Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0f4302-41a2-4da4-878e-5867be7036b3/1/3xRM6OjkQV5chqCygEmaOFwU7_I.mft
File: 3xRM6OjkQV5chqCygEmaOFwU7_I.mft (raw, json)
Hash identifier: z88xa/X4Hmxm+AsZPDOOR1Orj3kVPmx4MhsheMuAu0M=
Subject key identifier: CE:D4:D0:2F:E3:EB:AE:36:3B:3A:DA:13:66:95:33:5D:B6:99:65:F3
Authority key identifier: DF:14:4C:E8:E8:E4:41:5E:5C:86:A0:B2:80:49:9A:38:5C:14:EF:F2
Certificate issuer: /CN=df144ce8e8e4415e5c86a0b280499a385c14eff2
Certificate serial: 019A72935B0D1D9E4BC38412A2464CED2AFD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3xRM6OjkQV5chqCygEmaOFwU7_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0f4302-41a2-4da4-878e-5867be7036b3/1/3xRM6OjkQV5chqCygEmaOFwU7_I.mft
Manifest number: 0D96
Signing time: Tue 11 Nov 2025 11:00:50 +0000
Manifest this update: Tue 11 Nov 2025 11:00:50 +0000
Manifest next update: Wed 12 Nov 2025 11:00:50 +0000
Files and hashes: 1: 3xRM6OjkQV5chqCygEmaOFwU7_I.crl (hash: P5ui3YIRWSOhOsGN1AqkpTad9ZtiRWu2qS+xX4CbmZU=)
2: 7d2ToMhT-5ZAU4qsYQXruw_MoIU.roa (hash: vm5X1sab9HJagyLFII3df7BekSqzu2gNn9apIe4J5uw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/0f4302-41a2-4da4-878e-5867be7036b3/1/3xRM6OjkQV5chqCygEmaOFwU7_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/0f4302-41a2-4da4-878e-5867be7036b3/1/3xRM6OjkQV5chqCygEmaOFwU7_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/3xRM6OjkQV5chqCygEmaOFwU7_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:5b:0d:1d:9e:4b:c3:84:12:a2:46:4c:ed:2a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df144ce8e8e4415e5c86a0b280499a385c14eff2
Validity
Not Before: Nov 11 11:00:50 2025 GMT
Not After : Nov 12 11:00:50 2025 GMT
Subject: CN=ced4d02fe3ebae363b3ada136695335db69965f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1d:f2:4c:46:bf:1d:0d:39:04:ef:d2:5b:0e:
ae:6a:f1:e5:86:58:af:27:e7:85:45:77:68:88:af:
1e:88:e9:5d:41:c9:67:24:0c:85:61:87:fb:6e:e9:
9f:0c:cc:48:d2:fa:a3:49:b7:5d:51:30:76:be:51:
fb:1d:12:ce:0d:1c:9f:d8:e6:42:f3:5f:72:66:81:
1a:cd:ca:73:51:0f:60:12:5d:a1:a7:c4:c0:e5:4b:
1b:73:eb:fa:8d:d9:62:0c:d8:dc:d0:cb:87:29:d6:
96:6e:e8:91:c5:b8:8b:2d:8a:b3:19:70:0c:56:8d:
55:ad:e9:a4:5b:c4:fc:eb:c3:53:a5:33:5c:bf:4f:
3d:9b:5c:97:7c:06:45:31:1a:34:d1:9b:4b:60:e0:
19:a5:c1:07:23:24:94:fd:46:4f:42:c5:19:5f:c2:
ba:57:6e:7c:b4:d9:65:3a:e3:2b:a1:c8:e9:a6:5a:
ca:28:9a:96:dc:b0:7f:e3:69:0e:c7:e9:56:1c:a2:
64:90:2d:2f:d2:5f:b8:ec:83:bc:dd:7b:cb:b1:98:
72:03:89:1d:65:f5:eb:cf:68:62:04:a8:66:de:d9:
7d:7b:9a:bb:51:af:9b:b5:7d:a6:05:3a:39:7f:04:
d4:63:cc:df:10:f9:78:ea:d1:2d:5a:9f:b2:c2:b1:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D4:D0:2F:E3:EB:AE:36:3B:3A:DA:13:66:95:33:5D:B6:99:65:F3
X509v3 Authority Key Identifier:
keyid:DF:14:4C:E8:E8:E4:41:5E:5C:86:A0:B2:80:49:9A:38:5C:14:EF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xRM6OjkQV5chqCygEmaOFwU7_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0f4302-41a2-4da4-878e-5867be7036b3/1/3xRM6OjkQV5chqCygEmaOFwU7_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0f4302-41a2-4da4-878e-5867be7036b3/1/3xRM6OjkQV5chqCygEmaOFwU7_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:10:42:35:4f:9d:86:72:69:f1:be:33:71:75:5c:cb:e8:47:
ed:0a:f8:85:70:aa:4a:a0:27:b4:c9:4e:39:82:72:fa:a1:e6:
b0:7a:e0:4c:74:9c:08:68:77:ba:2e:10:5a:dc:93:50:e8:cb:
74:a1:03:55:6c:cf:c4:43:57:97:58:da:ac:5f:6e:c6:62:62:
2a:03:8e:67:83:57:f3:06:d9:ac:4b:23:41:3d:88:b3:e5:8c:
f0:ee:06:a8:73:99:5d:ba:9a:ae:10:60:88:e0:cd:5d:2c:35:
0c:0e:27:eb:12:cd:51:e7:1a:21:f7:3a:72:d8:05:4a:81:5f:
9a:b0:64:13:1f:d6:f4:d3:ee:45:42:42:55:f6:92:ea:1a:7b:
81:d9:6d:f9:e7:6a:f1:b6:d8:69:8d:93:49:f8:44:1a:6b:ce:
72:f2:24:c9:f8:66:d9:74:71:f3:84:97:2b:61:42:af:bf:48:
59:c9:a3:2e:fc:bf:b8:1b:07:36:e8:e4:01:85:63:20:b8:fc:
ae:33:1a:fc:73:f7:bf:89:ea:66:a9:a9:80:09:5a:0e:53:b9:
30:d3:7d:ac:c8:2e:75:fd:87:d9:d3:6a:41:34:b1:6c:86:f1:
bf:c0:c3:c6:f6:3b:2e:a7:1a:07:b1:7f:fc:b9:c3:1f:b0:01:
6d:8c:d8:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk1sNHZ5Lw4QSokZM7Sr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMTQ0Y2U4ZThlNDQxNWU1Yzg2YTBiMjgwNDk5YTM4NWMx
NGVmZjIwHhcNMjUxMTExMTEwMDUwWhcNMjUxMTEyMTEwMDUwWjAzMTEwLwYDVQQD
EyhjZWQ0ZDAyZmUzZWJhZTM2M2IzYWRhMTM2Njk1MzM1ZGI2OTk2NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB3yTEa/HQ05BO/SWw6uavHlhliv
J+eFRXdoiK8eiOldQclnJAyFYYf7bumfDMxI0vqjSbddUTB2vlH7HRLODRyf2OZC
819yZoEazcpzUQ9gEl2hp8TA5Usbc+v6jdliDNjc0MuHKdaWbuiRxbiLLYqzGXAM
Vo1VremkW8T868NTpTNcv089m1yXfAZFMRo00ZtLYOAZpcEHIySU/UZPQsUZX8K6
V258tNllOuMrocjpplrKKJqW3LB/42kOx+lWHKJkkC0v0l+47IO83XvLsZhyA4kd
ZfXrz2hiBKhm3tl9e5q7Ua+btX2mBTo5fwTUY8zfEPl46tEtWp+ywrHsJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7U0C/j6642OzraE2aVM122mWXzMB8GA1UdIwQY
MBaAFN8UTOjo5EFeXIagsoBJmjhcFO/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3hSTTZPamtRVjVjaHFDeWdFbWFPRndVN19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wZjQzMDItNDFhMi00ZGE0LTg3OGUt
NTg2N2JlNzAzNmIzLzEvM3hSTTZPamtRVjVjaHFDeWdFbWFPRndVN19JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wZjQzMDItNDFhMi00ZGE0LTg3OGUtNTg2N2JlNzAzNmIz
LzEvM3hSTTZPamtRVjVjaHFDeWdFbWFPRndVN19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGBBCNU+d
hnJp8b4zcXVcy+hH7Qr4hXCqSqAntMlOOYJy+qHmsHrgTHScCGh3ui4QWtyTUOjL
dKEDVWzPxENXl1jarF9uxmJiKgOOZ4NX8wbZrEsjQT2Is+WM8O4GqHOZXbqarhBg
iODNXSw1DA4n6xLNUecaIfc6ctgFSoFfmrBkEx/W9NPuRUJCVfaS6hp7gdlt+edq
8bbYaY2TSfhEGmvOcvIkyfhm2XRx84SXK2FCr79IWcmjLvy/uBsHNujkAYVjILj8
rjMa/HP3v4nqZqmpgAlaDlO5MNN9rMgudf2H2dNqQTSxbIbxv8DDxvY7LqcaB7F/
/LnDH7ABbYzYOA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:46:12 2025 by rpki-client