfJPLPUK9Uc3WiFFcy7dwdrBW2rMOONt8zIUhnmXMpr6PSGY8li5gItUZ
8Vq2qUnopZ1AHLaOIZ8BMOZKZZGwOfxPssaR0tyrBWpnyO/niPHWRotAAbtnPsRN
meGnILlf5L7H4tilBUNK2ztKZyg3Ol7Zcnw8DgBC1Db1oVl6xLDQ0ZWqkMGDKpXM
hJ4rpmAcFzkMBFlzBu21jI0YEv4FXdaUCRak9MO6MiLRDmQYH7T5ZhDB2JApsZBq
kLNq2RdTdQ4EOJyPuF1J+mGKAmJ0xLUuE4CVy6Ohb9sefI0lOL2Ktup9wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAn/9t3DY6QuHWKJ0uFeJ7KepRyHMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVKqBjv1
UikoSnPRZd1VyXf1CRJ+QByPh9QNYAFYltjo/KixQEC1AqIBIwZjayNpcbMPlzAR
E1Qh/16Sg8Ao1cKvra7goSdy2tTO4UZ0YG7ks5HziMJ7lDyUkdnj8QgObWQYuoeS
XDvXCPOgH9vxDn4cXvZmhRw48ix86EtK2jsAtG2VoXfScp54TwRF6Wpj1SKI4Arz
RRT7RuOjX2/0q39eKlCfoFvG+SnPU3HfciVY97F24Hj2Gh+u6tMQ5Od4Gxa0exWO
XWfBg/Dd/rxdYSRg0enPQVe6HP6NG4YsgVfugvobIsB+8RACcZa4Hg4kd8oervvv
L8oqezzHXkHkIQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:21:22 2025 by rpki-client