Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: XxMrKaxjmjvdeFrW0iWopN2TzhqGc+MOinxaHVPKpwE=
Subject key identifier: BC:11:98:0F:77:B7:B1:24:E0:01:E1:4E:FA:26:BF:07:62:21:2D:A6
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 0198A0F229895775D6F6D3923B2214221390
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 159D
Signing time: Wed 13 Aug 2025 01:01:21 +0000
Manifest this update: Wed 13 Aug 2025 01:01:21 +0000
Manifest next update: Thu 14 Aug 2025 01:01:21 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: +QVdF8D5j4CIZ1jDVDpokQMEp0emmfP50tFIl2qbX3k=)
2: 42kA1PGA8no_1otOl8ofpG12v3U.roa (hash: xUXq/2K3klfSiQDOaLNutcuHJyhv84PrwrhgM3PQUAM=)
3: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (hash: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 22:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a0:f2:29:89:57:75:d6:f6:d3:92:3b:22:14:22:13:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Aug 13 01:01:21 2025 GMT
Not After : Aug 14 01:01:21 2025 GMT
Subject: CN=bc11980f77b7b124e001e14efa26bf0762212da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:62:be:d0:f2:97:bc:83:b1:47:cc:0a:30:
86:82:01:c2:77:e1:4d:15:c7:92:d2:3c:d4:da:65:
73:1a:d8:ba:04:4d:8c:60:5f:f6:5a:ef:50:97:23:
75:fc:fd:e3:e5:fa:12:1a:3c:5e:f8:f5:af:4a:d9:
05:c2:9c:1b:e8:8e:72:91:44:bf:04:74:8d:ac:a7:
6d:eb:07:e2:2d:f6:9e:65:9e:0c:ac:bb:96:55:05:
2e:53:66:a8:ba:08:8e:18:64:99:14:be:c7:f0:1b:
07:a4:34:f8:aa:65:6b:c6:b9:d8:77:a1:5f:bf:23:
0d:a2:b7:c8:2f:5c:f1:4f:e2:ec:6a:b7:a9:a1:31:
1e:06:57:e3:34:b3:c1:c3:c9:ea:18:89:28:f8:b1:
56:ca:26:0a:b1:14:be:e8:05:a5:1f:51:42:32:6a:
0c:d0:3c:f8:40:23:7e:15:f1:5b:7d:d7:c5:ce:95:
51:1d:12:9f:ae:9b:ac:b8:f6:1a:20:8f:0f:d6:56:
f4:63:02:2c:5e:6d:0d:4b:10:04:09:14:72:04:8a:
00:b9:4c:f7:d1:5e:d8:f0:2b:62:54:83:fd:f7:f4:
ed:22:6b:63:7d:98:9b:c7:db:5e:45:73:3a:32:73:
7f:77:f0:f3:92:f5:a5:2b:c8:62:fd:b9:63:3a:a9:
50:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:11:98:0F:77:B7:B1:24:E0:01:E1:4E:FA:26:BF:07:62:21:2D:A6
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:1d:f0:a6:ab:40:98:d5:e9:48:06:9b:d4:9c:f2:5a:bb:e3:
29:1f:7a:ca:d0:dd:3a:41:b9:db:3f:fc:76:92:5f:8b:6e:3d:
32:87:fc:8d:81:a0:d1:80:36:73:63:19:74:ed:7e:a5:f2:32:
ef:8e:7e:e6:36:ba:48:ec:11:58:86:8b:36:63:da:54:02:c2:
a6:42:d5:dc:4f:18:33:72:9f:de:7a:10:1a:da:03:f6:fc:71:
2a:a6:3a:83:e8:a9:3d:4f:f9:57:a7:05:65:45:ff:42:aa:79:
d5:19:11:0c:a1:5c:0f:76:9c:1a:1f:66:87:2f:2f:40:aa:c7:
23:6f:9f:a9:2c:d8:93:5a:d0:21:3c:66:df:01:5b:2a:3b:54:
30:cc:36:3d:5f:cd:10:92:dc:b2:8b:b2:4d:54:fd:6f:25:8a:
d1:1e:19:a2:ba:ec:07:5e:0b:ac:93:78:19:9f:c0:0c:e0:a4:
7e:b1:c1:f7:f8:84:35:de:b6:b4:e7:a8:8b:22:ab:fa:24:cd:
a9:95:de:7d:c4:c7:e2:25:95:b0:ed:a8:96:e7:38:62:fa:58:
58:31:a4:2b:cf:d6:68:1e:1c:96:ca:1b:81:a6:7f:c5:11:55:
d7:16:1a:8f:0a:fd:1c:ff:3d:42:ff:53:47:7b:77:cf:bd:22:
c9:18:ab:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZig8imJV3XW9tOSOyIUIhOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUwODEzMDEwMTIxWhcNMjUwODE0MDEwMTIxWjAzMTEwLwYDVQQD
EyhiYzExOTgwZjc3YjdiMTI0ZTAwMWUxNGVmYTI2YmYwNzYyMjEyZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfpivtDyl7yDsUfMCjCGggHCd+FN
FceS0jzU2mVzGti6BE2MYF/2Wu9QlyN1/P3j5foSGjxe+PWvStkFwpwb6I5ykUS/
BHSNrKdt6wfiLfaeZZ4MrLuWVQUuU2aougiOGGSZFL7H8BsHpDT4qmVrxrnYd6Ff
vyMNorfIL1zxT+LsarepoTEeBlfjNLPBw8nqGIko+LFWyiYKsRS+6AWlH1FCMmoM
0Dz4QCN+FfFbfdfFzpVRHRKfrpusuPYaII8P1lb0YwIsXm0NSxAECRRyBIoAuUz3
0V7Y8CtiVIP99/TtImtjfZibx9teRXM6MnN/d/DzkvWlK8hi/bljOqlQjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwRmA93t7Ek4AHhTvomvwdiIS2mMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYB3wpqtA
mNXpSAab1JzyWrvjKR96ytDdOkG52z/8dpJfi249Mof8jYGg0YA2c2MZdO1+pfIy
745+5ja6SOwRWIaLNmPaVALCpkLV3E8YM3Kf3noQGtoD9vxxKqY6g+ipPU/5V6cF
ZUX/Qqp51RkRDKFcD3acGh9mhy8vQKrHI2+fqSzYk1rQITxm3wFbKjtUMMw2PV/N
EJLcsouyTVT9byWK0R4ZorrsB14LrJN4GZ/ADOCkfrHB9/iENd62tOeoiyKr+iTN
qZXefcTH4iWVsO2oluc4YvpYWDGkK8/WaB4clsobgaZ/xRFV1xYajwr9HP89Qv9T
R3t3z70iyRirCw==
-----END CERTIFICATE-----
Generated at Wed Aug 13 05:52:31 2025 by rpki-client