Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
File: PkJOJFpkMkpocx3SbzDGhbqopng.mft (raw, json)
Hash identifier: hmQzN8q2CYmLqMPTjbrU1+rgJodcRLijotiHaTVcVug=
Subject key identifier: BC:A7:F1:11:B1:2D:73:21:92:7F:1F:C9:94:FA:87:BD:00:15:4F:EB
Authority key identifier: 3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
Certificate issuer: /CN=3e424e245a64324a68731dd26f30c685baa8a678
Certificate serial: 0199FC21C4B701330B79EAE808422A880D85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 11:01:35 +0000
Manifest this update: Sun 19 Oct 2025 11:01:35 +0000
Manifest next update: Mon 20 Oct 2025 11:01:35 +0000
Files and hashes: 1: 9BKbZIRd9-X7DwnbmN0tiFBfwDk.roa (hash: sc6ZIVElHs/p3IrdFGLfeuXuK5hZseBYNoiFQsWbBIY=)
2: PkJOJFpkMkpocx3SbzDGhbqopng.crl (hash: 1gv8AxRpV8YRMM4cKi35RHxUcLgHkmOURls0r6hOAE0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:c4:b7:01:33:0b:79:ea:e8:08:42:2a:88:0d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e424e245a64324a68731dd26f30c685baa8a678
Validity
Not Before: Oct 19 11:01:35 2025 GMT
Not After : Oct 20 11:01:35 2025 GMT
Subject: CN=bca7f111b12d7321927f1fc994fa87bd00154feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:10:3c:27:6b:9d:ee:e9:2a:91:81:c4:97:f6:
b1:8a:de:6c:26:1e:51:69:87:d2:aa:65:56:13:2e:
7e:ec:95:39:31:7b:d2:d2:45:83:e0:3a:62:56:16:
e1:35:7b:27:f6:2f:fc:f8:35:a6:39:1b:5c:20:d4:
67:9b:ff:56:c7:09:97:90:cb:2b:7c:11:0c:bb:6a:
5c:e9:d5:2d:3d:82:fe:b7:ab:86:f0:a0:14:0c:76:
ed:7a:f9:37:19:f8:75:0d:dd:ce:f0:18:97:b7:15:
2f:5d:6c:47:53:98:68:f1:df:19:5a:2e:42:87:96:
50:47:a1:1e:5e:47:89:0d:8f:b8:2e:45:89:fe:b0:
f0:a5:2b:ec:24:83:fd:e9:0f:68:28:13:29:bb:b8:
cf:c2:de:5d:92:6f:5f:d5:6d:ec:4b:a1:55:6a:ad:
c0:af:99:1e:52:a1:7f:91:7b:1b:89:17:b7:21:97:
10:0d:de:f9:f3:ee:8b:8f:2f:47:26:d2:cc:72:3e:
c9:61:da:4c:19:d8:35:be:59:82:c0:f0:82:08:ce:
d5:39:c5:b6:be:c1:84:2e:f7:e7:ff:e8:b5:e0:e6:
89:21:29:ab:d9:80:4e:3d:c2:2d:17:60:00:5c:7a:
6b:42:57:c9:9c:f1:d3:7f:fe:de:b6:15:0a:33:96:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A7:F1:11:B1:2D:73:21:92:7F:1F:C9:94:FA:87:BD:00:15:4F:EB
X509v3 Authority Key Identifier:
keyid:3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:d8:c3:9a:73:c6:c8:0d:9a:a6:2e:8a:06:5b:4b:e0:6e:62:
64:88:c3:cc:ed:67:62:db:f6:79:59:42:e0:91:b0:35:02:c3:
24:a0:2a:24:8b:54:09:60:66:91:af:d9:ea:47:7b:45:d4:d6:
26:35:67:5d:e6:cf:2a:83:54:bc:b0:18:fb:a1:a2:fe:16:0a:
ea:19:8c:4d:bb:be:34:18:61:83:34:9b:6b:85:3e:db:2b:7e:
e4:f8:35:b4:91:2a:e3:51:d7:24:1b:30:c4:ba:d0:17:53:29:
af:ba:c0:20:9b:63:bb:3d:68:9a:22:8c:05:ad:f6:9e:b1:c8:
d9:23:c3:55:51:77:89:66:ca:0a:bc:c5:a9:49:93:5d:10:c9:
f2:63:dd:5a:eb:d4:1e:df:59:be:e5:e7:76:ee:35:6f:a0:2e:
43:d6:cc:bf:ab:6e:59:57:5a:ef:9b:66:40:ef:9f:d0:0e:b5:
ea:f0:bf:58:3d:ee:80:41:c9:7f:b4:4a:42:82:b3:2c:2f:19:
d8:4c:8e:8d:77:e4:f4:50:8b:60:31:d0:28:75:88:66:01:f6:
21:08:c3:0d:77:28:c2:b7:d3:44:53:01:e7:bd:d3:4c:34:8d:
e1:5c:1f:84:95:c3:41:52:5f:31:93:4a:16:d0:aa:4d:88:73:
95:ca:2d:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IcS3ATMLeeroCEIqiA2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDI0ZTI0NWE2NDMyNGE2ODczMWRkMjZmMzBjNjg1YmFh
OGE2NzgwHhcNMjUxMDE5MTEwMTM1WhcNMjUxMDIwMTEwMTM1WjAzMTEwLwYDVQQD
EyhiY2E3ZjExMWIxMmQ3MzIxOTI3ZjFmYzk5NGZhODdiZDAwMTU0ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRA8J2ud7ukqkYHEl/axit5sJh5R
aYfSqmVWEy5+7JU5MXvS0kWD4DpiVhbhNXsn9i/8+DWmORtcINRnm/9WxwmXkMsr
fBEMu2pc6dUtPYL+t6uG8KAUDHbtevk3Gfh1Dd3O8BiXtxUvXWxHU5ho8d8ZWi5C
h5ZQR6EeXkeJDY+4LkWJ/rDwpSvsJIP96Q9oKBMpu7jPwt5dkm9f1W3sS6FVaq3A
r5keUqF/kXsbiRe3IZcQDd758+6Ljy9HJtLMcj7JYdpMGdg1vlmCwPCCCM7VOcW2
vsGELvfn/+i14OaJISmr2YBOPcItF2AAXHprQlfJnPHTf/7ethUKM5bV6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyn8RGxLXMhkn8fyZT6h70AFU/rMB8GA1UdIwQY
MBaAFD5CTiRaZDJKaHMd0m8wxoW6qKZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQt
NTRkYTA0NjhmZGFkLzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQtNTRkYTA0NjhmZGFk
LzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhNjDmnPG
yA2api6KBltL4G5iZIjDzO1nYtv2eVlC4JGwNQLDJKAqJItUCWBmka/Z6kd7RdTW
JjVnXebPKoNUvLAY+6Gi/hYK6hmMTbu+NBhhgzSba4U+2yt+5Pg1tJEq41HXJBsw
xLrQF1Mpr7rAIJtjuz1omiKMBa32nrHI2SPDVVF3iWbKCrzFqUmTXRDJ8mPdWuvU
Ht9ZvuXndu41b6AuQ9bMv6tuWVda75tmQO+f0A616vC/WD3ugEHJf7RKQoKzLC8Z
2EyOjXfk9FCLYDHQKHWIZgH2IQjDDXcowrfTRFMB573TTDSN4VwfhJXDQVJfMZNK
FtCqTYhzlcot3w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:33:11 2025 by rpki-client