Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
File: 3r5RfnR14XwGlkORD9b3ezF7hTg.mft (raw, json)
Hash identifier: TYGKYe8eXokAuDClm0qrNFOue45UD7e508HDGO3j/kA=
Subject key identifier: 55:84:BC:5E:8F:74:1B:60:2E:CA:05:53:7C:1F:EB:C5:89:23:3E:BA
Authority key identifier: DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
Certificate issuer: /CN=debe517e7475e17c069643910fd6f77b317b8538
Certificate serial: 019A72CA5D5766C005DCDAD5C8E3A37AFCBF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
Manifest number: 09B3
Signing time: Tue 11 Nov 2025 12:00:55 +0000
Manifest this update: Tue 11 Nov 2025 12:00:55 +0000
Manifest next update: Wed 12 Nov 2025 12:00:55 +0000
Files and hashes: 1: 3r5RfnR14XwGlkORD9b3ezF7hTg.crl (hash: isToWoyu7raPzV+l7PlRT7FoD1AYow9X7B+OOllOQgQ=)
2: ij43C7xr8xTz-pjXAc9irjAaFXA.roa (hash: TchsYLXYDpTrG6rR/zLX/7ji8qJkl2gfrI50UG67KC4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:5d:57:66:c0:05:dc:da:d5:c8:e3:a3:7a:fc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=debe517e7475e17c069643910fd6f77b317b8538
Validity
Not Before: Nov 11 12:00:55 2025 GMT
Not After : Nov 12 12:00:55 2025 GMT
Subject: CN=5584bc5e8f741b602eca05537c1febc589233eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:34:c7:4f:95:02:dd:10:26:8a:24:a9:fc:6a:
99:ee:20:d8:6d:f5:4f:9d:40:db:c1:85:80:b9:24:
7b:c4:79:85:e2:7e:9c:e8:ac:b0:19:3e:0f:74:06:
a7:63:dd:ce:4e:62:46:2e:6f:b7:06:02:bb:af:9c:
56:3a:ea:cd:3a:19:0e:68:3d:a3:76:a1:4f:46:bb:
f9:7d:6e:86:5c:8d:9c:e9:d3:fa:7b:88:fe:62:92:
90:e2:73:3d:dc:29:c7:2d:e6:78:ac:0d:a9:9c:7f:
60:f3:fd:ea:68:64:0c:0c:89:6c:fb:e2:18:e8:8f:
10:7f:2a:a3:69:27:37:9e:5a:58:d1:83:a4:6f:42:
d0:dc:b0:f2:06:90:99:20:a5:ef:24:f3:ce:63:00:
0f:83:77:99:59:4c:be:ba:a8:25:cf:06:11:a7:c7:
b5:36:63:84:30:ba:95:76:de:b9:f2:03:ff:7c:49:
b7:02:7d:df:65:74:ca:07:3d:e3:8b:03:fa:73:96:
9a:a7:9c:a7:95:c8:a3:1f:96:a3:3d:92:39:9f:2e:
24:6a:bc:0d:d2:03:f9:e2:2a:77:ff:4b:96:b0:d2:
eb:7e:22:dc:73:2f:93:1a:c1:07:42:5c:ba:50:3b:
b7:44:21:1f:a6:70:f0:d3:a1:e3:cf:6d:78:4a:2c:
8a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:84:BC:5E:8F:74:1B:60:2E:CA:05:53:7C:1F:EB:C5:89:23:3E:BA
X509v3 Authority Key Identifier:
keyid:DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:a8:89:66:93:ca:1d:0b:f1:94:56:ee:93:eb:e5:6c:82:ff:
45:ae:f8:be:c0:ee:50:da:2d:ef:12:7e:71:fd:96:73:f1:74:
de:33:1f:ab:6b:22:7d:4b:9d:ec:0b:a5:de:a6:2b:c1:93:1e:
4a:5b:2b:7d:5a:99:05:63:ff:f5:b3:e6:eb:c0:58:4b:d4:64:
a2:f7:c2:6d:d6:d1:f8:50:eb:bc:8d:3a:47:4f:d0:ee:75:4a:
09:5e:0d:23:68:18:ea:89:f5:3d:88:79:00:da:d9:29:e8:f1:
af:6d:f4:76:d3:71:29:c5:b9:ad:85:83:a0:38:22:2a:e0:cf:
b9:aa:97:0b:e8:5d:18:35:18:2e:93:c2:44:65:51:02:8d:1d:
0f:bc:df:e5:e0:bd:9a:4e:f5:f7:55:ff:56:48:b7:ee:4c:ad:
8f:4f:8e:10:b1:d2:34:9e:55:b1:70:ff:3b:a9:3f:fb:a7:07:
a0:cd:aa:8a:c5:0e:3f:ca:33:60:0d:4e:d5:14:e7:63:99:d3:
0f:35:76:28:54:5c:b7:e2:70:51:2d:5e:16:23:c0:5b:2d:1e:
73:e7:09:3c:3b:87:a6:98:e5:c8:c8:f7:9f:92:d4:41:60:10:
63:ed:56:62:b1:7a:78:7e:15:b1:5f:52:8c:a4:e9:f6:28:99:
3b:7c:46:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyl1XZsAF3NrVyOOjevy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmU1MTdlNzQ3NWUxN2MwNjk2NDM5MTBmZDZmNzdiMzE3
Yjg1MzgwHhcNMjUxMTExMTIwMDU1WhcNMjUxMTEyMTIwMDU1WjAzMTEwLwYDVQQD
Eyg1NTg0YmM1ZThmNzQxYjYwMmVjYTA1NTM3YzFmZWJjNTg5MjMzZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzTHT5UC3RAmiiSp/GqZ7iDYbfVP
nUDbwYWAuSR7xHmF4n6c6KywGT4PdAanY93OTmJGLm+3BgK7r5xWOurNOhkOaD2j
dqFPRrv5fW6GXI2c6dP6e4j+YpKQ4nM93CnHLeZ4rA2pnH9g8/3qaGQMDIls++IY
6I8QfyqjaSc3nlpY0YOkb0LQ3LDyBpCZIKXvJPPOYwAPg3eZWUy+uqglzwYRp8e1
NmOEMLqVdt658gP/fEm3An3fZXTKBz3jiwP6c5aap5ynlcijH5ajPZI5ny4karwN
0gP54ip3/0uWsNLrfiLccy+TGsEHQly6UDu3RCEfpnDw06Hjz214SiyK0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWEvF6PdBtgLsoFU3wf68WJIz66MB8GA1UdIwQY
MBaAFN6+UX50deF8BpZDkQ/W93sxe4U4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAt
ODlmNWM0ZjMyOTcwLzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAtODlmNWM0ZjMyOTcw
LzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6iJZpPK
HQvxlFbuk+vlbIL/Ra74vsDuUNot7xJ+cf2Wc/F03jMfq2sifUud7Aul3qYrwZMe
SlsrfVqZBWP/9bPm68BYS9RkovfCbdbR+FDrvI06R0/Q7nVKCV4NI2gY6on1PYh5
ANrZKejxr230dtNxKcW5rYWDoDgiKuDPuaqXC+hdGDUYLpPCRGVRAo0dD7zf5eC9
mk7191X/Vki37kytj0+OELHSNJ5VsXD/O6k/+6cHoM2qisUOP8ozYA1O1RTnY5nT
DzV2KFRct+JwUS1eFiPAWy0ec+cJPDuHppjlyMj3n5LUQWAQY+1WYrF6eH4VsV9S
jKTp9iiZO3xG2Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:18:49 2025 by rpki-client