Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
File: N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft (raw, json)
Hash identifier: 4i1Oethxy3Fmfnjj7X/LhGffMW0XZgy3DIb+2adYIgM=
Subject key identifier: 19:43:F9:13:29:BE:98:D2:4A:89:82:BD:B9:0F:8D:69:3D:B3:81:2A
Authority key identifier: 37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9
Certificate issuer: /CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
Certificate serial: 019A71B87CFC8D9E365F301AD6A018903812
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
Manifest number: 0C29
Signing time: Tue 11 Nov 2025 07:01:47 +0000
Manifest this update: Tue 11 Nov 2025 07:01:47 +0000
Manifest next update: Wed 12 Nov 2025 07:01:47 +0000
Files and hashes: 1: N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl (hash: 7LoGrF36wFw+YDxuuotPrAcz3YL43oewaUB9R8nrzhQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:7c:fc:8d:9e:36:5f:30:1a:d6:a0:18:90:38:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3771bd6e2dda5fa3057c4bc283faf713a915a5d9
Validity
Not Before: Nov 11 07:01:47 2025 GMT
Not After : Nov 12 07:01:47 2025 GMT
Subject: CN=1943f91329be98d24a8982bdb90f8d693db3812a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:88:4c:ec:a6:3d:0e:c4:5b:96:8e:e0:0f:9f:
e7:47:ff:ee:59:e8:d0:bf:f0:cc:c7:f0:0a:2b:a2:
14:1a:1c:9d:e8:69:6e:a4:22:3a:4c:d2:08:e3:0e:
8b:70:8d:9a:1d:4f:5d:28:b8:73:3e:5d:7d:6d:6c:
7a:12:de:71:d7:b4:4f:e0:e0:8d:6e:a6:d7:56:c8:
31:2b:4e:67:c8:8d:d3:30:f0:a6:df:c0:a5:86:b7:
93:a0:b6:53:0a:b9:f4:f0:fc:f0:ba:f7:b3:af:89:
88:8a:1e:db:e8:ef:94:d4:a7:09:3c:a0:99:61:5c:
94:d4:3e:5a:a8:f7:1c:c3:0f:73:26:50:02:22:36:
8d:72:ac:8b:b8:8f:38:5a:f3:44:81:93:ea:b3:5f:
9f:3f:9c:ca:e4:43:d4:1d:58:63:a8:61:2f:3a:47:
2c:f0:fc:85:56:47:ab:88:7e:fa:45:d2:03:97:43:
3c:f5:df:93:91:d6:08:a1:b4:bc:26:a3:cd:6f:7e:
d6:d9:11:0f:c8:5b:63:cb:a2:77:01:cc:f2:93:ac:
42:41:69:77:93:9a:77:62:1b:c8:2b:03:66:bb:02:
13:59:5a:a4:13:bb:25:fa:49:06:b4:5b:c5:5a:7c:
9d:c7:a1:06:0a:20:88:29:b2:7a:0c:53:08:f4:0d:
9a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:43:F9:13:29:BE:98:D2:4A:89:82:BD:B9:0F:8D:69:3D:B3:81:2A
X509v3 Authority Key Identifier:
keyid:37:71:BD:6E:2D:DA:5F:A3:05:7C:4B:C2:83:FA:F7:13:A9:15:A5:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3G9bi3aX6MFfEvCg_r3E6kVpdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/86f93b-cd9d-4e82-bef0-9dcf6b3c0797/1/N3G9bi3aX6MFfEvCg_r3E6kVpdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:36:2e:54:1c:9d:e7:88:56:5c:11:22:30:de:ea:15:8a:22:
69:fb:74:47:b0:e3:f8:c1:48:02:f2:d5:d6:88:ca:aa:b4:35:
b2:45:7b:95:0e:fd:e9:e4:ad:89:e1:72:05:71:cb:02:bb:99:
e3:69:c2:cb:d6:2d:76:f6:b8:ed:3d:b4:d9:37:39:01:71:c4:
fc:ac:24:21:62:49:b8:a3:0e:45:13:bf:3d:01:5c:80:60:da:
a5:1a:d8:86:01:b1:21:16:04:0e:ef:69:0c:45:03:11:51:0a:
50:d4:88:40:30:cc:9f:76:39:4c:a4:51:b1:d9:a1:fe:4b:e7:
34:8a:c4:0b:1c:81:a0:f6:d0:06:47:f2:26:a1:4f:7f:8c:55:
bc:24:50:ba:d6:dc:c6:20:ba:0b:a3:d1:b6:fc:3b:04:92:ac:
12:cc:43:64:3c:7a:b4:c7:1c:8c:97:fc:68:60:8b:e8:74:40:
9c:f2:1c:ed:e8:84:14:46:2a:cd:87:2b:32:e0:b4:53:e3:bc:
06:43:03:cb:68:69:0f:4f:b5:78:fd:a2:19:d4:7d:2e:ea:d1:
2b:0d:3f:2b:2d:75:c1:83:f8:bf:a6:3c:b2:24:54:8a:3c:45:
3f:e7:5f:5a:e2:5c:a2:2a:2b:e1:b9:69:76:63:98:63:a8:5c:
40:cc:1f:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHz8jZ42XzAa1qAYkDgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NzFiZDZlMmRkYTVmYTMwNTdjNGJjMjgzZmFmNzEzYTkx
NWE1ZDkwHhcNMjUxMTExMDcwMTQ3WhcNMjUxMTEyMDcwMTQ3WjAzMTEwLwYDVQQD
EygxOTQzZjkxMzI5YmU5OGQyNGE4OTgyYmRiOTBmOGQ2OTNkYjM4MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4hM7KY9DsRblo7gD5/nR//uWejQ
v/DMx/AKK6IUGhyd6GlupCI6TNII4w6LcI2aHU9dKLhzPl19bWx6Et5x17RP4OCN
bqbXVsgxK05nyI3TMPCm38ClhreToLZTCrn08Pzwuvezr4mIih7b6O+U1KcJPKCZ
YVyU1D5aqPccww9zJlACIjaNcqyLuI84WvNEgZPqs1+fP5zK5EPUHVhjqGEvOkcs
8PyFVkeriH76RdIDl0M89d+TkdYIobS8JqPNb37W2REPyFtjy6J3Aczyk6xCQWl3
k5p3YhvIKwNmuwITWVqkE7sl+kkGtFvFWnydx6EGCiCIKbJ6DFMI9A2aqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBlD+RMpvpjSSomCvbkPjWk9s4EqMB8GA1UdIwQY
MBaAFDdxvW4t2l+jBXxLwoP69xOpFaXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAt
OWRjZjZiM2MwNzk3LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NmY5M2ItY2Q5ZC00ZTgyLWJlZjAtOWRjZjZiM2MwNzk3
LzEvTjNHOWJpM2FYNk1GZkV2Q2dfcjNFNmtWcGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqzYuVByd
54hWXBEiMN7qFYoiaft0R7Dj+MFIAvLV1ojKqrQ1skV7lQ796eStieFyBXHLAruZ
42nCy9Ytdva47T202Tc5AXHE/KwkIWJJuKMORRO/PQFcgGDapRrYhgGxIRYEDu9p
DEUDEVEKUNSIQDDMn3Y5TKRRsdmh/kvnNIrECxyBoPbQBkfyJqFPf4xVvCRQutbc
xiC6C6PRtvw7BJKsEsxDZDx6tMccjJf8aGCL6HRAnPIc7eiEFEYqzYcrMuC0U+O8
BkMDy2hpD0+1eP2iGdR9LurRKw0/Ky11wYP4v6Y8siRUijxFP+dfWuJcoior4blp
dmOYY6hcQMwfLg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:32 2025 by rpki-client