Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
File: 3AXfbkBO-SDmpZKNiWPmpfjWESA.mft (raw, json)
Hash identifier: E3iWRXvEvEJVmLGCdzQVLm7vf8SZIf3HNNw1238s3kw=
Subject key identifier: 0D:35:55:E8:72:D4:95:1E:15:27:22:95:F7:05:8A:EC:D0:82:B3:51
Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Certificate serial: 019A52D2B3F43EA82E9771BCF6E0FE3863DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
Manifest number: 1710
Signing time: Wed 05 Nov 2025 07:02:11 +0000
Manifest this update: Wed 05 Nov 2025 07:02:11 +0000
Manifest next update: Thu 06 Nov 2025 07:02:11 +0000
Files and hashes: 1: 3AXfbkBO-SDmpZKNiWPmpfjWESA.crl (hash: 41hBprZaZgcy6opY4bIjTz4d3SRYo17RQKuhhxYutX8=)
2: VU0FkvZgVaRI8EGkm-qXkP1h2_c.roa (hash: FXgImtBv7FeA5blXsKdg5pD7MuiscFVJi0Lfx25h6e4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 07:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d2:b3:f4:3e:a8:2e:97:71:bc:f6:e0:fe:38:63:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Validity
Not Before: Nov 5 07:02:11 2025 GMT
Not After : Nov 6 07:02:11 2025 GMT
Subject: CN=0d3555e872d4951e15272295f7058aecd082b351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9e:d3:6f:7b:d2:99:9c:df:8d:9e:c0:93:52:
62:29:1a:1a:38:97:71:55:84:cc:a7:7d:90:3b:95:
73:50:fc:ef:b4:05:1f:17:96:04:7d:2d:73:91:21:
2b:32:7c:12:b8:08:76:62:10:af:31:90:4f:b3:f1:
1b:13:67:15:75:6c:ac:89:b9:18:35:e2:74:55:ad:
c0:79:d4:6c:17:b6:58:0f:77:f8:6b:84:41:fe:88:
91:39:77:a0:e7:b8:b6:cb:3f:e1:92:20:8d:0f:db:
ab:e2:fe:0c:4e:b7:bf:af:1c:87:72:81:7f:af:89:
f2:fb:9a:2d:6e:70:97:d2:fa:fc:98:ca:e0:e6:39:
e4:80:44:52:46:7f:b4:75:72:90:cf:cd:36:3a:ba:
d6:97:8b:d2:a2:2e:b4:20:2c:bb:7d:33:ae:9e:0e:
b6:bf:10:c2:9e:04:db:2f:5d:7c:95:dc:6e:64:82:
d0:22:b4:3d:0c:01:99:53:a5:ff:04:40:9b:20:e6:
57:52:c7:a1:1e:05:7b:77:76:b5:de:da:aa:27:a3:
0d:3b:54:7a:4d:a7:9f:87:3e:70:78:a2:47:92:99:
c7:e7:ce:63:44:38:ba:ab:9a:1f:d8:73:d8:78:3e:
bf:c3:65:1d:2b:c2:13:8f:41:61:ff:ee:45:e1:eb:
0e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:35:55:E8:72:D4:95:1E:15:27:22:95:F7:05:8A:EC:D0:82:B3:51
X509v3 Authority Key Identifier:
keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:c6:45:7f:c6:86:6e:ec:22:3a:a7:3d:54:55:2d:fb:1a:d8:
0d:63:62:49:a5:93:a1:e4:41:eb:a6:6d:4f:03:67:c4:45:e2:
43:51:b4:4e:bd:e5:e3:b1:9f:ea:59:cb:9f:8b:63:d2:25:ce:
ab:8e:64:26:c6:38:38:f9:e0:82:5c:e2:e2:91:e9:73:f8:04:
b0:0a:3a:29:3a:7f:c0:00:b3:b9:90:67:69:77:a4:ef:15:76:
ba:d5:29:89:9b:86:5b:a6:70:98:99:b9:ba:e1:3d:d3:9e:4e:
43:62:4b:c4:06:30:aa:e5:27:82:2a:15:3c:69:9b:d0:78:f3:
af:1f:92:bd:8c:c6:d9:3a:25:12:8f:7c:cd:77:15:1c:80:d9:
f9:97:27:56:7d:5a:3f:cc:b7:13:b2:d6:d9:ed:5f:c8:80:33:
29:21:93:ed:f8:15:4d:fc:cd:e8:94:9f:a0:a8:89:82:19:b0:
8e:4d:4e:26:84:3b:33:cc:2a:6d:c9:2a:c8:aa:81:c2:f2:dd:
f2:30:13:a8:cd:ab:54:33:69:72:98:1f:16:50:ac:e4:90:e4:
28:e6:73:c8:a4:1a:99:d6:e8:f3:26:cf:24:fe:41:39:62:db:
b9:5e:95:b7:b1:db:a0:10:d3:24:ad:f6:c8:01:17:e2:ad:28:
94:ac:eb:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0rP0Pqgul3G89uD+OGPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk
NjExMjAwHhcNMjUxMTA1MDcwMjExWhcNMjUxMTA2MDcwMjExWjAzMTEwLwYDVQQD
EygwZDM1NTVlODcyZDQ5NTFlMTUyNzIyOTVmNzA1OGFlY2QwODJiMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw57Tb3vSmZzfjZ7Ak1JiKRoaOJdx
VYTMp32QO5VzUPzvtAUfF5YEfS1zkSErMnwSuAh2YhCvMZBPs/EbE2cVdWysibkY
NeJ0Va3AedRsF7ZYD3f4a4RB/oiROXeg57i2yz/hkiCND9ur4v4MTre/rxyHcoF/
r4ny+5otbnCX0vr8mMrg5jnkgERSRn+0dXKQz802OrrWl4vSoi60ICy7fTOung62
vxDCngTbL118ldxuZILQIrQ9DAGZU6X/BECbIOZXUsehHgV7d3a13tqqJ6MNO1R6
Taefhz5weKJHkpnH585jRDi6q5of2HPYeD6/w2UdK8ITj0Fh/+5F4esOuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA01Vehy1JUeFScilfcFiuzQgrNRMB8GA1UdIwQY
MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt
YmNlOTM0MjA1YWU4LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4
LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMsZFf8aG
buwiOqc9VFUt+xrYDWNiSaWToeRB66ZtTwNnxEXiQ1G0Tr3l47Gf6lnLn4tj0iXO
q45kJsY4OPngglzi4pHpc/gEsAo6KTp/wACzuZBnaXek7xV2utUpiZuGW6ZwmJm5
uuE9055OQ2JLxAYwquUngioVPGmb0Hjzrx+SvYzG2TolEo98zXcVHIDZ+ZcnVn1a
P8y3E7LW2e1fyIAzKSGT7fgVTfzN6JSfoKiJghmwjk1OJoQ7M8wqbckqyKqBwvLd
8jATqM2rVDNpcpgfFlCs5JDkKOZzyKQamdbo8ybPJP5BOWLbuV6Vt7HboBDTJK32
yAEX4q0olKzrrg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:59:53 2025 by rpki-client