Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.mft
File: 3wGYp7Ov3N1wA1YqCHGHjiOHYK0.mft (raw, json)
Hash identifier: 6BLQi255u/XhtAfSkfvqhifpmiEilAGqnXo8yX8xCG0=
Subject key identifier: F0:C6:00:33:DE:12:85:D3:13:2D:C0:4A:28:73:82:89:67:DD:B2:61
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 019A4EF5A560FCF9DFF78DE20AF407C83F26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.mft
Manifest number: 11C0
Signing time: Tue 04 Nov 2025 13:01:52 +0000
Manifest this update: Tue 04 Nov 2025 13:01:52 +0000
Manifest next update: Wed 05 Nov 2025 13:01:52 +0000
Files and hashes: 1: 3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl (hash: q+bXdczfiRnbq/h9RlWQ1gF7VnIM7upulm4tS1BvZDA=)
2: 4PgtcW6j7xPoaJPy67vk2tMAXu4.roa (hash: fufIwyPbWqbMyORM68+h1FhSNKXbFzjdgG7WcXkavWU=)
3: cUPSsBWZ4irx4TApxzbroJpf5do.roa (hash: 6GPPFraRfTGyKrm5jIIIVF8Jt+KHlsZR8YFMwLgpuuE=)
4: xqYP462dYCt-0eOV8zXikdtxg14.roa (hash: YzKJbzm4Szaaz/1aNRHY+rmqu5/8YwNywOTzBNgzdeo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:a5:60:fc:f9:df:f7:8d:e2:0a:f4:07:c8:3f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Nov 4 13:01:52 2025 GMT
Not After : Nov 5 13:01:52 2025 GMT
Subject: CN=f0c60033de1285d3132dc04a2873828967ddb261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fe:f4:ef:25:ca:77:a0:e9:5a:3b:ac:37:9f:
38:0e:9a:27:9c:65:02:3c:66:63:3c:10:d9:c5:aa:
43:ee:b7:91:6d:46:cb:46:5b:ab:20:7b:87:c7:c6:
d8:c9:a1:92:84:d1:66:5f:93:29:97:e9:ac:47:17:
e7:fc:19:8d:62:c1:d2:61:57:c1:55:af:43:59:a6:
0e:76:c4:28:8d:8d:1f:c8:f8:bf:d0:8f:cf:db:35:
b5:28:d8:c5:d3:75:6d:fc:e4:ad:de:e4:6d:d0:93:
7c:79:76:9e:0b:f0:2f:4a:08:25:17:53:44:45:35:
3a:6d:f4:f5:28:c0:65:3e:9b:da:39:ac:d4:bc:2d:
cb:fd:15:26:fc:00:f3:2d:bf:58:3b:91:a4:41:b6:
14:cd:f7:f8:01:e0:3d:3c:31:0d:1f:66:ac:df:e2:
42:61:9d:e3:21:fa:ae:de:f0:c3:02:53:dc:98:6f:
1f:d2:73:dc:c0:94:7e:99:a8:db:b9:d1:10:44:e3:
d0:21:7c:a6:69:38:62:ab:cc:b2:9f:47:53:5e:17:
da:e1:78:03:1c:70:5e:e5:be:07:07:eb:a4:47:91:
d2:4e:1e:82:af:d4:d6:98:d2:1d:aa:1e:81:04:d3:
95:64:96:6c:35:9f:86:87:f1:9d:ec:e6:49:17:0b:
cf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C6:00:33:DE:12:85:D3:13:2D:C0:4A:28:73:82:89:67:DD:B2:61
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b9:bf:f3:7f:4c:9c:b1:56:08:c3:5c:41:f8:45:62:ab:67:b9:
88:fa:80:83:29:ee:bc:ce:da:ca:be:0a:ea:42:84:4e:97:7d:
94:67:ea:c3:59:ba:bc:56:16:61:b1:2a:b2:93:f6:94:e1:47:
71:a8:1d:31:e3:67:cd:42:f1:c9:05:fd:d8:b6:d7:50:17:ee:
00:1a:15:3e:39:88:f1:c6:90:56:fd:67:32:bc:66:21:28:1b:
d2:2f:31:d6:bc:69:68:18:e5:58:1f:32:36:99:32:e6:6c:43:
f4:24:7d:8d:25:d4:8d:86:47:da:59:ac:4d:0d:04:4e:22:fa:
a5:c9:9c:5f:77:4d:da:f0:94:14:79:58:ea:c4:22:13:74:6b:
47:60:42:d2:ac:a4:48:6f:4a:07:64:da:d0:53:25:85:c4:e7:
af:12:02:55:fb:af:58:0b:a8:6f:2c:4e:58:96:19:58:9b:8c:
2a:1e:88:3d:e5:f3:48:97:58:5a:88:94:ba:d3:ee:e6:67:c7:
e8:2a:cf:58:ab:1d:7f:30:19:d9:3a:85:0a:ca:e6:fa:70:7a:
c9:40:98:4e:5c:69:cc:84:47:74:22:1e:26:28:ae:41:d2:82:
1c:d3:e0:6c:fb:e3:e6:23:66:19:81:ac:d9:e2:b4:e5:ce:7b:
17:fe:38:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9aVg/Pnf943iCvQHyD8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjUxMTA0MTMwMTUyWhcNMjUxMTA1MTMwMTUyWjAzMTEwLwYDVQQD
EyhmMGM2MDAzM2RlMTI4NWQzMTMyZGMwNGEyODczODI4OTY3ZGRiMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP707yXKd6DpWjusN584DponnGUC
PGZjPBDZxapD7reRbUbLRlurIHuHx8bYyaGShNFmX5Mpl+msRxfn/BmNYsHSYVfB
Va9DWaYOdsQojY0fyPi/0I/P2zW1KNjF03Vt/OSt3uRt0JN8eXaeC/AvSgglF1NE
RTU6bfT1KMBlPpvaOazUvC3L/RUm/ADzLb9YO5GkQbYUzff4AeA9PDENH2as3+JC
YZ3jIfqu3vDDAlPcmG8f0nPcwJR+majbudEQROPQIXymaThiq8yyn0dTXhfa4XgD
HHBe5b4HB+ukR5HSTh6Cr9TWmNIdqh6BBNOVZJZsNZ+Gh/Gd7OZJFwvPmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDGADPeEoXTEy3ASihzgoln3bJhMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAub/zf0yc
sVYIw1xB+EViq2e5iPqAgynuvM7ayr4K6kKETpd9lGfqw1m6vFYWYbEqspP2lOFH
cagdMeNnzULxyQX92LbXUBfuABoVPjmI8caQVv1nMrxmISgb0i8x1rxpaBjlWB8y
Npky5mxD9CR9jSXUjYZH2lmsTQ0ETiL6pcmcX3dN2vCUFHlY6sQiE3RrR2BC0qyk
SG9KB2Ta0FMlhcTnrxICVfuvWAuobyxOWJYZWJuMKh6IPeXzSJdYWoiUutPu5mfH
6CrPWKsdfzAZ2TqFCsrm+nB6yUCYTlxpzIRHdCIeJiiuQdKCHNPgbPvj5iNmGYGs
2eK05c57F/44Sg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:54 2025 by rpki-client