Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
File: 3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft (raw, json)
Hash identifier: FkxXHSZoqTxX/QbyEuZrbtpP7KyDPmDOVPkBEu0ITOQ=
Subject key identifier: C5:AA:2A:5B:9A:A7:8B:87:E9:BD:0E:B4:94:20:B5:39:78:FB:71:E6
Authority key identifier: DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
Certificate issuer: /CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Certificate serial: 019A500778DD45B77400446B9C7C03E67010
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 18:00:58 +0000
Manifest this update: Tue 04 Nov 2025 18:00:58 +0000
Manifest next update: Wed 05 Nov 2025 18:00:58 +0000
Files and hashes: 1: 3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl (hash: +Q7Q1rDs77TEFBBGz5zfqgLDW4NONJqpWQfMsrzitRM=)
2: fl1IqJ22OZD_5WNed1aOqRFU-dQ.roa (hash: Kuo9lPYONUc1nk6pXtWGALeHz/jfanabaBDCbZ+GeWY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:07:78:dd:45:b7:74:00:44:6b:9c:7c:03:e6:70:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Validity
Not Before: Nov 4 18:00:58 2025 GMT
Not After : Nov 5 18:00:58 2025 GMT
Subject: CN=c5aa2a5b9aa78b87e9bd0eb49420b53978fb71e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a7:b3:97:bd:1b:d4:e0:d4:23:d5:0b:27:59:
da:d1:14:61:32:ad:af:61:16:95:60:59:68:96:44:
d9:2a:41:7c:5f:49:ad:45:40:35:b7:18:5c:aa:fa:
ca:52:90:25:5c:03:74:29:17:9c:8e:a4:a0:6d:ba:
6d:a3:76:7c:ae:c9:96:42:a5:11:4b:d4:9e:18:5e:
67:92:bc:9b:eb:49:80:96:44:57:2a:7b:75:54:54:
da:ce:94:70:2b:7e:6c:53:64:fc:95:a8:b4:35:0f:
c0:7f:01:5a:16:79:69:f4:53:e4:63:b4:2b:73:d2:
f7:cb:0c:68:89:83:96:48:42:78:49:a4:7e:c2:a6:
1a:83:c4:bc:2c:b8:b8:2e:0f:6a:02:81:8a:f9:c1:
d4:be:95:7f:31:74:e7:92:a3:ab:34:08:d1:80:da:
95:21:0d:b5:7d:2e:51:a7:65:a8:26:43:87:ee:cc:
20:0f:aa:c3:d4:bd:45:95:5b:51:24:06:11:dc:ea:
6d:0b:02:f8:7b:46:e5:d0:f8:f6:c5:f0:40:0a:e6:
ae:72:f5:38:4f:d8:89:83:12:5c:6f:85:50:2a:af:
fa:30:45:5c:fa:d7:64:8c:d2:51:42:75:dc:87:a1:
a6:c1:60:bc:bf:ca:d8:18:51:d6:94:5c:c4:58:69:
75:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AA:2A:5B:9A:A7:8B:87:E9:BD:0E:B4:94:20:B5:39:78:FB:71:E6
X509v3 Authority Key Identifier:
keyid:DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:19:5d:7b:60:73:84:43:66:61:f6:2a:9b:85:9c:da:77:b0:
e4:e9:da:1e:3d:95:21:7b:47:42:58:d7:17:c5:a6:f3:2b:78:
2f:7c:a0:ce:20:4a:6f:a1:a0:d3:f6:69:34:e5:e0:86:11:d2:
0b:c8:54:56:39:46:e4:e3:ca:49:2f:02:df:67:10:c2:c7:62:
51:ec:23:3e:36:ec:18:8e:63:0b:89:cb:aa:2f:ed:f2:33:97:
b7:a4:54:51:fd:52:65:65:76:d8:50:70:3d:ac:ab:eb:af:71:
b4:64:51:4e:ee:95:83:33:8e:b9:64:f2:07:17:aa:60:6b:fb:
83:6c:52:b8:d1:9c:9b:a8:bf:86:99:c4:77:86:3d:ea:b9:7f:
d4:1f:ef:8f:9b:84:18:02:24:80:8a:c1:de:75:a4:1f:16:5a:
00:c5:00:1c:a2:36:fb:b9:b6:22:c1:a9:c5:8b:a3:db:17:bd:
ed:71:a5:48:c3:7e:38:30:4d:48:24:5c:61:74:72:b4:7c:d2:
43:22:e3:c0:84:fc:3e:6e:4c:e6:b2:da:d4:b2:46:7e:c6:b0:
07:28:59:4f:17:bf:1b:aa:6e:c5:8b:42:77:a5:e4:22:e1:da:
c9:e9:ee:a8:97:0c:b0:10:d6:e9:f6:b9:d9:e6:5b:02:29:86:
98:96:a4:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQB3jdRbd0AERrnHwD5nAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODA0YzljOGE0MzM5N2QxNjc3OWFhOTM0ZjcwNjczODhm
YzdkN2MwHhcNMjUxMTA0MTgwMDU4WhcNMjUxMTA1MTgwMDU4WjAzMTEwLwYDVQQD
EyhjNWFhMmE1YjlhYTc4Yjg3ZTliZDBlYjQ5NDIwYjUzOTc4ZmI3MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqezl70b1ODUI9ULJ1na0RRhMq2v
YRaVYFlolkTZKkF8X0mtRUA1txhcqvrKUpAlXAN0KRecjqSgbbpto3Z8rsmWQqUR
S9SeGF5nkryb60mAlkRXKnt1VFTazpRwK35sU2T8lai0NQ/AfwFaFnlp9FPkY7Qr
c9L3ywxoiYOWSEJ4SaR+wqYag8S8LLi4Lg9qAoGK+cHUvpV/MXTnkqOrNAjRgNqV
IQ21fS5Rp2WoJkOH7swgD6rD1L1FlVtRJAYR3OptCwL4e0bl0Pj2xfBACuaucvU4
T9iJgxJcb4VQKq/6MEVc+tdkjNJRQnXch6GmwWC8v8rYGFHWlFzEWGl1vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMWqKluap4uH6b0OtJQgtTl4+3HmMB8GA1UdIwQY
MBaAFN6ATJyKQzl9FneaqTT3BnOI/H18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTIt
YWY0ZTUyNDFiZjIwLzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTItYWY0ZTUyNDFiZjIw
LzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyhlde2Bz
hENmYfYqm4Wc2new5OnaHj2VIXtHQljXF8Wm8yt4L3ygziBKb6Gg0/ZpNOXghhHS
C8hUVjlG5OPKSS8C32cQwsdiUewjPjbsGI5jC4nLqi/t8jOXt6RUUf1SZWV22FBw
Payr669xtGRRTu6VgzOOuWTyBxeqYGv7g2xSuNGcm6i/hpnEd4Y96rl/1B/vj5uE
GAIkgIrB3nWkHxZaAMUAHKI2+7m2IsGpxYuj2xe97XGlSMN+ODBNSCRcYXRytHzS
QyLjwIT8Pm5M5rLa1LJGfsawByhZTxe/G6puxYtCd6XkIuHayenuqJcMsBDW6fa5
2eZbAimGmJakiA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:47:57 2025 by rpki-client