Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
File: pz1kDZC_PWfySYE4zDcfZUZH3a0.mft (raw, json)
Hash identifier: 9blwDQJNYf7j1ihhamHNE9gW0vCisjyS+MpNW0GwPDY=
Subject key identifier: 43:BE:1C:61:E3:0D:63:B3:B0:86:AB:8C:F4:D9:C5:43:84:29:EF:A8
Authority key identifier: A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD
Certificate issuer: /CN=a73d640d90bf3d67f2498138cc371f654647ddad
Certificate serial: 0199FBEB1ED6CB78503EA42277E24508CB7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
Manifest number: 10DD
Signing time: Sun 19 Oct 2025 10:01:53 +0000
Manifest this update: Sun 19 Oct 2025 10:01:53 +0000
Manifest next update: Mon 20 Oct 2025 10:01:53 +0000
Files and hashes: 1: 5fcpJVl5DXDFgBV-5G0BOvh2tGg.roa (hash: urXegQalP46Ga7kO5s8Ojf4B2voXZNk4EbUTvjtFENw=)
2: pz1kDZC_PWfySYE4zDcfZUZH3a0.crl (hash: 0esmf2P+WNRrdWbn9yEMbiPNSFCbokCES7FWZHxLJj4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:1e:d6:cb:78:50:3e:a4:22:77:e2:45:08:cb:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a73d640d90bf3d67f2498138cc371f654647ddad
Validity
Not Before: Oct 19 10:01:53 2025 GMT
Not After : Oct 20 10:01:53 2025 GMT
Subject: CN=43be1c61e30d63b3b086ab8cf4d9c5438429efa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:8c:20:b8:11:74:43:d3:8d:40:d3:d0:44:
1b:4a:67:05:63:eb:32:be:e7:e5:84:39:40:98:76:
56:68:52:ec:43:a7:03:86:10:8c:58:d9:3e:46:9a:
91:19:71:96:59:d5:04:f5:66:67:11:81:88:bb:ef:
a9:63:e6:c5:8d:62:4b:63:57:62:cf:65:ea:34:bc:
70:5f:3c:cb:c3:c3:06:4d:1b:5b:99:6a:46:7c:49:
38:b8:a6:be:df:01:f0:b9:cf:88:27:13:a7:d8:a4:
29:33:d5:aa:e1:55:c5:f3:38:af:44:74:27:80:cb:
a1:7d:9c:f2:00:05:ac:e1:da:a2:10:cc:82:35:06:
38:2a:8f:ca:6a:98:ef:1f:3f:28:85:be:5b:ca:52:
0f:a3:cf:5c:ba:93:96:ea:1a:47:dd:d6:b3:c4:be:
ea:82:e2:6d:8b:61:d5:88:d3:dc:be:13:8c:f6:d5:
04:60:2d:c0:2d:40:59:c9:59:ba:52:04:c9:b3:4c:
97:c3:36:5d:cf:f3:c6:eb:19:b1:86:7f:17:be:35:
2b:d6:de:6c:92:87:64:d3:f8:0f:9b:1c:3c:bb:67:
c2:c7:63:d1:11:f4:b5:ba:06:6e:e7:24:62:28:63:
21:f7:0b:a9:bb:60:f7:e8:73:4b:a2:2f:18:6e:d9:
38:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BE:1C:61:E3:0D:63:B3:B0:86:AB:8C:F4:D9:C5:43:84:29:EF:A8
X509v3 Authority Key Identifier:
keyid:A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:61:6b:d4:e1:1d:24:c1:b0:75:b1:16:c8:14:4c:75:3f:f3:
c1:80:8b:92:c6:3c:c7:b3:16:38:75:6f:af:aa:3f:68:fb:03:
f3:90:d2:c1:61:21:c2:11:28:60:12:e0:15:fc:14:3e:35:4d:
d8:18:79:ed:92:60:87:6b:30:dd:52:de:d1:17:9e:64:de:fa:
66:b5:c7:c2:34:e3:d0:ab:c2:be:81:54:5b:7e:86:ce:c9:ac:
43:19:2c:dc:b9:f2:a1:30:32:a5:26:45:63:4b:40:27:dd:04:
0c:04:6d:4d:65:04:bf:fc:5b:c8:7c:7a:ed:29:18:91:e1:55:
bf:e7:67:49:a1:ab:54:0c:33:30:c9:ac:34:c4:cf:7e:68:ef:
84:a6:06:fa:b1:63:cb:9e:7f:ba:c4:ba:06:81:2e:b8:17:26:
b7:3f:47:7e:6c:57:6c:43:61:ea:c9:cd:96:29:be:e5:0e:ef:
9d:8e:67:7c:a5:ba:98:7c:d8:8d:47:f5:8d:27:2c:62:43:d6:
d7:35:17:9c:3a:08:12:1b:35:26:05:05:c2:13:49:27:2f:21:
c0:b2:0e:cf:fa:a8:24:0c:20:10:ed:d5:84:df:7a:f2:ff:42:
45:ff:1a:63:e4:2d:6c:f8:2d:74:85:d6:75:0f:c7:25:1e:6f:
a1:c0:8e:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76x7Wy3hQPqQid+JFCMt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3M2Q2NDBkOTBiZjNkNjdmMjQ5ODEzOGNjMzcxZjY1NDY0
N2RkYWQwHhcNMjUxMDE5MTAwMTUzWhcNMjUxMDIwMTAwMTUzWjAzMTEwLwYDVQQD
Eyg0M2JlMWM2MWUzMGQ2M2IzYjA4NmFiOGNmNGQ5YzU0Mzg0MjllZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBOMILgRdEPTjUDT0EQbSmcFY+sy
vuflhDlAmHZWaFLsQ6cDhhCMWNk+RpqRGXGWWdUE9WZnEYGIu++pY+bFjWJLY1di
z2XqNLxwXzzLw8MGTRtbmWpGfEk4uKa+3wHwuc+IJxOn2KQpM9Wq4VXF8zivRHQn
gMuhfZzyAAWs4dqiEMyCNQY4Ko/KapjvHz8ohb5bylIPo89cupOW6hpH3dazxL7q
guJti2HViNPcvhOM9tUEYC3ALUBZyVm6UgTJs0yXwzZdz/PG6xmxhn8XvjUr1t5s
kodk0/gPmxw8u2fCx2PREfS1ugZu5yRiKGMh9wupu2D36HNLoi8Ybtk4iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEO+HGHjDWOzsIarjPTZxUOEKe+oMB8GA1UdIwQY
MBaAFKc9ZA2Qvz1n8kmBOMw3H2VGR92tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWIt
NzUwMzk3NTBiZDY4LzEvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWItNzUwMzk3NTBiZDY4
LzEvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmFr1OEd
JMGwdbEWyBRMdT/zwYCLksY8x7MWOHVvr6o/aPsD85DSwWEhwhEoYBLgFfwUPjVN
2Bh57ZJgh2sw3VLe0ReeZN76ZrXHwjTj0KvCvoFUW36GzsmsQxks3LnyoTAypSZF
Y0tAJ90EDARtTWUEv/xbyHx67SkYkeFVv+dnSaGrVAwzMMmsNMTPfmjvhKYG+rFj
y55/usS6BoEuuBcmtz9HfmxXbENh6snNlim+5Q7vnY5nfKW6mHzYjUf1jScsYkPW
1zUXnDoIEhs1JgUFwhNJJy8hwLIOz/qoJAwgEO3VhN968v9CRf8aY+QtbPgtdIXW
dQ/HJR5vocCO3w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:30:26 2025 by rpki-client