Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: EHwbDgwFV1qIgbDNdiA7AbrMgMlq1nyueroM97egb48=
Subject key identifier: 44:58:3E:B7:E7:57:93:1D:2F:9D:F5:AB:AF:85:F0:44:A8:2E:51:E3
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 0198D5BBF78CAEFD0DDBAF898777BA1C012D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 1646
Signing time: Sat 23 Aug 2025 07:02:02 +0000
Manifest this update: Sat 23 Aug 2025 07:02:02 +0000
Manifest next update: Sun 24 Aug 2025 07:02:02 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: Izl3OIOaeYO/PKHoI556Auv3qZRNrdWQdFrHCH6qBc4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:bb:f7:8c:ae:fd:0d:db:af:89:87:77:ba:1c:01:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Aug 23 07:02:02 2025 GMT
Not After : Aug 24 07:02:02 2025 GMT
Subject: CN=44583eb7e757931d2f9df5abaf85f044a82e51e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bb:3a:bf:c6:09:fb:ee:69:2b:60:a0:eb:35:
02:58:f8:76:44:3e:31:3e:de:ea:22:26:72:43:9f:
15:dc:f9:55:1b:8f:ab:fb:2e:3e:83:cb:a2:82:84:
02:37:2d:01:1e:15:6c:0d:bd:ad:ed:7a:de:ab:9e:
0c:a7:f0:ba:09:83:f3:d6:f1:e8:9c:06:4e:29:22:
50:26:9a:b9:da:cd:c6:e5:da:66:0c:4c:33:b0:99:
50:78:7e:44:d3:1e:8f:41:8e:69:96:f0:18:75:67:
c6:c9:3f:c6:6d:08:b0:49:23:ab:52:64:a5:b4:dc:
b1:c7:f9:a8:b4:9e:75:90:76:ae:a7:45:89:de:18:
48:b0:d2:ef:2b:17:14:1d:5e:38:14:a9:a8:e1:01:
b5:ba:c1:4b:74:52:3d:04:39:3d:4d:c6:fa:5f:53:
ab:58:f7:2b:c0:60:f0:9e:7a:18:b6:b8:bf:bd:6f:
f1:6e:f5:01:e8:cb:f2:fd:0d:ca:89:b8:d5:66:e0:
75:95:a6:6e:ca:e5:2a:c0:7c:e5:1a:86:cb:63:ec:
46:99:c1:27:30:ea:42:8b:37:ff:02:af:c7:dd:dd:
a3:a0:d5:cb:95:9a:08:0c:eb:1b:5c:35:00:1d:35:
a8:9a:87:14:a6:77:e5:31:6c:7c:f3:c8:45:1b:97:
80:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:58:3E:B7:E7:57:93:1D:2F:9D:F5:AB:AF:85:F0:44:A8:2E:51:E3
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:18:f6:c3:4f:30:21:7d:b5:d1:ed:a8:fe:ce:34:80:b1:77:
bc:d3:66:3f:fa:4b:48:68:ae:d5:ab:4a:d2:d7:80:1d:61:aa:
b1:d4:55:eb:47:13:d6:57:bb:45:2d:80:cf:c1:4f:96:55:07:
db:4d:e6:c9:b9:e3:e7:c4:a9:a4:54:7d:4d:3a:5f:1b:1a:52:
80:71:dc:13:83:f0:33:3b:9b:d2:e7:bf:82:bb:ee:14:b4:ab:
7d:f9:14:03:f3:ca:f5:a5:07:9d:91:ef:7a:45:48:16:a5:d5:
dd:92:80:9a:6a:14:42:e2:3a:ca:00:15:4d:0d:dc:db:80:ef:
bb:1a:6f:6c:ef:3a:d7:0d:30:13:2a:02:1f:8d:c8:51:43:8d:
b2:56:f2:02:45:94:f5:c7:49:14:17:9c:3b:22:5e:22:57:5b:
3c:77:e9:29:a4:77:a2:3b:9a:58:ba:fe:b7:33:2e:13:38:7f:
08:3a:ce:06:5d:aa:40:d0:0b:23:cf:96:07:d1:50:58:aa:d9:
8e:ed:9a:9d:db:20:be:09:30:df:cf:e1:bf:0d:74:f9:9a:b5:
15:a9:a5:ff:09:d3:0e:a1:e5:70:ae:be:2b:0c:3f:54:a3:44:
fb:21:a4:80:8b:c2:59:f3:3d:e8:52:a2:9e:61:67:74:e6:73:
6c:8c:4d:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/eMrv0N26+Jh3e6HAEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUwODIzMDcwMjAyWhcNMjUwODI0MDcwMjAyWjAzMTEwLwYDVQQD
Eyg0NDU4M2ViN2U3NTc5MzFkMmY5ZGY1YWJhZjg1ZjA0NGE4MmU1MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7s6v8YJ++5pK2Cg6zUCWPh2RD4x
Pt7qIiZyQ58V3PlVG4+r+y4+g8uigoQCNy0BHhVsDb2t7Xreq54Mp/C6CYPz1vHo
nAZOKSJQJpq52s3G5dpmDEwzsJlQeH5E0x6PQY5plvAYdWfGyT/GbQiwSSOrUmSl
tNyxx/motJ51kHaup0WJ3hhIsNLvKxcUHV44FKmo4QG1usFLdFI9BDk9Tcb6X1Or
WPcrwGDwnnoYtri/vW/xbvUB6Mvy/Q3KibjVZuB1laZuyuUqwHzlGobLY+xGmcEn
MOpCizf/Aq/H3d2joNXLlZoIDOsbXDUAHTWomocUpnflMWx888hFG5eASQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERYPrfnV5MdL531q6+F8ESoLlHjMB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhxj2w08w
IX210e2o/s40gLF3vNNmP/pLSGiu1atK0teAHWGqsdRV60cT1le7RS2Az8FPllUH
203mybnj58SppFR9TTpfGxpSgHHcE4PwMzub0ue/grvuFLSrffkUA/PK9aUHnZHv
ekVIFqXV3ZKAmmoUQuI6ygAVTQ3c24DvuxpvbO861w0wEyoCH43IUUONslbyAkWU
9cdJFBecOyJeIldbPHfpKaR3ojuaWLr+tzMuEzh/CDrOBl2qQNALI8+WB9FQWKrZ
ju2andsgvgkw38/hvw10+Zq1Faml/wnTDqHlcK6+Kww/VKNE+yGkgIvCWfM96FKi
nmFndOZzbIxN2w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:25:55 2025 by rpki-client