
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
File: PnFWq-5roji5BzFd-cVShlrc2ug.mft (raw, json)
Hash identifier: pP0KnX9K3lTRmn3VklLfwnqrbFXdHe+iJ86gBIrAhvQ=
Subject key identifier: 3F:E4:0D:20:D7:96:42:34:2D:A4:44:82:E3:BE:F6:4F:99:80:89:E8
Authority key identifier: 3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
Certificate issuer: /CN=3e7156abee6ba238b907315df9c552865adcdae8
Certificate serial: 019A047F6F25FF09590CA679C6CB4DE19D77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
Manifest number: 0958
Signing time: Tue 21 Oct 2025 02:00:51 +0000
Manifest this update: Tue 21 Oct 2025 02:00:51 +0000
Manifest next update: Wed 22 Oct 2025 02:00:51 +0000
Files and hashes: 1: DRXIRPlz989IQESya6WStEPwwfI.roa (hash: vzHP7wdlF/pn8v84Pbfgox37vxRmFYAJNGZAwD+DkvA=)
2: PnFWq-5roji5BzFd-cVShlrc2ug.crl (hash: dVsyLzpMohnT55bAJCmHCWjkCm7AntM7ibD6g4YTTw0=)
3: QWM4nrBr-pa9JzWD2Zz8wHHbmCU.roa (hash: VKweVNYicugh0mCYY3yIR2LnHnKsWIZPY+G4TQfXJ6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:04:7f:6f:25:ff:09:59:0c:a6:79:c6:cb:4d:e1:9d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7156abee6ba238b907315df9c552865adcdae8
Validity
Not Before: Oct 21 02:00:51 2025 GMT
Not After : Oct 22 02:00:51 2025 GMT
Subject: CN=3fe40d20d79642342da44482e3bef64f998089e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:73:0b:43:96:6b:e5:73:02:33:7f:59:13:7a:
1d:5c:85:40:d8:78:68:57:2e:11:8e:c0:c5:c5:6f:
2e:58:dc:b3:29:b8:73:01:5c:07:ef:ce:08:79:43:
6f:e1:80:ab:e1:b5:fe:2a:eb:96:43:7f:82:58:03:
8e:d1:e6:68:0a:07:41:d0:7c:0a:b7:1a:f4:fb:ac:
dd:04:fd:fa:a0:99:8c:0f:7f:f6:7d:34:e4:30:e8:
a0:4e:30:ff:8b:87:22:69:bf:16:58:af:98:b5:26:
0f:17:67:31:25:7d:e6:17:4a:b4:c1:56:c3:7a:3a:
fa:70:c1:fd:42:99:f3:75:38:4f:0f:20:22:59:87:
82:1d:7d:bd:86:5e:06:1d:ce:52:5c:36:3d:66:89:
48:06:71:31:1e:2c:c8:93:0c:70:ed:ff:50:a9:d5:
e3:93:db:7b:5e:37:ca:7f:25:90:4d:dc:79:8b:8e:
09:68:6a:7d:ba:42:26:91:23:6e:4c:e2:40:e5:87:
41:14:0f:f2:ba:ae:40:d7:8e:e7:b2:fa:eb:ee:2a:
6c:10:ab:d8:39:c2:90:ad:cc:89:62:ce:22:1d:ba:
89:fd:a4:61:de:20:89:e9:cb:8f:e7:5f:bf:e1:3a:
86:3e:e2:df:f7:a6:dd:08:d2:d6:9d:3b:3d:17:66:
f1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E4:0D:20:D7:96:42:34:2D:A4:44:82:E3:BE:F6:4F:99:80:89:E8
X509v3 Authority Key Identifier:
keyid:3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:41:e8:1b:37:19:90:8d:7b:02:9c:b7:69:1b:45:fd:75:af:
04:cd:66:fd:2b:ba:cf:0f:98:82:35:ea:ee:ee:75:b9:4e:ab:
4c:89:40:06:62:e0:9e:70:72:2b:01:30:19:16:3c:68:12:ca:
d8:cc:c0:de:6f:8d:6b:60:ba:fb:db:5d:aa:f4:6a:02:aa:f9:
e1:f3:13:03:e9:10:b1:e1:59:89:09:98:de:f0:76:5f:f8:e3:
db:51:43:1e:1f:f6:c1:48:95:12:e2:15:df:5d:1e:99:c8:b8:
07:a0:f7:c7:be:2e:ac:01:e1:62:9b:93:e4:2b:38:90:33:07:
43:27:5f:84:db:da:ac:c2:cb:b6:ef:8d:91:c8:6d:58:92:0b:
16:a6:a8:42:56:b8:3f:6b:79:35:ef:bb:8e:59:bf:52:ca:63:
c9:dd:96:50:29:c5:7f:8d:da:dd:6f:c5:07:62:27:4c:9b:f0:
07:2a:87:dd:39:49:e2:a3:2e:11:87:ea:0e:d7:ac:03:c6:4c:
b0:60:19:d0:6e:6a:34:46:06:c7:2f:35:e4:ba:8f:df:b9:5c:
7a:f0:29:df:e2:2c:79:f5:10:e2:fb:d4:4b:16:5a:b2:be:ba:
ce:77:df:e1:05:32:ac:6e:3d:11:50:fa:8d:00:1b:fe:c5:e0:
25:72:74:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoEf28l/wlZDKZ5xstN4Z13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzE1NmFiZWU2YmEyMzhiOTA3MzE1ZGY5YzU1Mjg2NWFk
Y2RhZTgwHhcNMjUxMDIxMDIwMDUxWhcNMjUxMDIyMDIwMDUxWjAzMTEwLwYDVQQD
EygzZmU0MGQyMGQ3OTY0MjM0MmRhNDQ0ODJlM2JlZjY0Zjk5ODA4OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA83MLQ5Zr5XMCM39ZE3odXIVA2Hho
Vy4RjsDFxW8uWNyzKbhzAVwH784IeUNv4YCr4bX+KuuWQ3+CWAOO0eZoCgdB0HwK
txr0+6zdBP36oJmMD3/2fTTkMOigTjD/i4ciab8WWK+YtSYPF2cxJX3mF0q0wVbD
ejr6cMH9QpnzdThPDyAiWYeCHX29hl4GHc5SXDY9ZolIBnExHizIkwxw7f9QqdXj
k9t7XjfKfyWQTdx5i44JaGp9ukImkSNuTOJA5YdBFA/yuq5A147nsvrr7ipsEKvY
OcKQrcyJYs4iHbqJ/aRh3iCJ6cuP51+/4TqGPuLf96bdCNLWnTs9F2bxfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/kDSDXlkI0LaREguO+9k+ZgInoMB8GA1UdIwQY
MBaAFD5xVqvua6I4uQcxXfnFUoZa3NroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3Zjkt
NThmMmQ0NGZmMjgxLzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3ZjktNThmMmQ0NGZmMjgx
LzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABEHoGzcZ
kI17Apy3aRtF/XWvBM1m/Su6zw+YgjXq7u51uU6rTIlABmLgnnByKwEwGRY8aBLK
2MzA3m+Na2C6+9tdqvRqAqr54fMTA+kQseFZiQmY3vB2X/jj21FDHh/2wUiVEuIV
310emci4B6D3x74urAHhYpuT5Cs4kDMHQydfhNvarMLLtu+NkchtWJILFqaoQla4
P2t5Ne+7jlm/Uspjyd2WUCnFf43a3W/FB2InTJvwByqH3TlJ4qMuEYfqDtesA8ZM
sGAZ0G5qNEYGxy815LqP37lcevAp3+IsefUQ4vvUSxZasr66znff4QUyrG49EVD6
jQAb/sXgJXJ0Mg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:19:35 2025 by rpki-client