Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
File: is3dXDDVgOsP7soqFs9cWoslaP0.mft (raw, json)
Hash identifier: IHtXQ5GOaTLnMQms6OqPA2Yv6xfTGrwq+3EFZqMBh6w=
Subject key identifier: 4D:64:7A:3D:CD:FC:61:87:1F:FF:C4:E6:E7:53:1D:CC:1A:4C:7C:99
Authority key identifier: 8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
Certificate issuer: /CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Certificate serial: 019A72CA60AAB041FA32CB5E43A38D9AE07D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 12:00:56 +0000
Manifest this update: Tue 11 Nov 2025 12:00:56 +0000
Manifest next update: Wed 12 Nov 2025 12:00:56 +0000
Files and hashes: 1: 1-BU0QGGPOY6StLl6EjdaPUoRp0U.roa (hash: YErgeEfB3mK/ybWEoY6pFZ+o+6uteNHWASk7smyhzI8=)
2: is3dXDDVgOsP7soqFs9cWoslaP0.crl (hash: XV44X6xsiKL1xXviysd7dxmuZIMpGJhxBwjYj6IwgKk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:60:aa:b0:41:fa:32:cb:5e:43:a3:8d:9a:e0:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Validity
Not Before: Nov 11 12:00:56 2025 GMT
Not After : Nov 12 12:00:56 2025 GMT
Subject: CN=4d647a3dcdfc61871fffc4e6e7531dcc1a4c7c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:05:cf:9d:08:97:cd:ed:6a:1f:40:eb:ff:80:
1f:05:00:8f:ff:ba:62:11:dd:b0:2a:a4:e7:5c:9d:
52:7d:f5:2f:62:bd:b0:17:d6:e7:34:2f:d1:b3:35:
99:aa:1f:68:7c:fe:e3:7f:26:5e:58:be:a5:a6:ec:
44:66:ac:24:7e:0a:fb:04:28:2f:a8:a2:21:6f:c3:
ea:60:49:64:93:aa:28:4b:47:20:54:77:a3:7d:64:
13:b6:34:64:9b:66:de:90:6a:6b:b0:4f:3b:30:65:
97:63:f2:dc:4c:8a:52:4c:59:c0:01:33:3e:47:05:
cc:03:c5:9f:21:07:7a:dd:34:b0:1a:fb:c1:44:ba:
00:97:d6:6d:fc:65:39:b1:4d:81:23:3a:f8:c6:ec:
bc:f7:dd:91:c5:32:b2:3c:a8:be:52:67:52:e3:eb:
cf:df:eb:15:14:be:f9:f4:34:29:94:c6:49:2d:e7:
e3:ce:f5:f7:e7:77:ac:ec:2b:88:b9:d3:4c:4b:5d:
c6:7f:a3:08:02:9b:6c:8a:58:99:ca:09:ed:7e:a9:
85:b5:ce:fc:55:af:71:df:a6:8f:e0:a1:45:25:1a:
93:2f:bf:b2:d6:0f:34:ca:a4:08:8f:3e:60:0f:70:
22:ad:28:33:b5:ea:34:ad:77:48:d8:eb:df:11:3c:
7e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:64:7A:3D:CD:FC:61:87:1F:FF:C4:E6:E7:53:1D:CC:1A:4C:7C:99
X509v3 Authority Key Identifier:
keyid:8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:9f:d3:76:9f:4a:75:df:95:21:2a:9e:60:ef:79:34:f5:20:
1f:87:4d:48:47:31:7e:fc:ad:a4:83:d7:45:5f:46:84:df:42:
a4:b9:bf:10:3c:98:7a:e2:60:06:64:b7:d0:8d:54:fe:e9:e6:
22:2c:18:d6:eb:8a:c7:eb:fb:59:df:f9:57:64:c6:89:3b:0e:
f0:17:22:1e:12:04:e8:d8:cf:ba:f3:ae:a6:63:cd:4a:3a:2a:
73:01:20:6b:bd:c1:c2:ac:b6:53:ec:9f:54:60:82:5c:0f:cc:
73:2e:4b:cf:6a:80:87:26:8d:9a:a3:07:ee:b4:90:3b:c6:ba:
a5:ad:13:ef:4d:52:14:a7:e3:e2:eb:14:9f:0d:cf:0c:a3:51:
74:fa:9c:79:58:4b:84:e2:da:78:ae:00:8f:39:6c:90:15:d3:
ae:2a:9a:d1:47:0b:c1:94:c0:c3:ad:1b:e1:7d:2c:91:0f:9b:
b7:8f:f7:f8:b6:41:7a:9b:fc:5b:3a:74:12:dc:db:98:0b:6c:
5f:a1:ab:5e:33:3e:38:f4:76:3b:b6:19:7c:9f:ad:7f:81:98:
6b:f4:4e:99:a2:61:0b:72:71:16:1f:34:4b:45:32:40:ce:4d:
39:c4:df:fb:df:ff:88:07:72:26:ff:4d:13:73:6d:44:84:ed:
59:5c:95:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyymCqsEH6MsteQ6ONmuB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RkZDVjMzBkNTgwZWIwZmVlY2EyYTE2Y2Y1YzVhOGIy
NTY4ZmQwHhcNMjUxMTExMTIwMDU2WhcNMjUxMTEyMTIwMDU2WjAzMTEwLwYDVQQD
Eyg0ZDY0N2EzZGNkZmM2MTg3MWZmZmM0ZTZlNzUzMWRjYzFhNGM3Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgXPnQiXze1qH0Dr/4AfBQCP/7pi
Ed2wKqTnXJ1SffUvYr2wF9bnNC/RszWZqh9ofP7jfyZeWL6lpuxEZqwkfgr7BCgv
qKIhb8PqYElkk6ooS0cgVHejfWQTtjRkm2bekGprsE87MGWXY/LcTIpSTFnAATM+
RwXMA8WfIQd63TSwGvvBRLoAl9Zt/GU5sU2BIzr4xuy8992RxTKyPKi+UmdS4+vP
3+sVFL759DQplMZJLefjzvX353es7CuIudNMS13Gf6MIAptsiliZygntfqmFtc78
Va9x36aP4KFFJRqTL7+y1g80yqQIjz5gD3AirSgzteo0rXdI2OvfETx+SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1kej3N/GGHH//E5udTHcwaTHyZMB8GA1UdIwQY
MBaAFIrN3Vww1YDrD+7KKhbPXFqLJWj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDIt
MTdiMWM3Mzc5MzAwLzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yNWFjYTctN2UyOC00ODdjLTg2ZDItMTdiMWM3Mzc5MzAw
LzEvaXMzZFhERFZnT3NQN3NvcUZzOWNXb3NsYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGp/Tdp9K
dd+VISqeYO95NPUgH4dNSEcxfvytpIPXRV9GhN9CpLm/EDyYeuJgBmS30I1U/unm
IiwY1uuKx+v7Wd/5V2TGiTsO8BciHhIE6NjPuvOupmPNSjoqcwEga73Bwqy2U+yf
VGCCXA/Mcy5Lz2qAhyaNmqMH7rSQO8a6pa0T701SFKfj4usUnw3PDKNRdPqceVhL
hOLaeK4AjzlskBXTriqa0UcLwZTAw60b4X0skQ+bt4/3+LZBepv8Wzp0EtzbmAts
X6GrXjM+OPR2O7YZfJ+tf4GYa/ROmaJhC3JxFh80S0UyQM5NOcTf+9//iAdyJv9N
E3NtRITtWVyVPA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:42:09 2025 by rpki-client