Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
File: h3OqvdPia0S3mDfBRwq44XQV6o4.mft (raw, json)
Hash identifier: X2KXLGONXK/OHtZw0GNGIIFhXVM9S77QVwtRGjp6PJ8=
Subject key identifier: 3B:B0:B4:74:02:C4:45:72:CE:06:CD:DA:22:3F:A0:B0:CA:B5:13:62
Authority key identifier: 87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E
Certificate issuer: /CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
Certificate serial: 019A5150CCF648F6BA970EAE848CEF8D532E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
Manifest number: 02FA
Signing time: Wed 05 Nov 2025 00:00:41 +0000
Manifest this update: Wed 05 Nov 2025 00:00:41 +0000
Manifest next update: Thu 06 Nov 2025 00:00:41 +0000
Files and hashes: 1: h3OqvdPia0S3mDfBRwq44XQV6o4.crl (hash: XNlHzILXzG5TGhOIiJFKmx1hFgcFdKzktGnZSSjW5WQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:50:cc:f6:48:f6:ba:97:0e:ae:84:8c:ef:8d:53:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8773aabdd3e26b44b79837c1470ab8e17415ea8e
Validity
Not Before: Nov 5 00:00:41 2025 GMT
Not After : Nov 6 00:00:41 2025 GMT
Subject: CN=3bb0b47402c44572ce06cdda223fa0b0cab51362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a4:37:8c:0e:6d:a4:c0:0e:3f:a6:94:26:ab:
aa:00:b1:5f:5b:32:6e:5c:ee:97:e0:83:aa:f8:b8:
a5:80:01:77:ea:36:47:cb:fa:e4:60:a1:1c:01:45:
57:80:8d:6b:7d:13:ef:56:60:34:a1:49:50:10:6c:
0d:d6:5a:ca:60:16:87:7c:26:c7:96:6c:1c:65:cb:
25:a1:d6:43:5f:e1:a7:94:6d:42:95:84:9d:28:bf:
e9:6f:5c:a9:4b:12:bf:fb:e4:d7:48:e0:50:64:d2:
fb:62:c3:31:9e:48:8b:ce:f9:74:32:fb:5a:bf:21:
db:c5:28:e9:79:96:d0:b0:0e:6c:a1:2c:3c:bc:a8:
9e:5d:30:e1:f3:7a:14:8f:8c:a4:67:7b:28:20:30:
89:e2:ef:78:aa:e3:07:0d:13:b1:4e:1a:69:7e:35:
42:22:ad:23:4d:de:d3:6f:7c:98:ce:81:8b:bc:02:
39:40:19:77:c3:08:59:9c:29:2b:e2:8c:d0:94:72:
ef:46:7d:bb:00:59:42:94:d3:93:6c:9e:e5:a7:bb:
d2:00:46:43:97:6d:1a:41:78:83:8e:d1:69:5a:ff:
92:9c:48:b7:b8:c9:26:05:d1:d8:f1:8b:fc:66:c8:
5a:f9:d8:c6:1d:0c:30:6d:1e:83:67:2d:eb:80:4f:
ce:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B0:B4:74:02:C4:45:72:CE:06:CD:DA:22:3F:A0:B0:CA:B5:13:62
X509v3 Authority Key Identifier:
keyid:87:73:AA:BD:D3:E2:6B:44:B7:98:37:C1:47:0A:B8:E1:74:15:EA:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3OqvdPia0S3mDfBRwq44XQV6o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e4b3f6-040b-406e-b438-6ab8a879a17b/1/h3OqvdPia0S3mDfBRwq44XQV6o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:57:47:69:61:e5:08:d5:27:e8:2e:90:4d:b0:75:61:70:b9:
65:41:4f:8b:d1:f3:7f:3b:c3:6c:63:2a:3d:29:51:28:ae:ba:
18:3b:5e:81:8e:53:91:07:e8:75:5c:9b:ad:49:13:69:a3:cd:
6f:52:da:c3:42:59:17:80:cb:88:24:75:d4:65:c0:9e:96:9f:
9b:b2:f9:e7:ef:d2:d6:b5:ea:29:f3:df:ce:c7:91:a2:06:be:
8b:7f:62:d0:65:1f:a8:62:f6:4a:fb:5a:4d:84:41:e0:26:82:
b8:ea:fb:53:ec:a8:5c:28:e1:53:9b:c4:0b:b6:b1:b3:1a:b0:
14:bc:fa:f1:1f:8f:c4:51:44:35:35:0f:b8:5f:b9:c4:d9:1b:
52:24:e1:5f:97:25:68:93:46:54:cc:12:58:ec:37:26:e4:58:
9d:b9:5d:3c:08:95:87:b5:0a:bd:5f:fe:c0:a2:db:8c:39:73:
87:86:29:f3:69:cc:b7:3a:f7:83:e1:ff:88:e0:3d:ef:91:97:
7c:de:54:89:fd:37:4f:30:1f:b8:8d:c4:b4:63:a5:9e:68:8d:
55:5e:fb:6c:f3:05:d8:d8:05:90:b8:83:1d:fc:c5:60:d2:58:
07:3c:de:4c:b3:c4:56:96:91:b6:fa:29:3e:5d:9d:58:07:ea:
b2:b5:0e:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUMz2SPa6lw6uhIzvjVMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzNhYWJkZDNlMjZiNDRiNzk4MzdjMTQ3MGFiOGUxNzQx
NWVhOGUwHhcNMjUxMTA1MDAwMDQxWhcNMjUxMTA2MDAwMDQxWjAzMTEwLwYDVQQD
EygzYmIwYjQ3NDAyYzQ0NTcyY2UwNmNkZGEyMjNmYTBiMGNhYjUxMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqQ3jA5tpMAOP6aUJquqALFfWzJu
XO6X4IOq+LilgAF36jZHy/rkYKEcAUVXgI1rfRPvVmA0oUlQEGwN1lrKYBaHfCbH
lmwcZcslodZDX+GnlG1ClYSdKL/pb1ypSxK/++TXSOBQZNL7YsMxnkiLzvl0Mvta
vyHbxSjpeZbQsA5soSw8vKieXTDh83oUj4ykZ3soIDCJ4u94quMHDROxThppfjVC
Iq0jTd7Tb3yYzoGLvAI5QBl3wwhZnCkr4ozQlHLvRn27AFlClNOTbJ7lp7vSAEZD
l20aQXiDjtFpWv+SnEi3uMkmBdHY8Yv8Zsha+djGHQwwbR6DZy3rgE/OOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuwtHQCxEVyzgbN2iI/oLDKtRNiMB8GA1UdIwQY
MBaAFIdzqr3T4mtEt5g3wUcKuOF0FeqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0Mzgt
NmFiOGE4NzlhMTdiLzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNGIzZjYtMDQwYi00MDZlLWI0MzgtNmFiOGE4NzlhMTdi
LzEvaDNPcXZkUGlhMFMzbURmQlJ3cTQ0WFFWNm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcldHaWHl
CNUn6C6QTbB1YXC5ZUFPi9HzfzvDbGMqPSlRKK66GDtegY5TkQfodVybrUkTaaPN
b1Law0JZF4DLiCR11GXAnpafm7L55+/S1rXqKfPfzseRoga+i39i0GUfqGL2Svta
TYRB4CaCuOr7U+yoXCjhU5vEC7axsxqwFLz68R+PxFFENTUPuF+5xNkbUiThX5cl
aJNGVMwSWOw3JuRYnbldPAiVh7UKvV/+wKLbjDlzh4Yp82nMtzr3g+H/iOA975GX
fN5Uif03TzAfuI3EtGOlnmiNVV77bPMF2NgFkLiDHfzFYNJYBzzeTLPEVpaRtvop
Pl2dWAfqsrUOlA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:56:12 2025 by rpki-client