Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json)
Hash identifier: jVmLFUANrXZO3uxfie+79+DblV4yGZ0Xl2F51RISVZs=
Subject key identifier: 67:22:EF:DE:CD:0F:FD:7E:18:6E:17:13:D0:A0:FB:E1:B7:05:34:E6
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 019A5119EACA84EF07617C37FF91809029F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 23:00:44 +0000
Manifest this update: Tue 04 Nov 2025 23:00:44 +0000
Manifest next update: Wed 05 Nov 2025 23:00:44 +0000
Files and hashes: 1: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (hash: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=)
2: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: WVtqt8PLbGJICrWA7WKpnfOGE8L2/c7tyYsto29+B9E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:19:ea:ca:84:ef:07:61:7c:37:ff:91:80:90:29:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Nov 4 23:00:44 2025 GMT
Not After : Nov 5 23:00:44 2025 GMT
Subject: CN=6722efdecd0ffd7e186e1713d0a0fbe1b70534e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:47:4c:ff:12:26:e9:cf:bc:8f:1a:e8:fa:a8:
fa:36:1e:ff:c3:ee:78:94:28:a7:74:ca:ca:87:c0:
27:88:d0:a7:4d:20:64:e6:c7:47:7f:d4:d9:dc:3a:
b1:82:53:df:5f:1b:c4:72:19:73:c0:63:68:0b:22:
d9:8e:6f:93:f7:5d:c0:4c:20:39:4d:77:af:7d:44:
60:79:43:30:7f:aa:32:c1:69:8e:09:65:cd:ed:0b:
1a:10:23:b0:4e:18:10:5c:9a:8d:7a:8e:66:d9:e2:
0e:42:b5:a4:12:55:0e:93:f5:69:44:ff:c5:75:1f:
96:14:eb:a1:4e:24:49:78:22:11:01:0d:ea:6f:12:
8c:79:fe:8f:2e:d2:6e:7f:bd:bc:b4:8f:33:75:51:
2a:f0:56:bf:b6:f7:5b:08:5c:0a:d9:a8:cd:e8:58:
a2:9f:d9:06:56:60:bb:04:dd:19:b8:ef:2e:bc:48:
43:a3:0a:af:aa:6d:bb:2f:e8:90:0e:9e:dd:c1:62:
c5:a3:1b:59:31:18:00:17:73:ea:57:9a:c9:a7:b2:
b6:2b:d0:9e:ec:23:bb:98:48:f3:08:40:a7:ed:d2:
d5:5d:4c:2c:60:4a:6b:78:b7:c5:b8:0f:60:62:c1:
bc:d3:2e:1f:1a:2b:95:88:29:5e:67:d5:69:b7:a2:
dd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:22:EF:DE:CD:0F:FD:7E:18:6E:17:13:D0:A0:FB:E1:B7:05:34:E6
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:ae:58:69:09:97:e2:60:29:3c:47:8d:a6:4e:14:a0:7f:d3:
71:86:c1:ab:80:5f:6a:1b:7b:86:4f:73:77:88:37:d8:88:35:
34:56:4e:96:6f:05:45:68:3b:f7:54:c5:5c:04:ac:90:1c:f8:
f6:e4:93:71:6c:a6:66:1d:46:64:f7:bb:91:0e:3f:50:56:f3:
d8:3f:d5:a1:b9:bf:5e:bf:eb:2a:47:2d:40:11:48:e0:07:29:
06:65:e0:12:1c:d8:6c:08:83:4a:3e:9a:d4:84:3c:95:a2:54:
2a:18:77:9e:80:d6:70:c2:58:a6:00:10:24:ec:82:35:24:02:
c7:16:64:32:9a:e9:2d:da:e0:8c:9b:b9:2e:6c:50:5a:17:98:
88:96:3b:b0:48:fb:19:48:fe:e6:82:c2:66:ad:4f:ef:96:4a:
e1:51:80:36:07:c7:d1:ed:27:c0:9f:91:57:e9:d3:57:d7:4c:
ff:bf:27:a6:0a:c3:c5:5c:e9:71:3a:cf:56:77:8e:ab:c0:a6:
f7:04:77:88:00:5e:a1:6d:76:f0:58:18:ec:1b:79:54:cb:a2:
7f:f8:69:47:fe:ed:b2:aa:2d:5c:82:a1:ec:b7:82:c7:a8:e8:
b1:64:f6:a2:5b:14:57:c8:f3:b1:72:53:01:85:8a:44:eb:89:
60:1d:f4:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGerKhO8HYXw3/5GAkCnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjUxMTA0MjMwMDQ0WhcNMjUxMTA1MjMwMDQ0WjAzMTEwLwYDVQQD
Eyg2NzIyZWZkZWNkMGZmZDdlMTg2ZTE3MTNkMGEwZmJlMWI3MDUzNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kdM/xIm6c+8jxro+qj6Nh7/w+54
lCindMrKh8AniNCnTSBk5sdHf9TZ3DqxglPfXxvEchlzwGNoCyLZjm+T913ATCA5
TXevfURgeUMwf6oywWmOCWXN7QsaECOwThgQXJqNeo5m2eIOQrWkElUOk/VpRP/F
dR+WFOuhTiRJeCIRAQ3qbxKMef6PLtJuf728tI8zdVEq8Fa/tvdbCFwK2ajN6Fii
n9kGVmC7BN0ZuO8uvEhDowqvqm27L+iQDp7dwWLFoxtZMRgAF3PqV5rJp7K2K9Ce
7CO7mEjzCECn7dLVXUwsYEpreLfFuA9gYsG80y4fGiuViCleZ9Vpt6LdJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGci797ND/1+GG4XE9Cg++G3BTTmMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN65YaQmX
4mApPEeNpk4UoH/TcYbBq4Bfaht7hk9zd4g32Ig1NFZOlm8FRWg791TFXASskBz4
9uSTcWymZh1GZPe7kQ4/UFbz2D/Vobm/Xr/rKkctQBFI4AcpBmXgEhzYbAiDSj6a
1IQ8laJUKhh3noDWcMJYpgAQJOyCNSQCxxZkMprpLdrgjJu5LmxQWheYiJY7sEj7
GUj+5oLCZq1P75ZK4VGANgfH0e0nwJ+RV+nTV9dM/78npgrDxVzpcTrPVneOq8Cm
9wR3iABeoW128FgY7Bt5VMuif/hpR/7tsqotXIKh7LeCx6josWT2olsUV8jzsXJT
AYWKROuJYB30jw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:18:53 2025 by rpki-client