Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
File: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft (raw, json)
Hash identifier: 9AKbdwLAZ/JxpiBlq5Gb5+sb8XE4XW7+EVanDZRLpJc=
Subject key identifier: 22:6C:C1:6A:4B:42:B1:2D:D9:43:BC:5B:07:3A:20:4C:36:82:0B:F1
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 019A4E8697DCF0014A3DB83D72F739713295
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
Manifest number: 0EF5
Signing time: Tue 04 Nov 2025 11:00:34 +0000
Manifest this update: Tue 04 Nov 2025 11:00:34 +0000
Manifest next update: Wed 05 Nov 2025 11:00:34 +0000
Files and hashes: 1: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl (hash: /No3wXjf12v6rQzRITsVAo946VjtfpD2fZMVrMjN/k8=)
2: plkAs-IyDZJCIAE40BkNI36hTng.roa (hash: wOkXtaw5IC+9zxwCff906pm32/bh8wTs2La7fXktK8s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:97:dc:f0:01:4a:3d:b8:3d:72:f7:39:71:32:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Nov 4 11:00:34 2025 GMT
Not After : Nov 5 11:00:34 2025 GMT
Subject: CN=226cc16a4b42b12dd943bc5b073a204c36820bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:61:dd:55:e2:8d:b3:38:ca:c2:b5:c0:10:32:
af:10:88:89:0f:17:2a:b0:f5:eb:b9:88:59:f1:17:
52:86:1d:64:05:cc:ed:57:3a:40:99:03:8f:74:04:
58:21:78:b7:20:86:61:9a:9c:24:8b:5e:97:23:32:
37:96:bc:0e:71:6e:9b:ee:4b:7f:d4:85:6b:72:40:
77:c5:a6:c7:de:08:27:7f:d2:b4:1c:76:68:62:75:
f5:cd:83:9d:f5:11:ba:ad:92:9c:0c:fa:44:a8:5e:
7b:ed:c3:8a:0f:19:aa:8f:3b:2e:72:e6:aa:b4:1f:
a7:27:1d:dd:d4:04:2e:3c:71:ed:88:cf:1c:2b:07:
26:68:c8:a8:76:11:00:cb:b5:b1:27:7d:ae:97:87:
5f:45:01:be:6b:52:96:2d:81:4f:77:c3:3f:10:5c:
c5:ee:a6:da:3e:0e:54:a4:34:76:ee:12:2b:3f:7d:
de:ba:d3:b3:83:7c:46:c3:74:74:6f:c0:ee:a3:fe:
a7:5b:5c:2f:22:fa:e3:13:3a:8c:8c:83:90:b2:93:
13:b6:d8:a8:28:c5:01:c6:4a:30:4a:e7:5f:7e:9f:
79:9d:31:98:d2:3f:8a:75:b0:56:44:4c:2e:ba:78:
46:6e:db:c6:76:0a:af:bd:d8:98:28:0c:16:31:c0:
7f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6C:C1:6A:4B:42:B1:2D:D9:43:BC:5B:07:3A:20:4C:36:82:0B:F1
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:bd:e0:96:9a:00:54:a1:e5:e4:63:44:31:5d:82:5e:93:49:
f9:0a:7a:cf:7e:e9:ce:1f:79:c9:a7:e0:da:f9:2b:c5:d1:ff:
b5:86:c9:b0:c8:ca:37:ff:44:7d:0e:a6:45:fd:2a:7d:b6:be:
f9:88:92:f1:f3:f3:c1:9a:c9:11:2a:13:1e:a6:9a:39:74:96:
fb:47:46:82:88:b7:a6:21:0a:c3:8b:16:16:f2:8d:33:d2:1a:
dd:f6:5d:6b:0d:7d:2e:a6:8c:82:f3:f8:3a:e3:e0:32:f8:29:
08:b6:33:32:13:4a:32:d9:bc:4f:6b:8c:29:c9:52:74:17:80:
f0:5c:68:3d:c8:a2:65:7a:d6:ae:ca:a4:89:3b:b8:c4:6f:fd:
82:87:cf:a7:fb:df:67:59:7b:f7:8f:14:8d:49:82:08:3e:f2:
bf:af:53:e1:67:fa:a6:92:4f:86:60:e8:2b:e5:f6:fd:40:b0:
2f:86:33:fd:03:0b:f6:e6:de:f6:09:33:b2:2b:94:07:bf:5f:
fe:8e:cb:14:f0:64:3d:d3:2f:76:86:0d:90:83:03:4e:9a:2a:
8b:5f:d0:58:e9:6d:64:83:d7:f7:3f:3e:03:45:a3:f2:59:2a:
be:35:01:0d:21:56:65:11:94:8a:72:14:78:f2:51:33:14:27:
9b:1e:3e:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhpfc8AFKPbg9cvc5cTKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjUxMTA0MTEwMDM0WhcNMjUxMTA1MTEwMDM0WjAzMTEwLwYDVQQD
EygyMjZjYzE2YTRiNDJiMTJkZDk0M2JjNWIwNzNhMjA0YzM2ODIwYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2HdVeKNszjKwrXAEDKvEIiJDxcq
sPXruYhZ8RdShh1kBcztVzpAmQOPdARYIXi3IIZhmpwki16XIzI3lrwOcW6b7kt/
1IVrckB3xabH3ggnf9K0HHZoYnX1zYOd9RG6rZKcDPpEqF577cOKDxmqjzsucuaq
tB+nJx3d1AQuPHHtiM8cKwcmaMiodhEAy7WxJ32ul4dfRQG+a1KWLYFPd8M/EFzF
7qbaPg5UpDR27hIrP33eutOzg3xGw3R0b8Duo/6nW1wvIvrjEzqMjIOQspMTttio
KMUBxkowSudffp95nTGY0j+KdbBWREwuunhGbtvGdgqvvdiYKAwWMcB/0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJswWpLQrEt2UO8Wwc6IEw2ggvxMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaL3glpoA
VKHl5GNEMV2CXpNJ+Qp6z37pzh95yafg2vkrxdH/tYbJsMjKN/9EfQ6mRf0qfba+
+YiS8fPzwZrJESoTHqaaOXSW+0dGgoi3piEKw4sWFvKNM9Ia3fZdaw19LqaMgvP4
OuPgMvgpCLYzMhNKMtm8T2uMKclSdBeA8FxoPciiZXrWrsqkiTu4xG/9gofPp/vf
Z1l7948UjUmCCD7yv69T4Wf6ppJPhmDoK+X2/UCwL4Yz/QML9ube9gkzsiuUB79f
/o7LFPBkPdMvdoYNkIMDTpoqi1/QWOltZIPX9z8+A0Wj8lkqvjUBDSFWZRGUinIU
ePJRMxQnmx4+fQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:46:27 2025 by rpki-client