Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
File: 3fCc-W5fyHTuk5CXxWUci9hC5q0.mft (raw, json)
Hash identifier: vkPXVDpSSCu5cPXFuy/zO5nweg9dNfNGzH74de0g0ss=
Subject key identifier: 10:D5:ED:FB:37:81:D5:0F:CF:31:2D:D8:C7:C0:73:27:60:5B:F6:D0
Authority key identifier: DD:F0:9C:F9:6E:5F:C8:74:EE:93:90:97:C5:65:1C:8B:D8:42:E6:AD
Certificate issuer: /CN=ddf09cf96e5fc874ee939097c5651c8bd842e6ad
Certificate serial: 019A05FF7036F939746941C6AC82A3E6948F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
Manifest number: 041A
Signing time: Tue 21 Oct 2025 09:00:17 +0000
Manifest this update: Tue 21 Oct 2025 09:00:17 +0000
Manifest next update: Wed 22 Oct 2025 09:00:17 +0000
Files and hashes: 1: 3fCc-W5fyHTuk5CXxWUci9hC5q0.crl (hash: 1Le6WUQtMg56D+vzxQpN2R2R7orGE+sF+Q/++21ftgs=)
2: 4QrqTeH17AXNTy8pbTdrujVUbQI.roa (hash: FZeq9SJr8r+vs6lCOy39Gvb+wDR+3HmqIg9DlvmdZfk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:ff:70:36:f9:39:74:69:41:c6:ac:82:a3:e6:94:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf09cf96e5fc874ee939097c5651c8bd842e6ad
Validity
Not Before: Oct 21 09:00:17 2025 GMT
Not After : Oct 22 09:00:17 2025 GMT
Subject: CN=10d5edfb3781d50fcf312dd8c7c07327605bf6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8b:0c:06:ea:12:6f:d2:7f:78:70:31:a2:36:
c5:d4:2b:07:78:2b:d0:45:49:4d:96:78:7f:4e:7f:
44:c3:df:93:28:30:6c:e6:29:94:89:44:90:cd:d3:
d2:bb:ed:71:ee:fb:23:3b:f1:32:28:33:8c:d6:aa:
64:97:85:0e:20:80:82:56:67:d3:c3:31:7a:0e:19:
39:7e:1d:bb:29:eb:76:d4:29:b4:81:15:63:7e:f3:
38:ee:4a:85:32:ea:16:8d:f8:58:27:1c:18:0d:ba:
d7:99:eb:46:0a:62:df:55:cc:96:b1:3b:b8:79:89:
60:90:ca:cc:67:64:85:e3:1b:64:1d:e9:fb:7c:68:
28:35:c2:55:c3:d5:95:8e:75:f5:f6:45:43:95:f9:
a5:73:5e:49:06:14:bd:78:33:0a:e6:95:98:ae:9d:
3b:fb:0f:a2:61:27:7b:83:e6:f2:15:a8:05:68:9b:
c3:bf:35:53:c0:ba:4c:a0:d9:c4:fd:f9:50:73:3e:
62:86:db:a5:18:cd:d9:7b:bb:1c:7d:b1:83:be:1c:
9a:19:b8:c1:5a:39:4d:17:fb:38:4e:7d:87:49:0d:
b5:a0:32:53:cb:9c:bb:a5:9c:51:82:78:ea:d6:d6:
66:1c:17:13:ec:98:4f:cf:63:3f:a3:e3:80:d8:62:
cf:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D5:ED:FB:37:81:D5:0F:CF:31:2D:D8:C7:C0:73:27:60:5B:F6:D0
X509v3 Authority Key Identifier:
keyid:DD:F0:9C:F9:6E:5F:C8:74:EE:93:90:97:C5:65:1C:8B:D8:42:E6:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fCc-W5fyHTuk5CXxWUci9hC5q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/0079e8-c246-4c38-9052-673670e6ef09/1/3fCc-W5fyHTuk5CXxWUci9hC5q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:bb:ed:31:23:b8:f4:fc:07:a8:0d:6c:df:b0:b5:73:fd:9b:
53:fd:94:2a:01:ea:aa:c5:e0:95:46:e9:3b:71:8d:e0:67:16:
ce:01:8b:6c:d4:44:17:6b:66:6c:ee:13:94:c3:b0:45:0f:f4:
6f:bb:e2:51:a0:fe:4b:f9:f2:5f:a7:b8:a3:32:c6:1b:d5:f8:
4f:1b:db:21:59:8c:62:ea:6b:17:e1:78:a8:f7:e6:ac:7b:c4:
04:6c:9f:b8:01:50:c7:91:73:57:cb:6f:08:ec:ac:41:ed:aa:
43:76:bd:cc:81:57:fb:ed:97:8f:8d:41:1f:59:02:47:04:0a:
a2:f3:14:15:d1:4a:60:4e:05:93:f4:ea:6c:df:98:5c:89:0b:
90:fb:5d:bc:f5:31:8a:ee:4c:07:28:75:0f:41:3b:fe:f6:65:
95:cf:82:e6:cb:3e:3c:18:a5:04:90:e3:f2:87:4c:2a:b5:0c:
9f:20:fc:63:c6:45:3b:ab:b9:7f:c6:68:97:35:d3:a9:77:8b:
cc:93:30:09:56:ed:86:d8:8c:18:d2:e3:b4:57:95:c7:15:de:
8f:5e:68:c2:a0:9d:4e:d7:70:ba:2e:f8:35:fb:c8:6f:1e:a6:
0a:68:fb:3e:e7:61:26:ca:7c:c8:be:13:5f:c8:03:b4:7e:78:
09:cd:46:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoF/3A2+Tl0aUHGrIKj5pSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjA5Y2Y5NmU1ZmM4NzRlZTkzOTA5N2M1NjUxYzhiZDg0
MmU2YWQwHhcNMjUxMDIxMDkwMDE3WhcNMjUxMDIyMDkwMDE3WjAzMTEwLwYDVQQD
EygxMGQ1ZWRmYjM3ODFkNTBmY2YzMTJkZDhjN2MwNzMyNzYwNWJmNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYsMBuoSb9J/eHAxojbF1CsHeCvQ
RUlNlnh/Tn9Ew9+TKDBs5imUiUSQzdPSu+1x7vsjO/EyKDOM1qpkl4UOIICCVmfT
wzF6Dhk5fh27Ket21Cm0gRVjfvM47kqFMuoWjfhYJxwYDbrXmetGCmLfVcyWsTu4
eYlgkMrMZ2SF4xtkHen7fGgoNcJVw9WVjnX19kVDlfmlc15JBhS9eDMK5pWYrp07
+w+iYSd7g+byFagFaJvDvzVTwLpMoNnE/flQcz5ihtulGM3Ze7scfbGDvhyaGbjB
WjlNF/s4Tn2HSQ21oDJTy5y7pZxRgnjq1tZmHBcT7JhPz2M/o+OA2GLPfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDV7fs3gdUPzzEt2MfAcydgW/bQMB8GA1UdIwQY
MBaAFN3wnPluX8h07pOQl8VlHIvYQuatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wMDc5ZTgtYzI0Ni00YzM4LTkwNTIt
NjczNjcwZTZlZjA5LzEvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wMDc5ZTgtYzI0Ni00YzM4LTkwNTItNjczNjcwZTZlZjA5
LzEvM2ZDYy1XNWZ5SFR1azVDWHhXVWNpOWhDNXEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbrvtMSO4
9PwHqA1s37C1c/2bU/2UKgHqqsXglUbpO3GN4GcWzgGLbNREF2tmbO4TlMOwRQ/0
b7viUaD+S/nyX6e4ozLGG9X4TxvbIVmMYuprF+F4qPfmrHvEBGyfuAFQx5FzV8tv
COysQe2qQ3a9zIFX++2Xj41BH1kCRwQKovMUFdFKYE4Fk/TqbN+YXIkLkPtdvPUx
iu5MByh1D0E7/vZllc+C5ss+PBilBJDj8odMKrUMnyD8Y8ZFO6u5f8ZolzXTqXeL
zJMwCVbthtiMGNLjtFeVxxXej15owqCdTtdwui74NfvIbx6mCmj7PudhJsp8yL4T
X8gDtH54Cc1Gww==
-----END CERTIFICATE-----
Generated at Tue Oct 21 18:13:34 2025 by rpki-client