
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
File: PnFWq-5roji5BzFd-cVShlrc2ug.mft (raw, json)
Hash identifier: Gf1qdSl3YyQK0RZ4vfnDb4LHTGF+AX5OYl12bhyqG1w=
Subject key identifier: C5:CA:A3:D7:EA:45:A4:1A:21:F8:D5:72:D6:23:9D:7D:7E:22:10:1D
Authority key identifier: 3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
Certificate issuer: /CN=3e7156abee6ba238b907315df9c552865adcdae8
Certificate serial: 019A00A36F676817B51BEEE030FEF20F75AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
Manifest number: 0956
Signing time: Mon 20 Oct 2025 08:01:42 +0000
Manifest this update: Mon 20 Oct 2025 08:01:42 +0000
Manifest next update: Tue 21 Oct 2025 08:01:42 +0000
Files and hashes: 1: DRXIRPlz989IQESya6WStEPwwfI.roa (hash: vzHP7wdlF/pn8v84Pbfgox37vxRmFYAJNGZAwD+DkvA=)
2: PnFWq-5roji5BzFd-cVShlrc2ug.crl (hash: 4rUFWyy+xwdrrV2kVXZt9Ud+iJVCNRdExJ9SIMxKlng=)
3: QWM4nrBr-pa9JzWD2Zz8wHHbmCU.roa (hash: VKweVNYicugh0mCYY3yIR2LnHnKsWIZPY+G4TQfXJ6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 08:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:a3:6f:67:68:17:b5:1b:ee:e0:30:fe:f2:0f:75:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7156abee6ba238b907315df9c552865adcdae8
Validity
Not Before: Oct 20 08:01:42 2025 GMT
Not After : Oct 21 08:01:42 2025 GMT
Subject: CN=c5caa3d7ea45a41a21f8d572d6239d7d7e22101d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:02:62:46:45:96:73:9f:0e:0a:2f:4c:09:
8c:bf:b2:9a:c2:d8:1f:be:69:47:b7:2f:10:8a:01:
af:36:d8:72:85:fe:8b:eb:75:50:46:af:9f:49:59:
dc:10:36:81:93:15:0b:17:e1:13:f8:de:10:2f:6a:
80:9f:fa:71:92:02:9e:63:40:57:61:3b:42:ce:2a:
f0:6a:f8:b8:dd:ec:3c:ae:5b:7e:5f:39:88:d4:e4:
35:76:0a:e2:5b:98:83:3a:dd:b2:8b:86:4a:4f:65:
d5:5a:4f:12:07:4d:7e:b9:e5:0f:d0:05:22:c4:30:
d2:db:39:c8:9d:7c:3d:f4:90:b0:e3:63:f7:cb:36:
b1:92:00:9c:33:ca:06:73:05:f6:ff:67:07:63:49:
de:a5:83:c1:35:26:90:86:8e:e3:17:9a:29:7f:fe:
a3:26:e3:61:c4:79:77:b0:28:60:c8:01:92:4f:ad:
e7:cb:84:af:91:b1:04:07:b1:a8:53:fd:4a:98:51:
dd:76:a0:81:a6:51:a9:24:26:a7:44:ad:28:7a:dc:
2e:b6:1a:57:51:0b:f0:a8:e5:d9:c4:6a:77:f0:11:
20:dd:45:d5:75:3b:5c:f4:32:95:fc:13:ed:00:3e:
f1:ac:70:a9:52:88:ef:a0:c8:bf:ff:66:b0:10:5a:
3f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CA:A3:D7:EA:45:A4:1A:21:F8:D5:72:D6:23:9D:7D:7E:22:10:1D
X509v3 Authority Key Identifier:
keyid:3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:50:97:a7:69:da:8b:88:23:c8:9d:52:b9:29:6f:48:08:f5:
b7:10:6a:b1:a4:0a:db:b7:f7:a8:b5:eb:a9:3a:99:d6:1a:40:
65:f9:77:8b:07:d8:69:ee:bd:51:f9:27:68:43:da:74:14:fb:
c8:3d:f5:38:a2:d8:25:55:6c:e6:95:b8:2d:93:1d:2b:54:45:
35:94:bc:e6:bc:5f:5f:c2:3a:91:d2:4e:8f:1e:0f:cb:ca:9a:
ed:74:9a:ba:fd:3d:82:03:ce:9d:81:12:3f:c8:04:18:7a:fb:
cd:9e:27:49:b1:09:29:a4:c5:c3:21:0c:4a:9a:bf:91:69:5a:
31:b9:22:4b:34:19:18:5e:3d:b2:cb:e2:2a:d4:33:e4:bf:d8:
ce:31:78:f4:be:14:94:f2:e1:60:53:fc:a8:39:71:26:8f:c3:
1b:5a:dc:d1:9b:20:70:fa:85:19:2d:5f:a1:f5:e1:b2:e4:ca:
15:19:44:42:9e:f3:3b:61:e1:5c:04:13:e5:d7:eb:5e:0e:a8:
54:c2:b9:f6:b6:12:80:2d:a2:fc:c0:f6:1d:0b:ac:ef:e5:9e:
a6:b5:ab:02:1b:51:0b:03:f0:96:e5:b5:35:44:4a:e1:7d:84:
25:a0:4b:d0:82:fd:ba:78:c2:1c:b7:d0:90:42:a2:fe:9a:19:
6b:29:e5:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAo29naBe1G+7gMP7yD3WqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzE1NmFiZWU2YmEyMzhiOTA3MzE1ZGY5YzU1Mjg2NWFk
Y2RhZTgwHhcNMjUxMDIwMDgwMTQyWhcNMjUxMDIxMDgwMTQyWjAzMTEwLwYDVQQD
EyhjNWNhYTNkN2VhNDVhNDFhMjFmOGQ1NzJkNjIzOWQ3ZDdlMjIxMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5YCYkZFlnOfDgovTAmMv7Kawtgf
vmlHty8QigGvNthyhf6L63VQRq+fSVncEDaBkxULF+ET+N4QL2qAn/pxkgKeY0BX
YTtCzirwavi43ew8rlt+XzmI1OQ1dgriW5iDOt2yi4ZKT2XVWk8SB01+ueUP0AUi
xDDS2znInXw99JCw42P3yzaxkgCcM8oGcwX2/2cHY0nepYPBNSaQho7jF5opf/6j
JuNhxHl3sChgyAGST63ny4SvkbEEB7GoU/1KmFHddqCBplGpJCanRK0oetwuthpX
UQvwqOXZxGp38BEg3UXVdTtc9DKV/BPtAD7xrHCpUojvoMi//2awEFo/DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXKo9fqRaQaIfjVctYjnX1+IhAdMB8GA1UdIwQY
MBaAFD5xVqvua6I4uQcxXfnFUoZa3NroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3Zjkt
NThmMmQ0NGZmMjgxLzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3ZjktNThmMmQ0NGZmMjgx
LzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIFCXp2na
i4gjyJ1SuSlvSAj1txBqsaQK27f3qLXrqTqZ1hpAZfl3iwfYae69UfknaEPadBT7
yD31OKLYJVVs5pW4LZMdK1RFNZS85rxfX8I6kdJOjx4Py8qa7XSauv09ggPOnYES
P8gEGHr7zZ4nSbEJKaTFwyEMSpq/kWlaMbkiSzQZGF49ssviKtQz5L/YzjF49L4U
lPLhYFP8qDlxJo/DG1rc0ZsgcPqFGS1fofXhsuTKFRlEQp7zO2HhXAQT5dfrXg6o
VMK59rYSgC2i/MD2HQus7+WeprWrAhtRCwPwluW1NURK4X2EJaBL0IL9unjCHLfQ
kEKi/poZaynlXg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:00:57 2025 by rpki-client