Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
File: 3ikhmJ19kMZOuzVliDH-ao9JyTg.mft (raw, json)
Hash identifier: hM4wLP9MZaWGKZgdiC/wMiq8wPD24kdStNU3Tz1WZjU=
Subject key identifier: 5A:FF:B5:BC:C9:F7:52:99:A7:C5:81:D5:F9:0B:B8:96:67:CE:07:53
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 0199240D69C735FC6A7E32E9A8BBF299F6D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
Manifest number: 0AE3
Signing time: Sun 07 Sep 2025 12:01:22 +0000
Manifest this update: Sun 07 Sep 2025 12:01:22 +0000
Manifest next update: Mon 08 Sep 2025 12:01:22 +0000
Files and hashes: 1: 3ikhmJ19kMZOuzVliDH-ao9JyTg.crl (hash: GfZcxigrK7iYkLfqnjq4mGtIrCoUSYnm9/pZGvdrUx0=)
2: TOKJ7leUflS6UttAZzwZcKF4cuU.roa (hash: FbxsOsIky6908M3EghoAhEv3FVACCPzpDuJvnzX9foU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:24:0d:69:c7:35:fc:6a:7e:32:e9:a8:bb:f2:99:f6:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Sep 7 12:01:22 2025 GMT
Not After : Sep 8 12:01:22 2025 GMT
Subject: CN=5affb5bcc9f75299a7c581d5f90bb89667ce0753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:87:a3:4e:41:7c:3f:a6:de:7d:8c:77:78:90:
48:7f:e9:3f:51:d3:9b:85:36:a6:da:7a:1b:e3:b7:
d2:3b:76:9d:30:1b:46:01:e2:06:e6:71:f0:4b:a4:
f3:07:bb:c4:fb:f3:18:81:ea:42:09:c2:ac:e8:7a:
18:32:f4:58:ab:05:75:ce:b5:93:06:68:1e:92:8c:
ff:e5:e4:fc:bd:95:1e:1a:36:25:4f:10:00:07:06:
30:d8:05:a1:a7:3b:b7:91:09:3e:d3:5a:9f:db:72:
55:6b:51:ca:d3:43:60:69:6c:61:3a:35:0f:53:54:
46:8a:da:60:56:a0:3e:43:fb:7a:21:a5:56:8d:41:
7f:f6:0f:9d:b4:d4:7a:3e:1d:69:2d:15:28:6e:0e:
b9:a0:ff:73:b8:ff:e3:8d:36:7b:93:8a:c0:1e:6d:
86:9c:44:7d:1c:52:d0:bd:63:57:5f:96:ac:ce:e0:
24:ff:e3:61:18:e4:6b:2c:b5:52:2e:a2:c8:07:5f:
9b:49:71:d3:8d:0c:e5:2c:79:66:55:ff:4c:c9:ac:
92:ae:c9:80:75:5e:34:62:3e:88:55:55:5a:d3:57:
da:69:ff:a6:3b:80:76:6a:ac:2d:0c:09:d1:91:08:
63:50:d4:4f:d5:8a:09:10:b9:dc:12:62:38:e8:5c:
f7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:FF:B5:BC:C9:F7:52:99:A7:C5:81:D5:F9:0B:B8:96:67:CE:07:53
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:e6:8c:e1:e2:c1:73:a6:30:58:b8:24:1b:0e:9c:70:1b:73:
ac:0b:7d:d8:5a:b8:af:be:b1:c4:a4:c5:75:c8:19:e1:bc:e2:
d9:df:1e:62:26:2a:70:3d:b5:49:f0:aa:0f:13:bc:31:f8:36:
3d:ba:5d:65:81:62:78:9a:48:a0:50:cd:b7:18:6b:5f:58:4e:
7e:8f:cb:66:93:d5:52:d2:a9:03:bd:b3:45:6a:48:9c:86:eb:
cf:fe:00:89:ba:44:c0:0c:c4:30:2f:2f:a2:ab:28:a2:82:84:
d6:b8:83:03:2e:b0:d0:78:5b:16:29:81:a6:97:43:d5:47:fe:
f3:82:a7:7f:ea:79:c7:9e:a5:06:1f:e4:76:22:06:bb:78:94:
13:d0:bc:48:f2:5b:29:37:16:25:bd:e1:52:cd:49:24:50:7c:
d5:3b:68:4c:44:d4:f6:7b:7d:2c:18:07:c3:f2:c6:ec:7c:61:
e2:6f:78:fa:38:66:82:2c:f5:0a:2e:ee:dd:40:54:b1:87:a4:
db:65:b3:4c:26:17:7a:c6:82:2b:e3:c1:37:fa:fa:d2:1e:c0:
b4:dc:b0:14:58:06:0d:98:42:36:ff:a1:71:c5:d9:d0:a3:ee:
e1:c9:56:18:8a:6d:b1:4e:87:b6:cf:77:89:f1:1a:9f:4c:3f:
c2:bf:60:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDWnHNfxqfjLpqLvymfbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjUwOTA3MTIwMTIyWhcNMjUwOTA4MTIwMTIyWjAzMTEwLwYDVQQD
Eyg1YWZmYjViY2M5Zjc1Mjk5YTdjNTgxZDVmOTBiYjg5NjY3Y2UwNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooejTkF8P6befYx3eJBIf+k/UdOb
hTam2nob47fSO3adMBtGAeIG5nHwS6TzB7vE+/MYgepCCcKs6HoYMvRYqwV1zrWT
Bmgekoz/5eT8vZUeGjYlTxAABwYw2AWhpzu3kQk+01qf23JVa1HK00NgaWxhOjUP
U1RGitpgVqA+Q/t6IaVWjUF/9g+dtNR6Ph1pLRUobg65oP9zuP/jjTZ7k4rAHm2G
nER9HFLQvWNXX5aszuAk/+NhGORrLLVSLqLIB1+bSXHTjQzlLHlmVf9MyaySrsmA
dV40Yj6IVVVa01faaf+mO4B2aqwtDAnRkQhjUNRP1YoJELncEmI46Fz39QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFr/tbzJ91KZp8WB1fkLuJZnzgdTMB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWuaM4eLB
c6YwWLgkGw6ccBtzrAt92Fq4r76xxKTFdcgZ4bzi2d8eYiYqcD21SfCqDxO8Mfg2
PbpdZYFieJpIoFDNtxhrX1hOfo/LZpPVUtKpA72zRWpInIbrz/4AibpEwAzEMC8v
oqsoooKE1riDAy6w0HhbFimBppdD1Uf+84Knf+p5x56lBh/kdiIGu3iUE9C8SPJb
KTcWJb3hUs1JJFB81TtoTETU9nt9LBgHw/LG7Hxh4m94+jhmgiz1Ci7u3UBUsYek
22WzTCYXesaCK+PBN/r60h7AtNywFFgGDZhCNv+hccXZ0KPu4clWGIptsU6Hts93
ifEan0w/wr9g5Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:49:37 2025 by rpki-client