Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: xjTdki3buTei7J4TAkbDDEI94woEQ0mTgLWwbX53Bjk=
Subject key identifier: D6:16:CD:5B:69:45:13:99:91:2E:F0:91:E5:61:08:C0:3B:B0:2F:39
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 019A4DAAA4E74516CA50AFE342E7B808A6AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 167B
Signing time: Tue 04 Nov 2025 07:00:20 +0000
Manifest this update: Tue 04 Nov 2025 07:00:20 +0000
Manifest next update: Wed 05 Nov 2025 07:00:20 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: akryjMcNlIyprwukNfxe1qSFJFluKOqChUc6Fawotw0=)
2: 42kA1PGA8no_1otOl8ofpG12v3U.roa (hash: xUXq/2K3klfSiQDOaLNutcuHJyhv84PrwrhgM3PQUAM=)
3: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (hash: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:a4:e7:45:16:ca:50:af:e3:42:e7:b8:08:a6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Nov 4 07:00:20 2025 GMT
Not After : Nov 5 07:00:20 2025 GMT
Subject: CN=d616cd5b69451399912ef091e56108c03bb02f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:12:73:51:68:b4:c7:79:58:a1:b9:97:ed:
61:c4:bd:10:ee:3f:3a:dc:96:3c:60:2d:2a:72:18:
df:8d:86:2b:cb:33:61:89:4e:8e:db:81:e5:dd:84:
2f:48:fc:4d:5e:fb:51:e5:7b:6d:44:9d:bc:21:16:
83:89:27:7c:4e:e5:36:e3:75:21:de:38:a7:94:a4:
0f:ee:be:ba:17:9d:51:7f:95:9f:f6:92:80:23:56:
6c:98:8d:ad:1f:8b:93:97:1d:17:4d:cb:7d:9c:3a:
22:e8:cc:0c:90:25:47:03:2f:67:28:78:26:a6:f3:
7a:6c:24:28:67:d0:7a:cd:9a:6f:cf:f0:1a:4b:7a:
ce:b1:e3:0f:65:bc:eb:4d:f0:65:10:df:29:ce:4c:
8d:8d:7c:23:9b:66:16:18:b2:d5:35:32:fc:c9:af:
dc:61:82:67:90:db:c7:98:01:d6:48:7c:58:8e:31:
27:dc:f2:fb:9b:92:b1:77:56:a6:70:88:c5:0d:d8:
23:27:e1:94:13:d6:34:66:5e:64:62:ce:22:f8:7d:
99:1d:d2:75:48:ec:8c:51:e6:e2:cb:2a:1f:b1:33:
1c:47:d5:82:03:e3:32:74:f6:c6:36:55:b5:50:a2:
26:cd:51:2c:df:e1:cc:bb:da:60:eb:f7:7d:a5:45:
ba:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:16:CD:5B:69:45:13:99:91:2E:F0:91:E5:61:08:C0:3B:B0:2F:39
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:e3:2e:17:51:ed:44:09:a9:dd:d7:4a:59:b6:58:5a:3b:3b:
1c:ab:75:68:61:f9:d1:39:f8:de:ed:4c:1f:7e:a2:34:ae:78:
85:f8:0f:29:6a:f0:12:c7:eb:11:8a:05:91:10:d0:6d:8d:78:
ef:38:76:f8:c7:e9:ee:d6:b4:56:aa:ea:c6:ce:d0:11:d7:81:
53:7b:43:22:3c:f3:ed:4a:87:e9:32:87:9e:ae:4a:ea:39:a9:
ba:88:45:df:0f:1d:c3:cd:e6:2d:50:1c:e8:ae:ed:d9:9e:07:
84:d2:9d:57:d3:01:f7:21:4f:cf:72:28:69:9e:f1:d4:89:93:
e2:32:f5:14:4a:33:7a:d3:20:0b:f0:16:69:95:4f:b6:c3:45:
2c:76:67:71:91:d3:39:41:bb:d8:9f:54:11:89:3e:3a:90:32:
b0:29:a3:2a:72:69:7d:db:b5:d2:f8:25:c8:6f:a0:c4:32:8f:
b8:50:0b:01:b2:36:80:89:f7:93:73:67:6f:6f:c9:c9:85:55:
20:ec:ad:0b:67:da:33:63:dc:30:0e:ac:43:bf:c7:9e:65:70:
7d:c7:61:84:80:14:05:5f:16:7f:6a:cf:87:6f:d0:72:17:3f:
3c:80:1c:10:8a:e4:c7:fc:a2:65:2b:0b:9e:e1:fd:1d:6f:37:
85:17:24:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqqTnRRbKUK/jQue4CKatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUxMTA0MDcwMDIwWhcNMjUxMTA1MDcwMDIwWjAzMTEwLwYDVQQD
EyhkNjE2Y2Q1YjY5NDUxMzk5OTEyZWYwOTFlNTYxMDhjMDNiYjAyZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4wSc1FotMd5WKG5l+1hxL0Q7j86
3JY8YC0qchjfjYYryzNhiU6O24Hl3YQvSPxNXvtR5XttRJ28IRaDiSd8TuU243Uh
3jinlKQP7r66F51Rf5Wf9pKAI1ZsmI2tH4uTlx0XTct9nDoi6MwMkCVHAy9nKHgm
pvN6bCQoZ9B6zZpvz/AaS3rOseMPZbzrTfBlEN8pzkyNjXwjm2YWGLLVNTL8ya/c
YYJnkNvHmAHWSHxYjjEn3PL7m5Kxd1amcIjFDdgjJ+GUE9Y0Zl5kYs4i+H2ZHdJ1
SOyMUebiyyofsTMcR9WCA+MydPbGNlW1UKImzVEs3+HMu9pg6/d9pUW67QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYWzVtpRROZkS7wkeVhCMA7sC85MB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuMuF1Ht
RAmp3ddKWbZYWjs7HKt1aGH50Tn43u1MH36iNK54hfgPKWrwEsfrEYoFkRDQbY14
7zh2+Mfp7ta0Vqrqxs7QEdeBU3tDIjzz7UqH6TKHnq5K6jmpuohF3w8dw83mLVAc
6K7t2Z4HhNKdV9MB9yFPz3IoaZ7x1ImT4jL1FEozetMgC/AWaZVPtsNFLHZncZHT
OUG72J9UEYk+OpAysCmjKnJpfdu10vglyG+gxDKPuFALAbI2gIn3k3Nnb2/JyYVV
IOytC2faM2PcMA6sQ7/HnmVwfcdhhIAUBV8Wf2rPh2/Qchc/PIAcEIrkx/yiZSsL
nuH9HW83hRckOg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:47 2025 by rpki-client