Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json)
Hash identifier: l0O2Kmb0XAJwG6IlMyk8FyLyeEKw12l2u6K76ujEa3k=
Subject key identifier: 20:C0:87:4B:F0:FD:76:39:F0:C6:C1:F0:BB:16:4F:56:08:18:5B:A6
Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc
Certificate serial: 019A4F2B69A60BA67BAC889AE88D1E239AFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
Manifest number: 11A7
Signing time: Tue 04 Nov 2025 14:00:36 +0000
Manifest this update: Tue 04 Nov 2025 14:00:36 +0000
Manifest next update: Wed 05 Nov 2025 14:00:36 +0000
Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: /nFIwPYg7x/AbphBQWtrwU934v3FjY9s5VnDn5gukzI=)
2: V06h50tDruiBUg9uiKF_DSq52w8.roa (hash: A6FA8GQqXA3RMWxT5r25HFVTJrUQ2PZEYKc6YcmeWfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:2b:69:a6:0b:a6:7b:ac:88:9a:e8:8d:1e:23:9a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc
Validity
Not Before: Nov 4 14:00:36 2025 GMT
Not After : Nov 5 14:00:36 2025 GMT
Subject: CN=20c0874bf0fd7639f0c6c1f0bb164f5608185ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:29:fe:9b:9d:46:7b:87:0c:8f:aa:cd:13:
d7:fe:65:09:26:ed:dd:a3:20:2a:5e:90:c5:cd:9c:
b9:c0:2e:ab:d2:4c:09:84:76:4f:82:e4:56:43:0c:
02:14:78:bc:cb:38:fa:0b:c4:c8:46:9d:f3:76:84:
8f:02:e4:f1:9a:a9:5e:05:cf:b2:9d:59:ba:5c:79:
08:d8:83:03:85:bb:56:19:2a:18:ef:2b:8e:59:16:
28:01:fc:fd:ff:c3:9e:1e:5d:13:31:d3:4d:3d:4a:
3f:70:6f:e6:b5:ef:af:c7:e7:8c:71:10:56:9d:04:
64:1f:80:7e:4d:fe:08:d8:36:5a:1e:72:e0:cf:2e:
b0:b6:1e:82:21:f8:3a:05:40:8d:65:40:c3:42:2e:
3c:17:ee:60:16:cb:a4:46:a1:95:32:a8:b0:15:ed:
07:fc:01:fe:65:ca:ff:b5:59:57:af:30:1a:6d:d0:
51:42:66:e4:4d:58:73:b1:1f:1d:50:38:59:03:4b:
ed:57:0e:58:3c:70:17:c6:a7:3f:b3:0b:74:fe:5f:
30:82:e6:08:8d:ce:43:12:43:78:09:af:06:3f:23:
d6:74:ac:ed:ea:2d:00:38:11:83:21:a8:62:84:c4:
42:7f:04:c1:13:f3:90:c3:f6:d3:bc:07:ae:bb:f0:
df:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C0:87:4B:F0:FD:76:39:F0:C6:C1:F0:BB:16:4F:56:08:18:5B:A6
X509v3 Authority Key Identifier:
keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:4a:63:5c:23:b4:86:81:46:8f:17:07:be:f2:56:c4:21:18:
33:19:1a:05:d9:68:de:41:42:6f:53:3d:f0:41:d4:77:31:66:
aa:c7:d2:4c:fb:d3:ae:a0:2f:79:df:53:af:4a:24:84:eb:39:
43:37:58:1c:af:f4:20:eb:85:54:00:aa:0f:32:e5:79:36:25:
51:aa:8b:f0:44:79:c0:9a:3b:3f:9a:cd:af:82:55:0e:33:eb:
9b:3d:2c:44:5b:bd:3d:e4:41:36:22:a4:e1:be:c1:9e:f7:61:
f1:d3:08:de:51:d8:95:9c:b1:c7:4f:9c:63:91:1a:8f:03:b9:
28:4c:6c:87:01:b0:d2:d2:23:0f:a7:1f:30:9f:da:7f:06:6a:
61:92:a2:37:da:f6:90:03:f3:b2:69:ed:97:af:29:56:e7:80:
97:44:46:db:ba:35:57:cc:1c:24:1a:47:44:02:85:2d:61:31:
11:98:37:45:33:fb:4b:ee:ce:5a:5a:b0:83:52:a7:51:f9:76:
7c:16:b3:8a:34:ee:37:84:ce:c4:06:48:fc:c2:4e:21:f8:90:
4b:a4:60:d5:3c:03:9c:f3:30:fb:1b:30:ca:ed:0b:f3:ca:be:
24:db:98:8b:8c:bc:6e:1b:29:31:31:54:dc:c3:50:c6:38:28:
4d:92:b5:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPK2mmC6Z7rIia6I0eI5r8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm
NDhhZGMwHhcNMjUxMTA0MTQwMDM2WhcNMjUxMTA1MTQwMDM2WjAzMTEwLwYDVQQD
EygyMGMwODc0YmYwZmQ3NjM5ZjBjNmMxZjBiYjE2NGY1NjA4MTg1YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPYp/pudRnuHDI+qzRPX/mUJJu3d
oyAqXpDFzZy5wC6r0kwJhHZPguRWQwwCFHi8yzj6C8TIRp3zdoSPAuTxmqleBc+y
nVm6XHkI2IMDhbtWGSoY7yuOWRYoAfz9/8OeHl0TMdNNPUo/cG/mte+vx+eMcRBW
nQRkH4B+Tf4I2DZaHnLgzy6wth6CIfg6BUCNZUDDQi48F+5gFsukRqGVMqiwFe0H
/AH+Zcr/tVlXrzAabdBRQmbkTVhzsR8dUDhZA0vtVw5YPHAXxqc/swt0/l8wguYI
jc5DEkN4Ca8GPyPWdKzt6i0AOBGDIahihMRCfwTBE/OQw/bTvAeuu/DfEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDAh0vw/XY58MbB8LsWT1YIGFumMB8GA1UdIwQY
MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt
NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk
LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAREpjXCO0
hoFGjxcHvvJWxCEYMxkaBdlo3kFCb1M98EHUdzFmqsfSTPvTrqAved9Tr0okhOs5
QzdYHK/0IOuFVACqDzLleTYlUaqL8ER5wJo7P5rNr4JVDjPrmz0sRFu9PeRBNiKk
4b7Bnvdh8dMI3lHYlZyxx0+cY5EajwO5KExshwGw0tIjD6cfMJ/afwZqYZKiN9r2
kAPzsmntl68pVueAl0RG27o1V8wcJBpHRAKFLWExEZg3RTP7S+7OWlqwg1KnUfl2
fBazijTuN4TOxAZI/MJOIfiQS6Rg1TwDnPMw+xswyu0L88q+JNuYi4y8bhspMTFU
3MNQxjgoTZK1Cg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:30:05 2025 by rpki-client