Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft
File: 3GbYudONW7Gc-gxGRLRSk9Hotvo.mft (raw, json)
Hash identifier: sxnZuL+W4V+oeh9+xyJfPpE3bSjsXOKjghTN/HB9nE8=
Subject key identifier: 88:FB:2B:04:40:5E:E7:DD:9A:49:5A:7B:30:69:E9:7F:BA:AB:B4:44
Authority key identifier: DC:66:D8:B9:D3:8D:5B:B1:9C:FA:0C:46:44:B4:52:93:D1:E8:B6:FA
Certificate issuer: /CN=dc66d8b9d38d5bb19cfa0c4644b45293d1e8b6fa
Certificate serial: 019A71B819073D2F9FC6EE44F5E61AE38E07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft
Manifest number: 16B0
Signing time: Tue 11 Nov 2025 07:01:21 +0000
Manifest this update: Tue 11 Nov 2025 07:01:21 +0000
Manifest next update: Wed 12 Nov 2025 07:01:21 +0000
Files and hashes: 1: 3GbYudONW7Gc-gxGRLRSk9Hotvo.crl (hash: Qaic/j+KH6Qfq7sNaTsoJaE9Ws44UdlAsLMGIqBjm38=)
2: bcS-hsDeO0gtgs28TEiHyvA81q0.roa (hash: CeE5W6otaxPvfHxN+lyC5C8i9p819egn6IV1iHF00Ew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft
rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:19:07:3d:2f:9f:c6:ee:44:f5:e6:1a:e3:8e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc66d8b9d38d5bb19cfa0c4644b45293d1e8b6fa
Validity
Not Before: Nov 11 07:01:21 2025 GMT
Not After : Nov 12 07:01:21 2025 GMT
Subject: CN=88fb2b04405ee7dd9a495a7b3069e97fbaabb444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2a:43:99:48:88:f8:d9:f8:56:e1:92:16:2c:
cd:c7:d0:ce:64:58:9b:00:59:dd:1a:51:9c:51:78:
fa:14:64:9d:2d:59:cd:68:ad:34:cc:02:34:d5:ca:
f3:16:fd:09:05:f8:b7:4c:6f:34:2f:62:c9:fa:68:
df:7f:ba:3f:e7:b3:a7:86:d0:31:36:39:a8:49:9e:
9f:bc:ab:10:58:03:92:75:a7:91:96:f9:fe:29:a0:
60:2d:bc:3e:39:c9:18:99:15:08:36:7f:54:fd:4f:
72:eb:c0:e8:6c:ab:fe:4f:e7:e8:91:db:03:cb:8d:
1c:59:e0:77:da:19:d1:b6:db:29:14:b6:3f:45:e2:
83:65:3b:2b:8a:60:84:30:e7:f6:bf:f5:86:f5:ae:
e8:7e:da:89:55:61:4a:ff:3b:17:d7:2b:cc:1f:e9:
0e:0c:43:90:e4:1a:55:3d:e8:75:9c:6e:89:3b:49:
60:4d:bf:51:30:8d:78:80:82:f0:ed:e4:17:15:90:
13:2a:7e:7b:47:b8:15:5c:cb:93:f6:be:ae:1a:d1:
4f:b3:43:2e:a0:e0:cb:fd:3c:95:47:86:7e:ae:81:
6f:ad:8b:db:6d:63:ec:bc:a5:2e:a8:47:cb:bd:d2:
6d:63:2a:51:6c:05:9e:92:33:6d:15:35:02:59:1a:
38:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FB:2B:04:40:5E:E7:DD:9A:49:5A:7B:30:69:E9:7F:BA:AB:B4:44
X509v3 Authority Key Identifier:
keyid:DC:66:D8:B9:D3:8D:5B:B1:9C:FA:0C:46:44:B4:52:93:D1:E8:B6:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:e1:5e:69:12:27:f5:b0:d4:48:ad:ac:64:c2:48:ee:ab:32:
e8:ab:d0:95:c1:49:e2:81:64:d4:27:12:57:5b:d8:c3:b7:8e:
b2:38:b2:28:6b:ef:27:a9:1b:27:2c:0f:8c:30:72:28:5b:8d:
41:d2:e0:44:9b:1a:41:30:66:a3:f2:5a:09:74:cf:69:b1:7b:
21:40:82:80:6f:8e:97:84:20:3f:ff:29:3a:00:ba:d3:1a:70:
9d:e9:e3:fe:64:98:ae:7f:5b:9d:cc:bf:a7:f8:77:88:83:f9:
ea:04:97:a6:7d:4d:5a:05:27:fe:77:70:91:ab:97:fd:10:1e:
8a:34:8a:75:19:f4:af:bf:7d:f9:0d:c6:31:1e:14:72:7a:b2:
62:9d:cd:d6:46:c2:8d:f2:06:1f:61:f2:a0:8a:05:44:c0:88:
ba:b3:66:68:1f:68:59:39:08:e3:63:e1:99:ab:98:4d:f5:e3:
8d:52:2b:15:13:ee:2c:3b:02:05:81:5c:0e:96:ea:c2:d1:42:
ed:36:e4:48:83:be:49:9e:e0:b0:25:19:2f:5d:6d:0d:58:b0:
62:2d:28:4e:e6:ac:82:00:c1:5d:79:86:1f:a2:7a:00:76:34:
71:01:f4:e8:42:55:0f:92:62:b3:d3:4e:e2:13:ed:f4:89:30:
01:6d:f1:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBkHPS+fxu5E9eYa444HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjZkOGI5ZDM4ZDViYjE5Y2ZhMGM0NjQ0YjQ1MjkzZDFl
OGI2ZmEwHhcNMjUxMTExMDcwMTIxWhcNMjUxMTEyMDcwMTIxWjAzMTEwLwYDVQQD
Eyg4OGZiMmIwNDQwNWVlN2RkOWE0OTVhN2IzMDY5ZTk3ZmJhYWJiNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyipDmUiI+Nn4VuGSFizNx9DOZFib
AFndGlGcUXj6FGSdLVnNaK00zAI01crzFv0JBfi3TG80L2LJ+mjff7o/57OnhtAx
NjmoSZ6fvKsQWAOSdaeRlvn+KaBgLbw+OckYmRUINn9U/U9y68DobKv+T+fokdsD
y40cWeB32hnRttspFLY/ReKDZTsrimCEMOf2v/WG9a7oftqJVWFK/zsX1yvMH+kO
DEOQ5BpVPeh1nG6JO0lgTb9RMI14gILw7eQXFZATKn57R7gVXMuT9r6uGtFPs0Mu
oODL/TyVR4Z+roFvrYvbbWPsvKUuqEfLvdJtYypRbAWekjNtFTUCWRo4twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIj7KwRAXufdmklaezBp6X+6q7REMB8GA1UdIwQY
MBaAFNxm2LnTjVuxnPoMRkS0UpPR6Lb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xNGY2ODQtMDQ1My00NjI1LTk2NmUt
NDc3MWQxYTRkZGYwLzEvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8xNGY2ODQtMDQ1My00NjI1LTk2NmUtNDc3MWQxYTRkZGYw
LzEvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuFeaRIn
9bDUSK2sZMJI7qsy6KvQlcFJ4oFk1CcSV1vYw7eOsjiyKGvvJ6kbJywPjDByKFuN
QdLgRJsaQTBmo/JaCXTPabF7IUCCgG+Ol4QgP/8pOgC60xpwnenj/mSYrn9bncy/
p/h3iIP56gSXpn1NWgUn/ndwkauX/RAeijSKdRn0r799+Q3GMR4UcnqyYp3N1kbC
jfIGH2HyoIoFRMCIurNmaB9oWTkI42PhmauYTfXjjVIrFRPuLDsCBYFcDpbqwtFC
7TbkSIO+SZ7gsCUZL11tDViwYi0oTuasggDBXXmGH6J6AHY0cQH06EJVD5Jis9NO
4hPt9IkwAW3xVg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:15 2025 by rpki-client