Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
File: 3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft (raw, json)
Hash identifier: 0aWgXgMx10xceyeX96AvLseAr04yJA296gOP54qInME=
Subject key identifier: 5A:C6:80:0E:71:2E:68:B4:87:EF:CE:CA:B0:C4:6F:61:B3:BB:C9:18
Authority key identifier: DD:72:5C:4D:09:53:E7:EC:F4:6F:37:E1:4F:CA:14:FD:09:A1:2D:16
Certificate issuer: /CN=dd725c4d0953e7ecf46f37e14fca14fd09a12d16
Certificate serial: 019A2F326BC2331A22D286C17B71C35DAFDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
Manifest number: 1240
Signing time: Wed 29 Oct 2025 09:00:24 +0000
Manifest this update: Wed 29 Oct 2025 09:00:24 +0000
Manifest next update: Thu 30 Oct 2025 09:00:24 +0000
Files and hashes: 1: 3XJcTQlT5-z0bzfhT8oU_QmhLRY.crl (hash: Okvb5d28xO+SOtSkedXThcjzBd9zsso/EzQJq5ae1U0=)
2: _Kt_ylx952g7HZhxMZibU4U_S9U.roa (hash: BRXKGTpDPGrVqoVy2fXV55G1/RGVRY4TQXSqB3YxXnw=)
3: bJ6OkDBz35azmUeGZSSY8SRMI4Y.roa (hash: y21BnaoaGpgbQvC0jOtfGrk+wq3H1xWVUYMR7XJq8OU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2f:32:6b:c2:33:1a:22:d2:86:c1:7b:71:c3:5d:af:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd725c4d0953e7ecf46f37e14fca14fd09a12d16
Validity
Not Before: Oct 29 09:00:24 2025 GMT
Not After : Oct 30 09:00:24 2025 GMT
Subject: CN=5ac6800e712e68b487efcecab0c46f61b3bbc918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0d:64:b0:bf:b8:58:38:a2:aa:79:d6:a4:e7:
96:38:2e:14:ae:35:fc:b7:00:7e:86:9c:3a:29:6d:
78:f2:8d:26:c2:be:d5:c0:2c:f6:db:dc:88:9f:52:
6b:bc:a1:4e:98:02:e1:a1:1d:7e:ca:65:57:ac:d3:
38:40:0f:c3:4d:b1:a2:61:e0:94:31:5a:3a:e4:07:
fb:bf:8e:94:30:99:d8:6e:91:b5:25:9f:6a:36:34:
e9:b9:56:a1:40:5c:4f:15:1a:0f:82:4d:ad:e8:7e:
5f:bf:bb:67:a9:3e:64:62:66:fe:d6:c1:09:15:e1:
f2:eb:68:a2:f0:d1:5f:75:8b:c7:18:9a:05:f8:4b:
0c:d5:f4:a0:ef:a9:86:d7:d9:e0:76:37:50:de:62:
d8:cb:c0:a1:54:97:6f:8c:f3:cb:35:e8:5c:9e:14:
33:53:0b:7a:86:46:56:46:01:78:e7:15:d6:39:5e:
0a:eb:28:18:73:cf:78:fd:52:ef:9f:c1:74:a6:e0:
18:7f:cd:36:6f:b2:12:e1:27:7b:b9:50:15:27:8e:
b0:12:9d:ea:9e:12:f8:74:2a:28:f2:15:76:cc:24:
f0:c6:d7:84:a4:d8:00:b4:c1:6b:e6:93:a3:db:c4:
82:57:57:2d:5e:47:72:a4:8c:c9:14:d0:d0:f4:02:
50:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C6:80:0E:71:2E:68:B4:87:EF:CE:CA:B0:C4:6F:61:B3:BB:C9:18
X509v3 Authority Key Identifier:
keyid:DD:72:5C:4D:09:53:E7:EC:F4:6F:37:E1:4F:CA:14:FD:09:A1:2D:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:88:4a:a6:74:77:24:14:25:c5:c2:e9:ce:ef:5e:2b:3a:d9:
02:d4:ff:dd:be:51:64:c9:78:f7:00:d2:5c:81:28:80:5f:21:
dd:60:59:25:5a:04:b9:e5:ed:a7:80:fb:a5:2f:81:51:33:97:
95:cf:94:41:33:40:36:bc:3e:5f:4f:dd:c4:c1:a2:3c:d9:b4:
29:12:be:af:3d:77:c6:a7:d2:e0:7d:7e:d4:6e:48:bd:25:99:
cd:f7:fd:d8:58:47:54:14:18:f1:cd:af:be:12:46:12:13:a7:
43:7d:c5:1b:73:66:59:3f:61:25:21:d1:1a:8c:da:85:5a:a5:
45:ec:e8:5f:19:b1:e0:4f:04:83:20:b5:ad:ed:6f:42:46:3b:
36:01:f5:be:8b:66:9e:0f:8b:c9:d5:f8:71:7b:aa:cd:11:e0:
46:0d:d7:fe:d1:83:3a:c5:fd:57:1f:f4:90:05:6f:69:5e:ce:
ef:f0:73:e6:b6:fc:87:aa:8d:09:bd:9e:bf:43:09:e5:29:cc:
a3:e8:39:9b:24:d7:8c:82:7f:eb:69:ef:01:e1:5f:de:db:7e:
69:27:da:9c:c0:48:35:e5:44:b7:f6:75:ee:bd:26:96:75:54:
ec:00:45:7a:fd:93:b8:e6:0b:02:52:2f:25:6b:e8:35:f0:a6:
d0:23:76:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZovMmvCMxoi0obBe3HDXa/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzI1YzRkMDk1M2U3ZWNmNDZmMzdlMTRmY2ExNGZkMDlh
MTJkMTYwHhcNMjUxMDI5MDkwMDI0WhcNMjUxMDMwMDkwMDI0WjAzMTEwLwYDVQQD
Eyg1YWM2ODAwZTcxMmU2OGI0ODdlZmNlY2FiMGM0NmY2MWIzYmJjOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7g1ksL+4WDiiqnnWpOeWOC4UrjX8
twB+hpw6KW148o0mwr7VwCz229yIn1JrvKFOmALhoR1+ymVXrNM4QA/DTbGiYeCU
MVo65Af7v46UMJnYbpG1JZ9qNjTpuVahQFxPFRoPgk2t6H5fv7tnqT5kYmb+1sEJ
FeHy62ii8NFfdYvHGJoF+EsM1fSg76mG19ngdjdQ3mLYy8ChVJdvjPPLNehcnhQz
Uwt6hkZWRgF45xXWOV4K6ygYc894/VLvn8F0puAYf802b7IS4Sd7uVAVJ46wEp3q
nhL4dCoo8hV2zCTwxteEpNgAtMFr5pOj28SCV1ctXkdypIzJFNDQ9AJQeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrGgA5xLmi0h+/OyrDEb2Gzu8kYMB8GA1UdIwQY
MBaAFN1yXE0JU+fs9G834U/KFP0JoS0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hKY1RRbFQ1LXowYnpmaFQ4b1VfUW1oTFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hYWE2ZTMtZjA1NC00OGU3LTgyNDYt
OGYyMGNiNzM0NDg4LzEvM1hKY1RRbFQ1LXowYnpmaFQ4b1VfUW1oTFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hYWE2ZTMtZjA1NC00OGU3LTgyNDYtOGYyMGNiNzM0NDg4
LzEvM1hKY1RRbFQ1LXowYnpmaFQ4b1VfUW1oTFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEohKpnR3
JBQlxcLpzu9eKzrZAtT/3b5RZMl49wDSXIEogF8h3WBZJVoEueXtp4D7pS+BUTOX
lc+UQTNANrw+X0/dxMGiPNm0KRK+rz13xqfS4H1+1G5IvSWZzff92FhHVBQY8c2v
vhJGEhOnQ33FG3NmWT9hJSHRGozahVqlRezoXxmx4E8EgyC1re1vQkY7NgH1votm
ng+LydX4cXuqzRHgRg3X/tGDOsX9Vx/0kAVvaV7O7/Bz5rb8h6qNCb2ev0MJ5SnM
o+g5myTXjIJ/62nvAeFf3tt+aSfanMBINeVEt/Z17r0mlnVU7ABFev2TuOYLAlIv
JWvoNfCm0CN2vw==
-----END CERTIFICATE-----
Generated at Wed Oct 29 17:30:28 2025 by rpki-client