Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File: pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier: krvIHyAFq5VWsvLsY8BBRdI/WUyzSa2z0hiVuKSf//k=
Subject key identifier: A3:AF:B8:A6:10:57:66:12:19:52:58:1A:13:FD:B8:DC:4F:F9:56:C9
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer: /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial: 0199FE7DD45EDC109CEC2045FDBB2BF86A68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number: 03B0
Signing time: Sun 19 Oct 2025 22:01:23 +0000
Manifest this update: Sun 19 Oct 2025 22:01:23 +0000
Manifest next update: Mon 20 Oct 2025 22:01:23 +0000
Files and hashes: 1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: 2uAgSbVLhO1pxMju3/wU2PzYUa3F34FGZgJshlii3lw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:7d:d4:5e:dc:10:9c:ec:20:45:fd:bb:2b:f8:6a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Validity
Not Before: Oct 19 22:01:23 2025 GMT
Not After : Oct 20 22:01:23 2025 GMT
Subject: CN=a3afb8a6105766121952581a13fdb8dc4ff956c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6d:66:0b:de:a7:34:2d:5e:08:66:32:25:e7:
50:7a:1e:eb:3a:71:d9:d4:74:a7:e4:4d:da:7b:a5:
29:10:f2:21:f2:a4:52:dc:81:e1:e3:c7:f9:1e:77:
5d:f3:d9:a2:47:d6:d0:02:cc:f5:6e:dd:0e:74:5f:
51:f4:e7:00:7a:46:20:e8:d2:19:05:bd:2b:a3:aa:
67:36:a5:63:60:9b:bf:32:cb:9f:b1:cd:d0:38:dd:
1d:b4:c4:65:e9:cc:00:78:14:32:af:a6:e9:77:ef:
aa:60:6d:6b:b8:65:34:ba:c0:46:78:2f:d4:a9:c4:
08:0d:9d:75:66:fa:3e:04:27:e5:79:18:ec:ec:8f:
8a:7b:6e:65:01:9e:8a:3e:19:1a:ef:f8:4a:cc:c7:
d3:d5:37:d2:5b:64:9e:8a:ee:74:16:58:53:af:37:
86:19:22:05:cf:39:1c:d0:3f:03:0e:8e:5f:35:e2:
89:ce:8a:07:8c:ff:9d:db:65:d6:e6:f9:9c:ca:b3:
9c:c9:cd:3e:0e:4e:88:d4:08:5f:7c:d5:72:c8:90:
c0:c2:fd:41:86:b4:fa:50:90:5b:e5:e2:17:b7:02:
4d:55:e2:0a:12:e0:42:68:27:b2:51:4a:0a:b0:86:
df:75:7b:64:f9:c9:3e:7e:4e:e4:57:72:bd:45:51:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AF:B8:A6:10:57:66:12:19:52:58:1A:13:FD:B8:DC:4F:F9:56:C9
X509v3 Authority Key Identifier:
keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:ed:0b:78:a5:8c:b7:56:fd:12:86:c8:3d:38:ff:b9:5c:bf:
f3:f5:41:7f:4f:99:5d:8c:ea:91:14:bd:a4:c5:3b:dd:a2:78:
90:34:54:7f:e7:0f:47:b9:58:33:f3:0b:35:42:02:e2:f7:32:
a9:36:58:8b:d5:e1:3a:65:49:f9:cc:d7:2e:ca:22:a0:4a:27:
eb:53:52:10:40:03:76:92:4a:c4:4f:7e:50:0b:05:70:60:c2:
d4:69:39:d4:24:48:c1:ca:08:3f:7b:60:d1:ec:95:47:8d:51:
a3:d8:6a:a1:e4:a6:df:cc:dc:c7:42:44:85:ed:1b:9a:c9:34:
eb:85:08:ae:34:a1:6f:09:65:de:66:13:b2:7e:b4:6a:0c:46:
b6:95:4a:ea:39:75:96:6f:72:34:7d:b4:64:ee:17:dc:8c:f0:
bd:70:e3:f6:6c:58:d3:2c:b6:23:ba:63:e4:a0:60:96:9d:18:
5a:ca:5c:4b:b0:60:22:29:c9:11:f2:21:4f:30:87:14:db:21:
a8:a7:03:25:26:ba:3b:fc:76:11:4c:d1:fe:a8:b2:d2:c6:7e:
50:81:68:94:d1:c8:1e:ea:53:b2:b3:af:bb:57:f8:ea:24:f6:
19:0a:d7:b7:1f:28:2e:ed:20:a2:26:78:aa:4a:6e:f7:2e:7b:
0c:dd:49:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fdRe3BCc7CBF/bsr+GpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjUxMDE5MjIwMTIzWhcNMjUxMDIwMjIwMTIzWjAzMTEwLwYDVQQD
EyhhM2FmYjhhNjEwNTc2NjEyMTk1MjU4MWExM2ZkYjhkYzRmZjk1NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw21mC96nNC1eCGYyJedQeh7rOnHZ
1HSn5E3ae6UpEPIh8qRS3IHh48f5Hndd89miR9bQAsz1bt0OdF9R9OcAekYg6NIZ
Bb0ro6pnNqVjYJu/Msufsc3QON0dtMRl6cwAeBQyr6bpd++qYG1ruGU0usBGeC/U
qcQIDZ11Zvo+BCfleRjs7I+Ke25lAZ6KPhka7/hKzMfT1TfSW2Seiu50FlhTrzeG
GSIFzzkc0D8DDo5fNeKJzooHjP+d22XW5vmcyrOcyc0+Dk6I1AhffNVyyJDAwv1B
hrT6UJBb5eIXtwJNVeIKEuBCaCeyUUoKsIbfdXtk+ck+fk7kV3K9RVHLlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOvuKYQV2YSGVJYGhP9uNxP+VbJMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGO0LeKWM
t1b9EobIPTj/uVy/8/VBf0+ZXYzqkRS9pMU73aJ4kDRUf+cPR7lYM/MLNUIC4vcy
qTZYi9XhOmVJ+czXLsoioEon61NSEEADdpJKxE9+UAsFcGDC1Gk51CRIwcoIP3tg
0eyVR41Ro9hqoeSm38zcx0JEhe0bmsk064UIrjShbwll3mYTsn60agxGtpVK6jl1
lm9yNH20ZO4X3IzwvXDj9mxY0yy2I7pj5KBglp0YWspcS7BgIinJEfIhTzCHFNsh
qKcDJSa6O/x2EUzR/qiy0sZ+UIFolNHIHupTsrOvu1f46iT2GQrXtx8oLu0goiZ4
qkpu9y57DN1Jjg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:06:30 2025 by rpki-client