Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
File: 3ikhmJ19kMZOuzVliDH-ao9JyTg.mft (raw, json)
Hash identifier: nY9ZeTZxbgVUsoOIFbc5StV6juub2wsVkoJw8MgcLdw=
Subject key identifier: 78:2A:74:D3:40:57:7B:85:E0:F7:20:1A:65:FC:19:1A:02:BA:76:91
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 019A72261172EAC81779CD092CC457E1864C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
Manifest number: 0B90
Signing time: Tue 11 Nov 2025 09:01:28 +0000
Manifest this update: Tue 11 Nov 2025 09:01:28 +0000
Manifest next update: Wed 12 Nov 2025 09:01:28 +0000
Files and hashes: 1: 3ikhmJ19kMZOuzVliDH-ao9JyTg.crl (hash: GVSRp9OWm8E/tRIvZgT1yH+B4d86cFsXBwTeUDhSzTs=)
2: TOKJ7leUflS6UttAZzwZcKF4cuU.roa (hash: FbxsOsIky6908M3EghoAhEv3FVACCPzpDuJvnzX9foU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:11:72:ea:c8:17:79:cd:09:2c:c4:57:e1:86:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Nov 11 09:01:28 2025 GMT
Not After : Nov 12 09:01:28 2025 GMT
Subject: CN=782a74d340577b85e0f7201a65fc191a02ba7691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f6:76:24:b0:9c:9c:92:f5:de:a7:77:48:52:
b5:2a:79:0f:fb:23:e6:ed:72:5b:48:de:1d:ca:0f:
36:d1:52:52:03:3e:06:7c:3c:71:e4:b2:1c:0d:48:
02:fb:51:25:d8:10:6c:bb:e4:0d:04:ba:76:75:f2:
82:f4:a9:7f:7b:57:e4:1e:91:a3:25:ef:05:70:96:
ed:3f:84:6c:36:36:01:4a:8f:34:94:b8:1c:e1:7a:
0d:c4:7f:ee:ca:02:09:72:7b:b3:6a:63:fd:fe:ef:
68:a2:16:99:b0:eb:33:a4:83:d1:47:b3:63:dd:d6:
32:2d:17:02:f5:c2:a7:ee:4d:40:86:41:5a:c7:2a:
32:1d:c6:65:d1:d8:ee:61:da:4c:99:a5:6e:38:d8:
d3:26:b8:8b:a6:31:44:5c:a9:65:10:87:c8:f5:a3:
b9:06:b0:0e:d0:67:26:70:4f:b7:3d:46:fa:52:80:
47:40:84:af:b6:d1:ed:e7:85:d2:d3:bc:f2:e2:a5:
f2:df:b1:7a:69:62:38:be:54:5c:8d:6c:ce:82:09:
41:b5:a8:cf:bc:fc:74:df:fd:ab:f4:85:33:56:f8:
60:09:19:de:4c:30:90:f7:9c:53:19:8d:c4:37:c6:
0b:3e:43:2c:d4:ee:ee:c2:3d:32:4c:33:0e:45:b7:
da:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:2A:74:D3:40:57:7B:85:E0:F7:20:1A:65:FC:19:1A:02:BA:76:91
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:02:f7:fb:6e:a3:22:38:0e:e6:05:18:4b:bd:54:c5:ce:cc:
3d:1b:fc:38:65:11:f8:3a:57:81:70:52:ed:2f:e6:6f:a4:d0:
3c:9e:86:4a:be:8b:87:75:91:0e:2d:45:7a:bc:70:e2:02:a9:
3c:b9:de:8a:c5:b1:56:05:c8:e7:26:9d:55:ec:e4:ca:66:e5:
73:d9:92:05:3a:37:44:58:fc:96:7e:e4:f9:4b:ef:d0:91:4e:
bd:86:78:b4:f3:76:ca:65:7b:41:44:bb:74:59:a9:fa:3b:45:
ff:eb:02:5f:0f:eb:2d:1e:e0:b7:f9:c9:47:0a:c7:0f:0f:2c:
25:20:78:bb:0c:87:49:a6:b9:84:c0:01:6b:ac:1e:25:2b:2e:
fd:a1:62:83:95:6b:31:38:31:4d:35:eb:99:e1:2e:75:cb:7e:
61:dc:39:df:33:f8:4b:13:e0:24:5c:a1:b8:e1:a7:66:8d:dd:
71:14:4b:2e:13:62:72:78:9e:c9:78:91:17:f3:11:26:b1:6b:
6a:f1:f4:27:14:aa:03:6b:96:16:1d:6e:d4:77:3a:4c:99:e2:
b3:14:3d:c7:9f:73:d4:0d:ac:89:9b:8b:1e:be:d1:b4:d9:9e:
9a:3e:43:8f:59:1d:a3:b3:0a:94:46:16:63:f5:c4:35:da:49:
e6:b6:59:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhFy6sgXec0JLMRX4YZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjUxMTExMDkwMTI4WhcNMjUxMTEyMDkwMTI4WjAzMTEwLwYDVQQD
Eyg3ODJhNzRkMzQwNTc3Yjg1ZTBmNzIwMWE2NWZjMTkxYTAyYmE3NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivZ2JLCcnJL13qd3SFK1KnkP+yPm
7XJbSN4dyg820VJSAz4GfDxx5LIcDUgC+1El2BBsu+QNBLp2dfKC9Kl/e1fkHpGj
Je8FcJbtP4RsNjYBSo80lLgc4XoNxH/uygIJcnuzamP9/u9oohaZsOszpIPRR7Nj
3dYyLRcC9cKn7k1AhkFaxyoyHcZl0djuYdpMmaVuONjTJriLpjFEXKllEIfI9aO5
BrAO0GcmcE+3PUb6UoBHQISvttHt54XS07zy4qXy37F6aWI4vlRcjWzOgglBtajP
vPx03/2r9IUzVvhgCRneTDCQ95xTGY3EN8YLPkMs1O7uwj0yTDMORbfabQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgqdNNAV3uF4PcgGmX8GRoCunaRMB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgL3+26j
IjgO5gUYS71Uxc7MPRv8OGUR+DpXgXBS7S/mb6TQPJ6GSr6Lh3WRDi1Ferxw4gKp
PLneisWxVgXI5yadVezkymblc9mSBTo3RFj8ln7k+Uvv0JFOvYZ4tPN2ymV7QUS7
dFmp+jtF/+sCXw/rLR7gt/nJRwrHDw8sJSB4uwyHSaa5hMABa6weJSsu/aFig5Vr
MTgxTTXrmeEudct+Ydw53zP4SxPgJFyhuOGnZo3dcRRLLhNicnieyXiRF/MRJrFr
avH0JxSqA2uWFh1u1Hc6TJnisxQ9x59z1A2siZuLHr7RtNmemj5Dj1kdo7MKlEYW
Y/XENdpJ5rZZHw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:47:47 2025 by rpki-client