Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json)
Hash identifier: Bl/0odVNWp4eloaT24v2yZq5CUqwUHJGG3HN6Y6R2Ew=
Subject key identifier: 9F:3E:0A:24:17:CB:03:F3:CD:98:D1:42:7C:D5:22:7E:ED:85:E9:F7
Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Certificate serial: 0199FD340B97EC491D46E38D3E5661B962BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
Manifest number: 16DF
Signing time: Sun 19 Oct 2025 16:01:10 +0000
Manifest this update: Sun 19 Oct 2025 16:01:10 +0000
Manifest next update: Mon 20 Oct 2025 16:01:10 +0000
Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: /F0kjSrIrBuAckH8+QXB9CKsPEYD1UDe6XQZAbvE7Ig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:0b:97:ec:49:1d:46:e3:8d:3e:56:61:b9:62:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8
Validity
Not Before: Oct 19 16:01:10 2025 GMT
Not After : Oct 20 16:01:10 2025 GMT
Subject: CN=9f3e0a2417cb03f3cd98d1427cd5227eed85e9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:58:c6:1a:e9:9f:8b:93:f7:0f:f4:40:b9:
0d:f8:75:ab:47:dd:27:17:4c:60:55:bd:46:52:53:
89:db:54:f0:26:f6:da:23:42:87:29:11:a5:b7:55:
eb:f1:3e:4e:4a:05:88:df:c3:27:0a:01:ed:ca:c6:
b1:92:af:ec:58:6f:e8:0c:8f:1a:9d:4a:17:a3:9a:
a4:4d:2d:ef:1f:28:01:0a:ce:f3:a8:6c:6a:a3:58:
d2:b3:a0:16:e2:05:eb:c3:2f:84:18:38:40:c8:d1:
91:11:8b:f7:af:53:c7:41:eb:8e:fd:a4:fb:67:21:
45:30:e5:d8:cd:e0:79:d3:7e:65:e4:58:4c:77:2c:
34:8d:95:1f:e2:9e:3b:42:d0:5b:c8:52:db:ed:54:
ae:e4:e1:72:e2:44:91:65:5e:99:ce:f3:9e:d9:4e:
d7:b3:0e:54:2a:5b:56:b9:51:37:dd:01:67:c7:05:
2f:44:f1:ed:a8:a6:bb:fc:b7:ae:82:f4:27:43:29:
dd:9d:55:7b:56:54:40:43:0c:b7:35:d4:94:83:02:
4a:a1:14:4e:a0:a3:8b:d8:f9:c5:52:5a:b1:be:9a:
10:68:b7:de:02:77:a3:ca:c0:74:e4:01:44:ea:05:
31:86:ab:d6:b1:f3:39:b4:b0:e5:af:70:20:49:8a:
a1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3E:0A:24:17:CB:03:F3:CD:98:D1:42:7C:D5:22:7E:ED:85:E9:F7
X509v3 Authority Key Identifier:
keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:be:5d:3d:24:65:a7:61:7f:a9:00:ab:68:03:44:81:a2:32:
ac:3a:d0:36:ec:85:97:b9:9a:c8:f0:0d:fd:09:e6:e7:1d:79:
3c:6d:5a:34:25:73:0e:f2:ff:dc:09:86:50:e9:11:d6:5b:2e:
f7:7b:b9:d9:52:3d:ed:80:c6:89:0f:5c:54:06:fb:27:57:ab:
09:92:bd:a3:5a:29:eb:38:3a:b0:cd:49:a1:94:4f:9e:6a:6f:
b3:6f:a4:aa:3b:fd:50:14:bf:9e:a7:84:9f:a6:5a:b7:4a:dd:
27:5d:d9:df:f6:4d:1f:52:74:ac:b7:10:78:ba:59:72:51:0e:
80:82:20:40:ef:fe:5b:43:24:ad:9a:fe:ef:01:f9:1b:3a:19:
4f:09:4d:de:0d:bf:9b:72:b3:76:1b:91:1b:67:b7:ca:a6:05:
bb:dc:db:ac:88:d9:c5:de:8d:8d:57:5a:95:26:eb:d0:92:12:
9a:c3:35:18:57:40:39:54:2f:ca:0c:1d:22:5c:aa:8c:70:54:
92:6b:20:eb:d3:ac:57:d4:df:59:0a:6a:c8:db:9f:4a:a6:74:
14:4d:16:15:1f:96:bf:e8:ae:02:13:4b:ae:a8:e0:0d:92:55:
34:f5:0c:e9:cd:e5:83:bf:f7:df:f8:14:69:1c:56:84:b1:e1:
17:eb:1f:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NAuX7EkdRuONPlZhuWK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk
NGQ2ZDgwHhcNMjUxMDE5MTYwMTEwWhcNMjUxMDIwMTYwMTEwWjAzMTEwLwYDVQQD
Eyg5ZjNlMGEyNDE3Y2IwM2YzY2Q5OGQxNDI3Y2Q1MjI3ZWVkODVlOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnFYxhrpn4uT9w/0QLkN+HWrR90n
F0xgVb1GUlOJ21TwJvbaI0KHKRGlt1Xr8T5OSgWI38MnCgHtysaxkq/sWG/oDI8a
nUoXo5qkTS3vHygBCs7zqGxqo1jSs6AW4gXrwy+EGDhAyNGREYv3r1PHQeuO/aT7
ZyFFMOXYzeB5035l5FhMdyw0jZUf4p47QtBbyFLb7VSu5OFy4kSRZV6ZzvOe2U7X
sw5UKltWuVE33QFnxwUvRPHtqKa7/LeugvQnQyndnVV7VlRAQwy3NdSUgwJKoRRO
oKOL2PnFUlqxvpoQaLfeAnejysB05AFE6gUxhqvWsfM5tLDlr3AgSYqh5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8+CiQXywPzzZjRQnzVIn7then3MB8GA1UdIwQY
MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt
ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx
LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYr5dPSRl
p2F/qQCraANEgaIyrDrQNuyFl7mayPAN/Qnm5x15PG1aNCVzDvL/3AmGUOkR1lsu
93u52VI97YDGiQ9cVAb7J1erCZK9o1op6zg6sM1JoZRPnmpvs2+kqjv9UBS/nqeE
n6Zat0rdJ13Z3/ZNH1J0rLcQeLpZclEOgIIgQO/+W0MkrZr+7wH5GzoZTwlN3g2/
m3KzdhuRG2e3yqYFu9zbrIjZxd6NjVdalSbr0JISmsM1GFdAOVQvygwdIlyqjHBU
kmsg69OsV9TfWQpqyNufSqZ0FE0WFR+Wv+iuAhNLrqjgDZJVNPUM6c3lg7/33/gU
aRxWhLHhF+sfJg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:38:40 2025 by rpki-client