Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft
File: P5YkCZj85BJMPLTfusuw7RYYQFo.mft (raw, json)
Hash identifier: BcPlWoC6nidc/uFylVbCTF9GewJ2GeLOZZw2WtnF9rI=
Subject key identifier: 3A:48:66:BC:7A:55:FB:71:76:C1:F0:AF:F3:B1:CA:3C:08:90:12:4E
Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Certificate serial: 0199FF225F081D6F66E9F944283BAE6D9D8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft
Manifest number: 16E6
Signing time: Mon 20 Oct 2025 01:01:06 +0000
Manifest this update: Mon 20 Oct 2025 01:01:06 +0000
Manifest next update: Tue 21 Oct 2025 01:01:06 +0000
Files and hashes: 1: P5YkCZj85BJMPLTfusuw7RYYQFo.crl (hash: qQyWP0BiDlECLUPQH5BW058eKzVoMdnSSQVTDNm71Yk=)
2: UXaxt-b39pINfZ1Y1ojLfS7SwMw.roa (hash: IC6xINcQpVjUgVum+7114aRM3S8XEivwvk3gYzMafvQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:5f:08:1d:6f:66:e9:f9:44:28:3b:ae:6d:9d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Validity
Not Before: Oct 20 01:01:06 2025 GMT
Not After : Oct 21 01:01:06 2025 GMT
Subject: CN=3a4866bc7a55fb7176c1f0aff3b1ca3c0890124e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:40:82:d0:0e:51:2d:c2:f0:45:28:e2:ca:18:
4e:75:0b:47:1d:58:15:ba:df:c7:84:ac:de:76:ca:
31:f9:ff:04:a8:56:e7:4f:87:5d:64:80:0d:ff:8a:
ab:60:c8:3c:97:83:cc:00:14:2e:49:7d:fa:78:71:
26:a8:a5:83:89:ec:9c:65:51:8f:66:94:4e:64:24:
55:aa:82:ad:bb:8b:7f:8a:74:e5:bc:68:95:65:01:
a6:96:c2:a2:9d:ef:46:ed:42:7e:7d:38:6f:c3:59:
18:cf:29:4a:9e:8f:35:79:01:ed:47:4c:a5:c7:8c:
9d:cb:0f:d0:e2:a0:9a:3a:2a:13:ff:dc:4b:82:c0:
91:75:63:d9:9b:92:09:58:57:8f:7e:60:f1:2a:74:
64:06:78:95:ff:ab:f6:96:e7:e1:61:13:49:cc:67:
3c:88:10:76:01:5a:9f:c7:4b:57:f4:ca:c4:21:89:
cd:df:e7:5f:d4:fe:e8:fe:2d:07:c6:86:0b:c8:56:
42:12:19:4e:bc:ae:c0:35:6a:5e:7f:f1:02:16:a8:
3a:b6:ef:40:51:e3:c6:ac:6f:71:2a:8e:1b:f0:74:
3f:55:33:47:20:48:d1:48:33:f2:da:ab:8e:13:48:
57:94:35:cd:3e:33:be:04:97:c4:de:52:6f:b3:56:
fb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:48:66:BC:7A:55:FB:71:76:C1:F0:AF:F3:B1:CA:3C:08:90:12:4E
X509v3 Authority Key Identifier:
keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:09:f6:95:fe:b2:2d:25:60:d2:97:c5:59:34:37:e2:37:2b:
e3:3c:23:76:af:09:96:e3:37:cd:9e:b5:6a:d4:16:be:7a:f5:
25:75:50:db:71:6b:7d:99:c4:02:c3:5b:47:2e:ee:ca:bd:70:
05:9b:fa:5c:2a:70:5f:48:46:f6:a8:d9:97:4e:80:7f:2a:28:
18:e0:ce:c0:f8:60:cf:fa:8e:1d:10:93:97:d0:df:16:9c:69:
a8:55:0d:6e:c6:4d:a4:4e:d7:3f:12:40:e2:69:7f:2d:27:50:
45:55:fe:00:1a:4e:bd:64:60:e6:ef:66:1e:66:c0:c0:4b:7f:
69:80:47:74:bd:0d:70:b0:28:d8:fb:c6:55:60:75:94:09:7c:
58:91:20:15:87:14:1f:17:06:f6:a5:ba:91:c2:70:5d:d6:fb:
5f:c9:48:03:7f:51:21:13:2c:06:18:4c:79:1a:16:fc:91:98:
14:97:aa:c6:5d:dc:64:40:41:1e:92:3a:c5:df:4c:32:21:20:
d4:2f:3f:a7:af:8b:21:46:ba:84:e0:05:89:ad:46:dc:6c:0b:
f0:c0:f8:69:1c:1a:b6:7b:9c:60:c5:0d:e0:6d:76:95:6f:1d:
c1:05:a8:8c:4c:20:c2:34:d4:c6:25:78:01:78:2c:70:96:fe:
6a:d0:fe:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Il8IHW9m6flEKDuubZ2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTYyNDA5OThmY2U0MTI0YzNjYjRkZmJhY2JiMGVkMTYx
ODQwNWEwHhcNMjUxMDIwMDEwMTA2WhcNMjUxMDIxMDEwMTA2WjAzMTEwLwYDVQQD
EygzYTQ4NjZiYzdhNTVmYjcxNzZjMWYwYWZmM2IxY2EzYzA4OTAxMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ECC0A5RLcLwRSjiyhhOdQtHHVgV
ut/HhKzedsox+f8EqFbnT4ddZIAN/4qrYMg8l4PMABQuSX36eHEmqKWDieycZVGP
ZpROZCRVqoKtu4t/inTlvGiVZQGmlsKine9G7UJ+fThvw1kYzylKno81eQHtR0yl
x4ydyw/Q4qCaOioT/9xLgsCRdWPZm5IJWFePfmDxKnRkBniV/6v2lufhYRNJzGc8
iBB2AVqfx0tX9MrEIYnN3+df1P7o/i0HxoYLyFZCEhlOvK7ANWpef/ECFqg6tu9A
UePGrG9xKo4b8HQ/VTNHIEjRSDPy2quOE0hXlDXNPjO+BJfE3lJvs1b7IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpIZrx6VftxdsHwr/OxyjwIkBJOMB8GA1UdIwQY
MBaAFD+WJAmY/OQSTDy037rLsO0WGEBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQt
Yzc0MWMyN2I0ZTIyLzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQtYzc0MWMyN2I0ZTIy
LzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKQn2lf6y
LSVg0pfFWTQ34jcr4zwjdq8JluM3zZ61atQWvnr1JXVQ23FrfZnEAsNbRy7uyr1w
BZv6XCpwX0hG9qjZl06AfyooGODOwPhgz/qOHRCTl9DfFpxpqFUNbsZNpE7XPxJA
4ml/LSdQRVX+ABpOvWRg5u9mHmbAwEt/aYBHdL0NcLAo2PvGVWB1lAl8WJEgFYcU
HxcG9qW6kcJwXdb7X8lIA39RIRMsBhhMeRoW/JGYFJeqxl3cZEBBHpI6xd9MMiEg
1C8/p6+LIUa6hOAFia1G3GwL8MD4aRwatnucYMUN4G12lW8dwQWojEwgwjTUxiV4
AXgscJb+atD+fw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:12:03 2025 by rpki-client