Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json)
Hash identifier: ufYufF51ZgDMUrVeqU7X4kSh18oKMyBGDHOHVY074gA=
Subject key identifier: D3:AD:88:7A:F3:EE:BE:F5:E2:2D:29:38:CF:F5:E9:80:B2:93:31:F2
Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b
Certificate serial: 019A266644896750BEF44CFF4AA41CB01E32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
Manifest number: 068B
Signing time: Mon 27 Oct 2025 16:00:27 +0000
Manifest this update: Mon 27 Oct 2025 16:00:27 +0000
Manifest next update: Tue 28 Oct 2025 16:00:27 +0000
Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: OCqNr6ScIRYpHBrvNPE1gkUDLx2Vny/J5FeCUIB/syc=)
2: Vnw9H8iqt-gts3LY3CEVf7p6PaE.roa (hash: s2vDBc3kUppwqWxQSMIljxY/yV7+Xm77EH+5A9yGbgM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:66:44:89:67:50:be:f4:4c:ff:4a:a4:1c:b0:1e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b
Validity
Not Before: Oct 27 16:00:27 2025 GMT
Not After : Oct 28 16:00:27 2025 GMT
Subject: CN=d3ad887af3eebef5e22d2938cff5e980b29331f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:2a:d6:bf:77:9a:aa:fb:c1:c0:ec:19:c4:
4b:54:f1:41:8a:ec:b3:db:0d:15:37:b6:1c:39:54:
c6:0b:13:ce:c1:c2:80:9a:a7:0a:58:9c:5f:c4:8c:
e5:bc:d8:6c:b6:a4:11:97:4f:fd:9b:05:44:eb:ed:
fc:b1:c7:d7:18:31:7c:01:be:96:af:c1:f1:41:c6:
b0:d8:a7:48:59:c9:b1:4c:db:3b:da:8b:8d:52:f9:
bb:1b:d1:39:73:d5:9d:92:0d:b6:b8:74:65:43:b0:
5f:bd:4b:e1:d2:f5:d6:90:3a:b8:e9:0c:e9:77:03:
75:eb:70:0c:8a:77:03:2a:64:36:32:ee:ed:14:6d:
e6:d0:cd:78:bb:82:61:b3:5b:e9:f8:3c:15:80:14:
f8:5b:95:5a:1c:04:2b:1f:f0:8e:8b:7c:d2:d5:5f:
29:f4:8b:b8:a4:73:65:59:59:2d:9b:b0:9e:1c:2c:
2a:0e:c3:d7:a9:05:48:00:9e:9c:d8:a5:56:77:e6:
20:0c:ea:e9:5b:e8:15:a5:91:c6:4e:9d:d9:4c:b0:
b0:93:40:56:2a:35:8d:b0:4b:a4:d9:e3:da:2a:0d:
b0:4b:1d:89:96:fb:03:b8:3f:e2:b6:08:cc:68:50:
31:38:7d:cd:6d:60:ab:80:d6:58:37:22:fe:d0:9f:
7d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:AD:88:7A:F3:EE:BE:F5:E2:2D:29:38:CF:F5:E9:80:B2:93:31:F2
X509v3 Authority Key Identifier:
keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:d3:be:03:c8:ba:c8:15:a0:44:a5:60:51:84:7a:f7:0f:08:
ff:82:ae:13:90:dd:2b:76:2f:50:09:79:7c:e2:22:4f:5d:d3:
04:2f:51:97:26:5c:3b:48:33:d8:34:e5:8b:66:8a:70:b3:0b:
e6:a1:e8:1e:2a:07:2b:46:6d:ef:e4:26:33:1c:25:a3:68:11:
9f:91:90:41:ef:2a:7e:29:ba:77:ca:1f:04:cc:71:b6:b0:23:
f3:37:d1:b3:c2:56:6b:0f:f5:41:ca:1e:96:26:93:84:33:89:
7c:14:78:72:a4:3d:8c:c1:bc:18:c0:c3:5c:df:0c:c7:a3:75:
f5:2a:15:5f:fa:16:02:43:8f:4b:7b:28:ca:14:df:18:f8:c6:
63:e3:7c:29:d3:5d:0d:75:c7:96:e9:a3:ce:0f:fe:0b:93:a3:
f3:1f:95:1c:f0:8f:85:db:f2:d4:3e:03:dd:ea:a3:2a:96:4d:
98:7c:55:a4:38:ac:a7:fd:11:2e:43:c6:c6:76:49:9b:8a:a3:
39:0a:71:e0:0c:d2:30:2e:a7:24:cf:8c:f1:1e:f1:41:14:c1:
ea:dd:4b:81:7c:53:6b:a2:af:ed:6c:02:44:c5:99:a9:0e:ea:
30:5e:25:dc:c4:03:42:a9:00:17:1c:f1:9f:fb:90:0c:a5:9a:
5f:51:ce:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZomZkSJZ1C+9Ez/SqQcsB4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4
NjYwMWIwHhcNMjUxMDI3MTYwMDI3WhcNMjUxMDI4MTYwMDI3WjAzMTEwLwYDVQQD
EyhkM2FkODg3YWYzZWViZWY1ZTIyZDI5MzhjZmY1ZTk4MGIyOTMzMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquMq1r93mqr7wcDsGcRLVPFBiuyz
2w0VN7YcOVTGCxPOwcKAmqcKWJxfxIzlvNhstqQRl0/9mwVE6+38scfXGDF8Ab6W
r8HxQcaw2KdIWcmxTNs72ouNUvm7G9E5c9Wdkg22uHRlQ7BfvUvh0vXWkDq46Qzp
dwN163AMincDKmQ2Mu7tFG3m0M14u4Jhs1vp+DwVgBT4W5VaHAQrH/COi3zS1V8p
9Iu4pHNlWVktm7CeHCwqDsPXqQVIAJ6c2KVWd+YgDOrpW+gVpZHGTp3ZTLCwk0BW
KjWNsEuk2ePaKg2wSx2JlvsDuD/itgjMaFAxOH3NbWCrgNZYNyL+0J99gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOtiHrz7r714i0pOM/16YCykzHyMB8GA1UdIwQY
MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt
NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5
LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD9O+A8i6
yBWgRKVgUYR69w8I/4KuE5DdK3YvUAl5fOIiT13TBC9RlyZcO0gz2DTli2aKcLML
5qHoHioHK0Zt7+QmMxwlo2gRn5GQQe8qfim6d8ofBMxxtrAj8zfRs8JWaw/1Qcoe
liaThDOJfBR4cqQ9jMG8GMDDXN8Mx6N19SoVX/oWAkOPS3soyhTfGPjGY+N8KdNd
DXXHlumjzg/+C5Oj8x+VHPCPhdvy1D4D3eqjKpZNmHxVpDisp/0RLkPGxnZJm4qj
OQpx4AzSMC6nJM+M8R7xQRTB6t1LgXxTa6Kv7WwCRMWZqQ7qMF4l3MQDQqkAFxzx
n/uQDKWaX1HOXw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 22:19:50 2025 by rpki-client