Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File: 3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier: 9ooKBjsBfcl25WxWx3x1akvI/vNpF0hoaF+uS0dMEjs=
Subject key identifier: EA:C1:58:84:DD:A3:40:B1:6E:42:78:F5:30:76:0C:50:B9:48:9D:FE
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer: /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial: 019B72FE670590D1EF716F2E7B16E2CB8E45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number: 0F4F
Signing time: Wed 31 Dec 2025 06:00:33 +0000
Manifest this update: Wed 31 Dec 2025 06:00:33 +0000
Manifest next update: Thu 01 Jan 2026 06:00:33 +0000
Files and hashes: 1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: NMJW0TpMeMalRtMIN1xNqpZq+tdpn3D2tz37Tzk/OFI=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:72:fe:67:05:90:d1:ef:71:6f:2e:7b:16:e2:cb:8e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Validity
Not Before: Dec 31 06:00:33 2025 GMT
Not After : Jan 1 06:00:33 2026 GMT
Subject: CN=eac15884dda340b16e4278f530760c50b9489dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d8:29:c9:14:91:21:09:4b:74:fb:40:cf:05:
66:d3:00:05:56:f3:57:b8:f2:44:ea:a0:17:f0:a0:
82:af:ce:d6:8b:51:5c:0a:0c:a8:e9:e7:c6:aa:c3:
a8:a8:99:0e:21:24:31:6a:f8:b8:64:5a:4d:b2:02:
68:99:ef:ee:aa:54:d5:35:7e:69:e2:6e:ed:28:b6:
95:fd:83:08:02:c0:75:42:a8:af:6b:70:18:49:75:
f2:ca:bb:30:f7:d2:be:5f:7f:f4:a0:8c:80:df:88:
0a:11:c8:a4:f3:ce:c7:4c:8f:95:f8:d1:77:83:af:
7c:12:2f:99:ed:35:2e:34:23:00:3b:1c:c4:23:ba:
be:a0:90:b3:77:1d:fd:6a:95:1a:0f:7b:c1:3f:86:
15:31:cf:8e:7f:da:64:19:40:ef:04:ba:b1:8a:65:
79:ba:f3:3c:94:8c:34:d1:67:20:64:d2:d7:51:df:
43:de:f8:2f:fa:0d:6b:8a:30:e6:00:28:e3:ea:e4:
52:44:ac:9b:5a:90:04:f1:67:60:20:f6:ab:d3:47:
dc:99:f1:ef:4e:7e:92:f6:42:68:7e:a4:cf:6c:be:
ad:d9:95:b0:47:78:0a:69:e3:a2:37:c4:6a:9c:e3:
3d:19:ca:3c:66:09:2c:07:e6:14:61:3b:35:9e:95:
bb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C1:58:84:DD:A3:40:B1:6E:42:78:F5:30:76:0C:50:B9:48:9D:FE
X509v3 Authority Key Identifier:
keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:ca:18:3a:8f:01:b2:d3:9f:c8:5e:df:a3:a2:41:dd:39:d3:
36:b7:44:51:26:5f:a3:56:2b:e1:ae:60:99:66:31:94:08:18:
af:f6:3d:a6:e9:6a:72:92:7d:5d:03:47:00:17:d3:41:cf:b2:
1e:d7:b2:6f:8e:72:26:09:da:f1:a0:0a:54:33:06:67:a5:65:
36:3a:b1:c1:df:20:9f:1a:a2:3b:63:d6:75:0a:8c:aa:f6:8b:
28:20:d3:5b:12:79:eb:a7:2f:22:4d:47:5d:37:e1:60:25:ae:
fb:92:ac:4c:b0:8c:f6:a0:f0:25:37:62:4e:7b:f7:82:c0:a5:
b0:2d:de:3f:4a:c3:20:ea:14:32:64:a5:ec:b0:3b:6b:f4:67:
98:ec:d7:58:79:2a:f8:0c:fa:97:53:9e:13:18:ff:76:5a:a8:
39:22:8e:da:51:30:c0:48:9c:03:de:b0:2f:fa:cf:d2:e5:37:
2c:2e:c2:53:f5:cf:e8:ab:f3:c9:6a:9c:31:6a:9c:7b:50:c9:
19:df:96:b7:31:d8:9b:f7:c9:62:c1:73:42:83:05:35:69:a9:
1e:fc:0e:64:db:ee:0d:56:44:5b:f6:1c:8b:64:74:21:02:4b:
64:5d:ae:5c:85:61:35:fa:81:d3:06:f7:2a:19:36:f0:ca:13:
84:cf:58:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZty/mcFkNHvcW8uexbiy45FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUxMjMxMDYwMDMzWhcNMjYwMTAxMDYwMDMzWjAzMTEwLwYDVQQD
EyhlYWMxNTg4NGRkYTM0MGIxNmU0Mjc4ZjUzMDc2MGM1MGI5NDg5ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NgpyRSRIQlLdPtAzwVm0wAFVvNX
uPJE6qAX8KCCr87Wi1FcCgyo6efGqsOoqJkOISQxavi4ZFpNsgJome/uqlTVNX5p
4m7tKLaV/YMIAsB1Qqiva3AYSXXyyrsw99K+X3/0oIyA34gKEcik887HTI+V+NF3
g698Ei+Z7TUuNCMAOxzEI7q+oJCzdx39apUaD3vBP4YVMc+Of9pkGUDvBLqximV5
uvM8lIw00WcgZNLXUd9D3vgv+g1rijDmACjj6uRSRKybWpAE8WdgIPar00fcmfHv
Tn6S9kJofqTPbL6t2ZWwR3gKaeOiN8RqnOM9Gco8ZgksB+YUYTs1npW7cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrBWITdo0CxbkJ49TB2DFC5SJ3+MB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsoYOo8B
stOfyF7fo6JB3TnTNrdEUSZfo1Yr4a5gmWYxlAgYr/Y9pulqcpJ9XQNHABfTQc+y
Hteyb45yJgna8aAKVDMGZ6VlNjqxwd8gnxqiO2PWdQqMqvaLKCDTWxJ566cvIk1H
XTfhYCWu+5KsTLCM9qDwJTdiTnv3gsClsC3eP0rDIOoUMmSl7LA7a/RnmOzXWHkq
+Az6l1OeExj/dlqoOSKO2lEwwEicA96wL/rP0uU3LC7CU/XP6KvzyWqcMWqce1DJ
Gd+WtzHYm/fJYsFzQoMFNWmpHvwOZNvuDVZEW/Yci2R0IQJLZF2uXIVhNfqB0wb3
Khk28MoThM9Y3Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:16:29 2026 by rpki-client