
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
File: 3AXfbkBO-SDmpZKNiWPmpfjWESA.mft (raw, json)
Hash identifier: nBAbzB+jWgVybT6x6OhCLNW1l8Bo+2f/msveb976gzo=
Subject key identifier: 5D:3C:62:FA:3E:CA:50:02:CF:0C:1F:D1:1E:0D:A2:79:FC:7C:06:DA
Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Certificate serial: 019A54C00AA827172FC92CABB1DA857F9CC8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
Manifest number: 1711
Signing time: Wed 05 Nov 2025 16:01:03 +0000
Manifest this update: Wed 05 Nov 2025 16:01:03 +0000
Manifest next update: Thu 06 Nov 2025 16:01:03 +0000
Files and hashes: 1: 3AXfbkBO-SDmpZKNiWPmpfjWESA.crl (hash: vrBwg7ErbIxuFdfSzTfbqhmauUYEeuRChExHKGTa3kY=)
2: VU0FkvZgVaRI8EGkm-qXkP1h2_c.roa (hash: FXgImtBv7FeA5blXsKdg5pD7MuiscFVJi0Lfx25h6e4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:c0:0a:a8:27:17:2f:c9:2c:ab:b1:da:85:7f:9c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Validity
Not Before: Nov 5 16:01:03 2025 GMT
Not After : Nov 6 16:01:03 2025 GMT
Subject: CN=5d3c62fa3eca5002cf0c1fd11e0da279fc7c06da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e3:51:f5:1c:c4:11:47:51:36:c3:91:09:eb:
c7:18:4a:79:75:34:17:1b:82:96:5b:15:34:24:9d:
43:ca:d3:9d:d5:c8:14:76:06:4c:31:38:6e:95:c8:
a8:32:e0:da:6c:e1:70:da:c4:9f:5a:7e:a9:b7:bb:
85:ca:27:b1:49:1b:00:2f:a3:49:03:db:ea:d4:70:
bf:54:c5:af:30:1f:f4:c3:d3:6c:fd:6b:97:6c:89:
7d:e2:e4:a2:4b:82:a3:41:6d:cd:ef:51:8a:74:de:
a2:5d:b3:2d:4b:6e:61:b2:73:93:31:33:8e:31:05:
85:b2:4d:e1:3a:84:29:ea:d4:7b:67:79:f7:d2:7e:
8e:cb:ac:98:a2:79:7a:86:ad:97:61:88:46:3d:f3:
25:4a:80:64:68:35:bb:37:b3:95:e9:a4:cf:93:a1:
c4:57:cf:0e:ee:3c:2b:c4:4a:01:c8:80:f6:c4:f9:
da:7b:4a:1a:66:6f:cb:47:a4:02:3d:b3:36:0f:d3:
ab:5d:42:84:62:b3:de:dd:19:9a:b2:63:02:e5:47:
17:aa:b9:b8:fd:be:7f:0d:da:93:70:43:19:26:17:
50:81:ca:1b:d8:06:90:58:5f:75:62:81:e7:4e:66:
77:f5:6f:29:8e:bc:50:e7:fc:52:f1:41:ca:57:2f:
56:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3C:62:FA:3E:CA:50:02:CF:0C:1F:D1:1E:0D:A2:79:FC:7C:06:DA
X509v3 Authority Key Identifier:
keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:b5:67:e2:71:a9:c8:4a:18:70:93:10:52:e6:5d:3c:43:a6:
0d:c3:38:39:ef:7a:6a:b6:fc:b4:11:3b:74:e5:1b:6e:f7:2d:
40:b6:96:62:59:2e:31:bd:a1:a0:3d:b5:6a:e8:93:d1:e4:90:
b7:9f:a1:74:14:2b:24:74:62:69:dd:4f:2b:12:93:2e:43:cc:
ff:15:15:e9:a5:c3:35:2e:46:32:6c:48:31:f0:a8:c2:7f:1e:
32:1e:1e:8c:4a:76:5f:93:7c:0e:9f:f0:5e:31:5e:61:da:78:
e9:63:27:77:5f:13:d6:53:60:9f:b9:9b:cd:f3:94:4c:10:3d:
ab:ea:72:fb:09:b0:98:64:ea:a9:17:44:d0:43:78:f7:2f:40:
bf:5f:5a:58:79:15:16:bf:6d:9e:59:92:19:71:35:38:91:fb:
42:f8:f7:c1:a2:59:d4:1e:57:61:c1:a9:2d:36:18:0c:2f:77:
c0:fa:17:5d:db:5a:45:db:35:71:6a:89:f7:60:01:ac:46:96:
4a:a5:e5:8b:79:9e:45:0d:9c:a2:70:c5:b6:6d:fa:d8:6e:08:
41:22:cb:7d:fd:38:1d:d9:48:d5:8a:29:0c:87:ca:aa:20:28:
a7:80:4f:61:22:39:43:67:c0:ff:88:ff:26:db:e4:b0:e5:8c:
b8:6a:73:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUwAqoJxcvySyrsdqFf5zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk
NjExMjAwHhcNMjUxMTA1MTYwMTAzWhcNMjUxMTA2MTYwMTAzWjAzMTEwLwYDVQQD
Eyg1ZDNjNjJmYTNlY2E1MDAyY2YwYzFmZDExZTBkYTI3OWZjN2MwNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+NR9RzEEUdRNsORCevHGEp5dTQX
G4KWWxU0JJ1DytOd1cgUdgZMMThulcioMuDabOFw2sSfWn6pt7uFyiexSRsAL6NJ
A9vq1HC/VMWvMB/0w9Ns/WuXbIl94uSiS4KjQW3N71GKdN6iXbMtS25hsnOTMTOO
MQWFsk3hOoQp6tR7Z3n30n6Oy6yYonl6hq2XYYhGPfMlSoBkaDW7N7OV6aTPk6HE
V88O7jwrxEoByID2xPnae0oaZm/LR6QCPbM2D9OrXUKEYrPe3RmasmMC5UcXqrm4
/b5/DdqTcEMZJhdQgcob2AaQWF91YoHnTmZ39W8pjrxQ5/xS8UHKVy9WTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF08Yvo+ylACzwwf0R4Nonn8fAbaMB8GA1UdIwQY
MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt
YmNlOTM0MjA1YWU4LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4
LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFLVn4nGp
yEoYcJMQUuZdPEOmDcM4Oe96arb8tBE7dOUbbvctQLaWYlkuMb2hoD21auiT0eSQ
t5+hdBQrJHRiad1PKxKTLkPM/xUV6aXDNS5GMmxIMfCown8eMh4ejEp2X5N8Dp/w
XjFeYdp46WMnd18T1lNgn7mbzfOUTBA9q+py+wmwmGTqqRdE0EN49y9Av19aWHkV
Fr9tnlmSGXE1OJH7Qvj3waJZ1B5XYcGpLTYYDC93wPoXXdtaRds1cWqJ92ABrEaW
SqXli3meRQ2conDFtm362G4IQSLLff04HdlI1YopDIfKqiAop4BPYSI5Q2fA/4j/
JtvksOWMuGpz8g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:46:08 2025 by rpki-client