Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
File: PnpcKTN0JfqBOVVRcmyMK35MUIc.mft (raw, json)
Hash identifier: Tlf6XuEMH2FI5X/L0zbtQJe+WvxoltFb12TeIp0yEL4=
Subject key identifier: AA:57:73:84:4B:0D:4F:2D:81:F2:91:88:A2:6F:27:F3:12:30:65:22
Authority key identifier: 3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87
Certificate issuer: /CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
Certificate serial: 0199FC58FED01EF1EA27BB1E8ABF6248D0A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
Manifest number: 042A
Signing time: Sun 19 Oct 2025 12:01:54 +0000
Manifest this update: Sun 19 Oct 2025 12:01:54 +0000
Manifest next update: Mon 20 Oct 2025 12:01:54 +0000
Files and hashes: 1: PnpcKTN0JfqBOVVRcmyMK35MUIc.crl (hash: 8C7IW+Fz5L2ifyFETQ+pOV3rGcPPhzX+c5jAkkOPqU8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:fe:d0:1e:f1:ea:27:bb:1e:8a:bf:62:48:d0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
Validity
Not Before: Oct 19 12:01:54 2025 GMT
Not After : Oct 20 12:01:54 2025 GMT
Subject: CN=aa5773844b0d4f2d81f29188a26f27f312306522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:27:3a:8c:f0:4b:58:0f:30:47:c2:fb:5e:54:
38:b2:4d:f4:2b:84:2f:cc:99:0c:3f:65:88:b0:0c:
f4:36:4d:20:44:28:22:23:e6:d1:ff:b8:29:c2:73:
4c:9e:a9:83:97:d0:73:ec:db:8a:54:eb:80:27:e6:
0e:5b:d8:e7:d7:54:05:1f:e8:ec:21:eb:34:11:70:
ed:17:da:22:83:e2:22:20:2e:21:a8:1d:ad:91:61:
20:28:ad:fe:8b:2f:0c:da:ba:34:7e:6a:97:8e:62:
06:4b:7c:0a:8a:26:7e:1f:14:e6:7b:43:c0:70:e0:
4f:76:f8:bd:c0:0a:92:8c:96:3f:36:ed:ee:94:1c:
0e:48:98:1e:f6:97:dd:25:b9:91:13:39:c6:f5:0a:
2a:8b:1c:2e:95:84:a0:87:37:30:45:68:88:7e:b8:
0d:0e:a8:5f:9b:44:8b:d0:33:e1:a5:f0:8a:56:28:
f6:bc:4d:d3:6f:09:da:d8:dc:3e:ec:85:cb:33:8a:
ed:76:6b:c5:97:f3:10:42:cc:73:93:8d:c4:46:ae:
77:b6:16:16:85:3d:c9:72:76:f9:dd:ce:62:b5:8d:
cf:74:80:4a:c3:0b:3c:b0:3a:fb:c2:15:00:44:8b:
8c:a2:dd:13:2f:09:28:a3:7b:2e:a2:aa:f9:f7:c1:
31:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:57:73:84:4B:0D:4F:2D:81:F2:91:88:A2:6F:27:F3:12:30:65:22
X509v3 Authority Key Identifier:
keyid:3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:e5:04:3a:d1:c9:9b:19:34:94:1a:45:c0:eb:1d:ac:60:bd:
65:8c:39:6e:08:c2:c9:5d:ee:33:4e:b2:8a:1a:ea:7a:a5:71:
22:d0:69:14:9b:30:c9:35:7c:e0:e1:f2:a3:1b:d8:a2:1c:a9:
20:9a:82:c4:d8:12:81:3c:5c:3b:2d:30:57:f7:aa:39:c1:5a:
d0:3d:85:1e:a0:20:11:8c:25:ea:a0:bb:d2:e5:fb:47:5b:81:
1f:a5:40:81:ca:1a:32:71:7f:3e:88:66:61:50:a2:33:88:bf:
0b:14:fc:bf:41:d6:79:10:53:63:b8:ca:e6:0a:c0:21:4d:06:
c0:10:f6:31:d4:66:6b:0f:73:59:53:de:fd:d8:2b:71:ec:c8:
e4:b3:de:70:be:10:28:46:06:ea:cf:61:96:50:b2:dc:86:3f:
93:a7:84:4f:5e:4f:23:cf:d9:d6:1b:e8:c5:81:a0:0e:83:61:
0e:d2:9e:63:11:27:42:de:69:b9:ed:77:7c:4b:e7:72:f4:74:
96:00:eb:57:ca:57:d8:ae:54:43:eb:62:f8:5f:2b:de:bf:0a:
ae:1c:f9:53:53:d1:c0:37:0a:a7:84:21:9d:ad:13:63:47:a0:
8e:5e:47:99:2b:7b:50:9e:f6:73:36:27:e2:fa:f6:1e:0e:2c:
86:25:9b:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WP7QHvHqJ7seir9iSNCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2E1YzI5MzM3NDI1ZmE4MTM5NTU1MTcyNmM4YzJiN2U0
YzUwODcwHhcNMjUxMDE5MTIwMTU0WhcNMjUxMDIwMTIwMTU0WjAzMTEwLwYDVQQD
EyhhYTU3NzM4NDRiMGQ0ZjJkODFmMjkxODhhMjZmMjdmMzEyMzA2NTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCc6jPBLWA8wR8L7XlQ4sk30K4Qv
zJkMP2WIsAz0Nk0gRCgiI+bR/7gpwnNMnqmDl9Bz7NuKVOuAJ+YOW9jn11QFH+js
Ies0EXDtF9oig+IiIC4hqB2tkWEgKK3+iy8M2ro0fmqXjmIGS3wKiiZ+HxTme0PA
cOBPdvi9wAqSjJY/Nu3ulBwOSJge9pfdJbmREznG9QoqixwulYSghzcwRWiIfrgN
Dqhfm0SL0DPhpfCKVij2vE3Tbwna2Nw+7IXLM4rtdmvFl/MQQsxzk43ERq53thYW
hT3Jcnb53c5itY3PdIBKwws8sDr7whUARIuMot0TLwkoo3suoqr598ExMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpXc4RLDU8tgfKRiKJvJ/MSMGUiMB8GA1UdIwQY
MBaAFD56XCkzdCX6gTlVUXJsjCt+TFCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQt
Y2FhMzI5MTgxOTY0LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQtY2FhMzI5MTgxOTY0
LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjOUEOtHJ
mxk0lBpFwOsdrGC9ZYw5bgjCyV3uM06yihrqeqVxItBpFJswyTV84OHyoxvYohyp
IJqCxNgSgTxcOy0wV/eqOcFa0D2FHqAgEYwl6qC70uX7R1uBH6VAgcoaMnF/Pohm
YVCiM4i/CxT8v0HWeRBTY7jK5grAIU0GwBD2MdRmaw9zWVPe/dgrcezI5LPecL4Q
KEYG6s9hllCy3IY/k6eET15PI8/Z1hvoxYGgDoNhDtKeYxEnQt5pue13fEvncvR0
lgDrV8pX2K5UQ+ti+F8r3r8Krhz5U1PRwDcKp4Qhna0TY0egjl5HmSt7UJ72czYn
4vr2Hg4shiWb3A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:55:39 2025 by rpki-client