Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft
File: PsY-XbBDXC0-dKayitPZww1qjO4.mft (raw, json)
Hash identifier: hUCBWiE+LVcq3lmZqaiKTSTMWN9KUchuguoFhIH6VdU=
Subject key identifier: 1E:64:E2:5A:2D:B0:DB:E2:F2:C0:26:D8:D5:44:08:B8:10:EB:7C:E8
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 019A03A35CD583FC7CF80508D9D8935DF45D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft
Manifest number: 0EF5
Signing time: Mon 20 Oct 2025 22:00:28 +0000
Manifest this update: Mon 20 Oct 2025 22:00:28 +0000
Manifest next update: Tue 21 Oct 2025 22:00:28 +0000
Files and hashes: 1: GSEh8gIZdCBsRKOnb9fKkFOFuZk.roa (hash: u2uTEL6Ts0fKYl8Es1LELd2Ambr6iVn6vwhJ7qDD50c=)
2: PsY-XbBDXC0-dKayitPZww1qjO4.crl (hash: CbXUsNn2LXiehsLRy3AVhYQ0HBLplWVPdmbccoGRb9g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:a3:5c:d5:83:fc:7c:f8:05:08:d9:d8:93:5d:f4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: Oct 20 22:00:28 2025 GMT
Not After : Oct 21 22:00:28 2025 GMT
Subject: CN=1e64e25a2db0dbe2f2c026d8d54408b810eb7ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:08:36:49:48:81:ef:20:f1:8e:2d:cd:69:92:
12:3c:d0:56:eb:f0:a3:91:51:77:cc:b6:97:18:2c:
b5:ea:5b:2f:12:4b:32:8f:5f:cf:6c:43:d7:57:7a:
81:50:43:7e:0a:0c:7a:3a:48:0a:34:b2:4d:70:2e:
74:ca:fb:ca:47:20:27:b7:29:b1:37:86:aa:bf:13:
3d:f3:53:d9:91:d3:b9:b7:e3:14:81:f8:34:43:53:
b2:ce:b9:f8:64:99:50:be:c2:50:fb:b4:99:85:89:
40:32:8f:48:f1:a0:52:84:ca:94:3d:68:40:fc:21:
95:9e:cb:36:38:28:d2:35:78:ee:10:8b:ae:28:0a:
ac:08:3b:e1:bb:e7:93:05:cc:6d:83:e5:49:2b:49:
aa:51:03:a3:13:88:68:14:65:ef:0f:84:10:0b:24:
18:38:52:0a:33:89:5c:a0:9f:a2:51:7e:97:bf:65:
45:03:bc:e9:23:61:9e:8e:c7:9b:1e:29:a5:06:b8:
6b:0d:dc:50:c7:ef:c0:b3:bb:41:12:56:94:04:be:
7b:a8:f9:de:2b:2e:3a:c5:3e:34:60:fa:0b:35:3d:
09:42:84:5c:0f:93:e0:c5:26:5c:8b:6e:f9:91:9f:
21:a2:d5:2f:1f:a4:c0:bd:83:ae:e9:bb:ba:36:23:
01:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:64:E2:5A:2D:B0:DB:E2:F2:C0:26:D8:D5:44:08:B8:10:EB:7C:E8
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:ff:11:ce:1c:05:bd:62:56:e9:3a:c5:c8:eb:bf:2c:a5:77:
98:59:f4:28:4b:a6:08:95:1e:b3:5c:0f:e0:2f:ce:fe:3a:20:
1a:b6:4f:f4:bc:48:da:7c:66:93:13:1c:a8:68:a0:a2:52:c0:
04:b9:09:61:27:18:ef:0b:f2:51:10:fc:64:6c:be:09:d5:01:
64:df:34:8f:63:c5:92:0e:7d:fa:71:6c:e6:32:24:57:ea:7c:
86:95:97:df:0d:3a:ef:de:8e:b1:bf:4e:e3:7e:1f:6b:2e:db:
47:1b:a7:ca:d5:96:6b:d7:b3:2a:f9:ef:2e:9d:7f:57:3d:3f:
0b:66:2a:e6:7d:2c:c3:b5:17:9b:82:45:1c:2d:81:8b:e4:51:
a6:8d:c9:9e:01:f5:33:ae:98:ab:3d:3a:f5:77:27:b3:98:ba:
5d:c8:45:f0:5f:5a:cc:6e:5a:04:61:bd:f4:c5:2b:4e:25:92:
00:2a:f6:f7:55:94:30:4f:62:e1:31:d7:22:cd:bc:99:09:2e:
21:7e:9a:a0:8e:96:a5:51:ad:f4:26:7e:d3:9f:df:db:f4:2b:
c9:56:eb:3d:63:f8:09:b4:40:53:46:f9:e7:3f:02:ee:aa:70:
8f:16:6f:05:81:00:a1:ab:d4:28:9f:77:f6:67:8c:a9:8f:9e:
77:72:4f:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDo1zVg/x8+AUI2diTXfRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjUxMDIwMjIwMDI4WhcNMjUxMDIxMjIwMDI4WjAzMTEwLwYDVQQD
EygxZTY0ZTI1YTJkYjBkYmUyZjJjMDI2ZDhkNTQ0MDhiODEwZWI3Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgg2SUiB7yDxji3NaZISPNBW6/Cj
kVF3zLaXGCy16lsvEksyj1/PbEPXV3qBUEN+Cgx6OkgKNLJNcC50yvvKRyAntymx
N4aqvxM981PZkdO5t+MUgfg0Q1Oyzrn4ZJlQvsJQ+7SZhYlAMo9I8aBShMqUPWhA
/CGVnss2OCjSNXjuEIuuKAqsCDvhu+eTBcxtg+VJK0mqUQOjE4hoFGXvD4QQCyQY
OFIKM4lcoJ+iUX6Xv2VFA7zpI2GejsebHimlBrhrDdxQx+/As7tBElaUBL57qPne
Ky46xT40YPoLNT0JQoRcD5PgxSZci275kZ8hotUvH6TAvYOu6bu6NiMBuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5k4lotsNvi8sAm2NVECLgQ63zoMB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/8RzhwF
vWJW6TrFyOu/LKV3mFn0KEumCJUes1wP4C/O/jogGrZP9LxI2nxmkxMcqGigolLA
BLkJYScY7wvyURD8ZGy+CdUBZN80j2PFkg59+nFs5jIkV+p8hpWX3w06796Osb9O
434fay7bRxunytWWa9ezKvnvLp1/Vz0/C2Yq5n0sw7UXm4JFHC2Bi+RRpo3JngH1
M66Yqz069Xcns5i6XchF8F9azG5aBGG99MUrTiWSACr291WUME9i4THXIs28mQku
IX6aoI6WpVGt9CZ+05/f2/QryVbrPWP4CbRAU0b55z8C7qpwjxZvBYEAoavUKJ93
9meMqY+ed3JPBQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:37:11 2025 by rpki-client