Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
File: I3_mTWhI-AEgq-aV4x-sScpdB_M.mft (raw, json)
Hash identifier: /pFY/9p6/TAEGzD1JqY6tYZ4sXkQqS+0bqvt67B2otI=
Subject key identifier: 60:ED:CA:2F:21:E1:D0:19:60:26:32:A0:2B:79:37:1B:31:12:73:10
Authority key identifier: 23:7F:E6:4D:68:48:F8:01:20:AB:E6:95:E3:1F:AC:49:CA:5D:07:F3
Certificate issuer: /CN=237fe64d6848f80120abe695e31fac49ca5d07f3
Certificate serial: 019A4F620A47781A42422F053B8F5E820927
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3_mTWhI-AEgq-aV4x-sScpdB_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
Manifest number: 040C
Signing time: Tue 04 Nov 2025 15:00:16 +0000
Manifest this update: Tue 04 Nov 2025 15:00:16 +0000
Manifest next update: Wed 05 Nov 2025 15:00:16 +0000
Files and hashes: 1: FR-DdZ6l_dWRg1pnEEZHKy-TtaU.roa (hash: rix3FP+IdraYXi5amLMY1G7LW1GF5A8pUKN7Wo60tBo=)
2: I3_mTWhI-AEgq-aV4x-sScpdB_M.crl (hash: 8lzBgCloOL5UkRLvMnmjvNQgCZ2tuLcaIHbqiGVpN+M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/I3_mTWhI-AEgq-aV4x-sScpdB_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:0a:47:78:1a:42:42:2f:05:3b:8f:5e:82:09:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237fe64d6848f80120abe695e31fac49ca5d07f3
Validity
Not Before: Nov 4 15:00:16 2025 GMT
Not After : Nov 5 15:00:16 2025 GMT
Subject: CN=60edca2f21e1d019602632a02b79371b31127310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ef:0b:7f:ae:a7:de:2e:29:9b:08:c5:dc:48:
4b:68:25:df:ce:46:f4:37:20:2a:1f:12:23:f5:2e:
30:a4:39:ee:6f:ac:19:02:29:64:32:27:9a:e6:a8:
79:79:44:64:3f:03:5b:22:b8:ac:8c:2b:b8:a9:67:
12:2c:2d:0b:da:c6:4b:e8:d2:2e:bb:c2:d2:5c:0c:
be:f9:b9:38:45:62:eb:79:b1:87:75:32:c6:4c:f2:
09:ec:10:58:b1:57:2f:7e:6d:5f:cf:34:a0:1b:34:
3f:26:7a:b1:35:5f:56:93:79:72:b7:26:05:48:f5:
b5:a7:03:49:35:b8:91:af:4d:4d:97:57:13:d5:a8:
92:95:65:c3:1f:a9:98:50:90:06:08:f6:b1:f9:2a:
87:43:cd:12:60:05:b0:c1:25:b3:b2:f5:51:63:71:
3b:d2:4c:28:79:1b:31:ad:43:ef:91:a1:7a:7d:66:
88:46:3f:c3:b5:23:90:d5:77:28:ff:05:56:c2:d9:
20:6f:ba:df:aa:dd:bc:4c:27:2a:09:63:94:17:bb:
de:0c:42:f8:70:f4:18:ef:1c:da:ae:14:d2:58:6b:
92:63:d7:c5:f3:7d:9e:3e:e6:2c:e2:a4:f9:b8:8f:
47:ac:83:0e:b9:fb:e1:28:5e:fa:c7:b7:18:5b:24:
c1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:ED:CA:2F:21:E1:D0:19:60:26:32:A0:2B:79:37:1B:31:12:73:10
X509v3 Authority Key Identifier:
keyid:23:7F:E6:4D:68:48:F8:01:20:AB:E6:95:E3:1F:AC:49:CA:5D:07:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3_mTWhI-AEgq-aV4x-sScpdB_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/70c39f-5131-4002-b1fc-fd213722bff9/1/I3_mTWhI-AEgq-aV4x-sScpdB_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:e0:98:53:6c:98:22:09:74:f4:61:5f:03:7d:57:3f:50:e1:
b0:33:b0:0e:e1:36:8d:2b:65:2e:3c:aa:55:30:4d:cb:21:6e:
0b:80:d9:ec:12:33:ad:07:63:f9:68:81:9d:52:43:33:31:91:
a7:e1:b4:fc:60:38:b8:bb:6b:0d:2a:ff:6f:05:d4:60:32:8d:
bb:6e:a3:b7:6e:c6:3d:20:2a:b0:45:c7:a2:38:8e:fb:f3:ef:
d4:10:db:97:ce:71:c6:36:6d:59:de:d0:8b:57:5b:81:1b:54:
9f:1b:20:3e:67:36:1e:ef:95:4b:95:f8:31:9a:d6:11:11:06:
16:a8:19:e6:50:0f:3b:13:45:be:1a:e4:05:60:55:ba:67:a5:
ae:3d:97:2d:c0:b9:d8:55:95:c2:8c:aa:3b:f9:e5:f2:ba:b2:
d7:d6:6f:d5:b5:80:20:44:78:96:78:df:c9:f9:56:30:01:d0:
b8:ef:61:0d:f6:9b:0d:fc:f8:40:3b:95:35:de:76:e7:52:4e:
57:60:0d:f5:82:86:21:26:24:9f:ed:6a:f2:08:b5:0f:6d:35:
50:53:9b:b1:88:93:36:d5:84:f7:5e:c5:28:9c:b0:42:40:77:
c8:3c:08:ae:13:02:7b:70:7a:9b:0b:ea:bf:75:a3:2d:16:fd:
83:26:5d:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYgpHeBpCQi8FO49eggknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2ZlNjRkNjg0OGY4MDEyMGFiZTY5NWUzMWZhYzQ5Y2E1
ZDA3ZjMwHhcNMjUxMTA0MTUwMDE2WhcNMjUxMTA1MTUwMDE2WjAzMTEwLwYDVQQD
Eyg2MGVkY2EyZjIxZTFkMDE5NjAyNjMyYTAyYjc5MzcxYjMxMTI3MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO8Lf66n3i4pmwjF3EhLaCXfzkb0
NyAqHxIj9S4wpDnub6wZAilkMiea5qh5eURkPwNbIrisjCu4qWcSLC0L2sZL6NIu
u8LSXAy++bk4RWLrebGHdTLGTPIJ7BBYsVcvfm1fzzSgGzQ/JnqxNV9Wk3lytyYF
SPW1pwNJNbiRr01Nl1cT1aiSlWXDH6mYUJAGCPax+SqHQ80SYAWwwSWzsvVRY3E7
0kwoeRsxrUPvkaF6fWaIRj/DtSOQ1Xco/wVWwtkgb7rfqt28TCcqCWOUF7veDEL4
cPQY7xzarhTSWGuSY9fF832ePuYs4qT5uI9HrIMOufvhKF76x7cYWyTB3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDtyi8h4dAZYCYyoCt5NxsxEnMQMB8GA1UdIwQY
MBaAFCN/5k1oSPgBIKvmleMfrEnKXQfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNfbVRXaEktQUVncS1hVjR4LXNTY3BkQl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83MGMzOWYtNTEzMS00MDAyLWIxZmMt
ZmQyMTM3MjJiZmY5LzEvSTNfbVRXaEktQUVncS1hVjR4LXNTY3BkQl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83MGMzOWYtNTEzMS00MDAyLWIxZmMtZmQyMTM3MjJiZmY5
LzEvSTNfbVRXaEktQUVncS1hVjR4LXNTY3BkQl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqOCYU2yY
Igl09GFfA31XP1DhsDOwDuE2jStlLjyqVTBNyyFuC4DZ7BIzrQdj+WiBnVJDMzGR
p+G0/GA4uLtrDSr/bwXUYDKNu26jt27GPSAqsEXHojiO+/Pv1BDbl85xxjZtWd7Q
i1dbgRtUnxsgPmc2Hu+VS5X4MZrWEREGFqgZ5lAPOxNFvhrkBWBVumelrj2XLcC5
2FWVwoyqO/nl8rqy19Zv1bWAIER4lnjfyflWMAHQuO9hDfabDfz4QDuVNd5251JO
V2AN9YKGISYkn+1q8gi1D201UFObsYiTNtWE917FKJywQkB3yDwIrhMCe3B6mwvq
v3WjLRb9gyZd6Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:58:36 2025 by rpki-client