Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
File: 3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json)
Hash identifier: upbzh8seFKRSzQLNXPYQXWCOWPsL4wmO/XxiTHEafBo=
Subject key identifier: 91:29:6C:06:B9:27:AF:7F:93:50:04:28:C0:FA:F5:87:C9:67:6C:FB
Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84
Certificate issuer: /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
Certificate serial: 019A7112ADF42F6EC0737BABFD08229E0C1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
Manifest number: 0320
Signing time: Tue 11 Nov 2025 04:00:40 +0000
Manifest this update: Tue 11 Nov 2025 04:00:40 +0000
Manifest next update: Wed 12 Nov 2025 04:00:40 +0000
Files and hashes: 1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: o5bm++8qFJG+UIRevAYXGE+cQr6DyOchr9jWht9UETI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:ad:f4:2f:6e:c0:73:7b:ab:fd:08:22:9e:0c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984
Validity
Not Before: Nov 11 04:00:40 2025 GMT
Not After : Nov 12 04:00:40 2025 GMT
Subject: CN=91296c06b927af7f93500428c0faf587c9676cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7e:16:fa:49:b4:1c:25:75:29:54:8c:94:c2:
61:b9:1d:7a:22:14:6e:5f:17:6c:7f:94:20:2e:2d:
8c:b6:53:5d:81:b1:5e:f1:d1:31:83:3c:cb:d6:3b:
50:e1:f0:fe:08:29:cc:fc:f9:f5:50:ac:f7:95:1c:
d9:d9:67:79:7c:01:d2:f4:2a:6d:f0:8e:e1:5c:55:
c5:4f:a7:5e:5f:11:5d:ec:3f:93:56:a3:be:57:da:
63:35:4b:ba:af:94:19:26:7d:11:0c:96:25:77:2a:
8d:4d:a0:5d:b5:ac:78:de:20:f7:9d:73:82:4b:8b:
e9:bd:0a:ae:a6:c2:3d:7b:41:7a:43:29:9d:4c:02:
64:29:db:ce:b0:ba:93:3b:85:8c:a4:78:e7:09:f3:
d9:68:63:70:e9:64:db:e5:5f:ac:76:45:fa:d9:f5:
14:f7:60:22:d4:5d:87:ff:ff:07:16:f8:91:4e:c9:
89:18:69:b7:45:b0:72:93:fc:ae:dc:41:c6:b4:10:
96:ab:49:d2:84:84:7e:20:c1:f6:7d:f3:90:7a:8a:
9a:cd:2b:17:f8:97:87:30:28:43:87:bf:09:dd:69:
a4:2a:9b:c3:9c:7d:90:c0:18:7d:a2:cf:29:c9:6d:
61:d4:7d:ea:a7:54:1f:9d:20:8c:9c:f6:68:62:51:
af:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:29:6C:06:B9:27:AF:7F:93:50:04:28:C0:FA:F5:87:C9:67:6C:FB
X509v3 Authority Key Identifier:
keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:3a:55:28:0a:94:73:d6:0f:7d:f8:2e:c8:e8:65:89:a8:ad:
7c:e6:1c:3e:4d:bd:a9:2a:45:e4:dd:94:5e:80:7a:00:32:f7:
4d:2c:46:39:72:33:29:60:ec:16:d9:7b:ac:9c:9b:94:f3:af:
3c:c4:28:e4:61:cb:e3:3e:1a:83:59:62:e6:29:9f:5a:03:c0:
33:dc:a2:94:6a:2b:af:71:d6:b2:5d:aa:8d:46:05:9b:f9:45:
d8:a0:c1:ab:0c:4a:d4:bc:ad:a6:b8:ad:a5:c6:3f:46:49:56:
4f:51:3e:6f:ef:53:8a:39:75:75:0c:6e:f7:41:55:90:7f:74:
d5:47:42:04:8a:95:1c:be:d1:6f:1d:e3:96:ff:ea:53:b9:05:
9c:10:c9:39:b6:a7:22:9a:5d:55:b5:47:50:ba:21:19:22:67:
58:5b:70:8e:ce:e2:fc:ce:c3:04:5d:10:25:2a:05:1a:f8:2e:
52:00:72:58:83:2d:13:14:1e:76:09:22:4f:46:ce:af:05:b4:
0a:67:b5:20:53:c1:64:5f:96:89:40:7a:66:7d:69:aa:2b:65:
a9:3a:c5:2c:9d:ce:3e:66:98:c1:b7:96:a1:25:e3:dd:d3:b6:
d8:0b:b3:5a:21:20:b5:71:4c:9d:bb:34:cc:9f:a7:9b:ad:a7:
ad:7f:bf:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEq30L27Ac3ur/QgingwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm
M2M5ODQwHhcNMjUxMTExMDQwMDQwWhcNMjUxMTEyMDQwMDQwWjAzMTEwLwYDVQQD
Eyg5MTI5NmMwNmI5MjdhZjdmOTM1MDA0MjhjMGZhZjU4N2M5Njc2Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr34W+km0HCV1KVSMlMJhuR16IhRu
Xxdsf5QgLi2MtlNdgbFe8dExgzzL1jtQ4fD+CCnM/Pn1UKz3lRzZ2Wd5fAHS9Cpt
8I7hXFXFT6deXxFd7D+TVqO+V9pjNUu6r5QZJn0RDJYldyqNTaBdtax43iD3nXOC
S4vpvQqupsI9e0F6QymdTAJkKdvOsLqTO4WMpHjnCfPZaGNw6WTb5V+sdkX62fUU
92Ai1F2H//8HFviRTsmJGGm3RbByk/yu3EHGtBCWq0nShIR+IMH2ffOQeoqazSsX
+JeHMChDh78J3WmkKpvDnH2QwBh9os8pyW1h1H3qp1QfnSCMnPZoYlGvrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEpbAa5J69/k1AEKMD69YfJZ2z7MB8GA1UdIwQY
MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt
MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0
LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqjpVKAqU
c9YPffguyOhliaitfOYcPk29qSpF5N2UXoB6ADL3TSxGOXIzKWDsFtl7rJyblPOv
PMQo5GHL4z4ag1li5imfWgPAM9yilGorr3HWsl2qjUYFm/lF2KDBqwxK1Lytprit
pcY/RklWT1E+b+9Tijl1dQxu90FVkH901UdCBIqVHL7Rbx3jlv/qU7kFnBDJOban
IppdVbVHULohGSJnWFtwjs7i/M7DBF0QJSoFGvguUgByWIMtExQedgkiT0bOrwW0
Cme1IFPBZF+WiUB6Zn1pqitlqTrFLJ3OPmaYwbeWoSXj3dO22AuzWiEgtXFMnbs0
zJ+nm62nrX+/Ng==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:18:17 2025 by rpki-client