Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/3GuqYBI2q5vqKfgHpmkg7VZWoZY.mft
File: 3GuqYBI2q5vqKfgHpmkg7VZWoZY.mft (raw, json)
Hash identifier: k/Lu6houJgU/D4Z1kOwBzdID2cYuctGfp/OHZxJo+Wk=
Subject key identifier: B0:F9:33:99:8E:A4:05:55:35:1F:59:22:A8:12:AA:1C:F3:0A:A4:3F
Authority key identifier: DC:6B:AA:60:12:36:AB:9B:EA:29:F8:07:A6:69:20:ED:56:56:A1:96
Certificate issuer: /CN=dc6baa601236ab9bea29f807a66920ed5656a196
Certificate serial: 019A70DC0F508F14481E1001574FC3A3475C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GuqYBI2q5vqKfgHpmkg7VZWoZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/3GuqYBI2q5vqKfgHpmkg7VZWoZY.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 03:01:01 +0000
Manifest this update: Tue 11 Nov 2025 03:01:01 +0000
Manifest next update: Wed 12 Nov 2025 03:01:01 +0000
Files and hashes: 1: 3GuqYBI2q5vqKfgHpmkg7VZWoZY.crl (hash: ghlUfAj3eAXy86120jlcjg7BVhDZ+DukojKR/Gr47+o=)
2: h-YJMMunIS0_gIZ5p26lgKRQyKc.roa (hash: bR5opkzZodiPK85GQ+pJiSPCVteQ0JuW261tZcQfTgc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/3GuqYBI2q5vqKfgHpmkg7VZWoZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/3GuqYBI2q5vqKfgHpmkg7VZWoZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3GuqYBI2q5vqKfgHpmkg7VZWoZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:0f:50:8f:14:48:1e:10:01:57:4f:c3:a3:47:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6baa601236ab9bea29f807a66920ed5656a196
Validity
Not Before: Nov 11 03:01:01 2025 GMT
Not After : Nov 12 03:01:01 2025 GMT
Subject: CN=b0f933998ea40555351f5922a812aa1cf30aa43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:32:14:b3:a8:2b:27:54:52:fd:2b:39:a0:fc:
0b:cf:96:10:3f:0e:dd:b7:f2:3f:e9:b0:80:54:ed:
89:79:22:40:a7:dd:ee:57:06:6b:51:a9:33:ba:cc:
f4:77:a2:83:57:e0:4a:6d:03:59:8c:51:69:9b:7b:
1c:7d:ab:55:82:a0:75:ff:43:4d:16:a1:a5:d9:2c:
58:a3:60:eb:de:82:a5:4f:12:d6:e9:fc:85:c5:4c:
ce:87:fe:10:1e:60:fe:82:0c:61:5d:ac:42:bd:8d:
9d:12:11:08:9e:3d:40:d0:de:38:4f:54:a0:2f:e3:
85:11:bb:5f:85:3f:c4:25:65:d0:5b:60:15:0b:6a:
52:46:2b:fd:12:b0:95:07:57:f7:14:9b:ff:c8:f7:
86:59:92:82:ab:6f:1a:ca:ba:4c:77:de:bb:a2:f0:
42:0b:c2:18:ee:cc:5b:a0:56:85:39:7e:4a:64:fc:
1b:b9:4d:e7:ae:b7:a8:00:0e:dd:a4:bb:ca:06:6d:
47:45:91:7f:48:0c:fc:37:7a:7b:2a:49:8e:5c:7a:
f3:d9:f4:8a:d7:80:50:bd:2b:17:e2:e7:4b:ca:85:
11:a8:24:76:88:95:45:80:32:1d:b4:3c:b3:f7:a8:
ff:b4:ce:d7:13:8d:a8:89:32:3a:d6:c4:11:a4:9f:
48:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F9:33:99:8E:A4:05:55:35:1F:59:22:A8:12:AA:1C:F3:0A:A4:3F
X509v3 Authority Key Identifier:
keyid:DC:6B:AA:60:12:36:AB:9B:EA:29:F8:07:A6:69:20:ED:56:56:A1:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GuqYBI2q5vqKfgHpmkg7VZWoZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/3GuqYBI2q5vqKfgHpmkg7VZWoZY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7bd2e3-f3c5-4955-b9a1-34a1237f1670/1/3GuqYBI2q5vqKfgHpmkg7VZWoZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:f1:2f:2f:21:88:28:0e:33:cb:09:99:b7:20:f9:16:77:06:
7a:22:70:73:1b:e6:08:02:eb:11:26:45:08:cb:4b:91:0c:15:
53:4f:58:54:19:9f:fb:d6:de:a6:b0:b5:74:f8:6b:49:39:87:
8a:7e:5a:34:0a:00:51:7f:b2:0a:3d:fb:7f:63:a0:8b:8c:d0:
cd:ab:68:01:b2:1c:f6:76:6f:07:8c:e3:61:bb:34:25:02:18:
63:05:31:25:38:35:c7:a8:c0:af:88:10:d9:ed:9a:a1:24:97:
73:d2:34:aa:a0:a8:47:46:7e:e5:5a:61:04:b7:12:e9:84:f9:
33:ed:00:d6:0f:0e:e1:dd:a3:c0:a2:d0:32:fa:0b:0a:e4:d1:
96:a4:70:ab:28:f7:3e:e9:d8:87:a1:49:1c:56:4a:d5:77:07:
40:8c:6a:ad:2f:74:c1:16:5d:f2:4f:08:81:e9:7c:03:c4:be:
a0:bb:55:d8:40:f3:a8:76:61:f5:3f:ee:c7:a6:b4:23:a6:d2:
25:dd:13:bc:2f:81:39:09:19:f3:e7:0c:75:de:f3:03:19:19:
77:90:f0:fb:71:8f:51:d1:db:9f:77:d3:77:98:d0:72:55:5b:
a2:94:af:23:a2:4b:db:18:42:29:b9:ea:a4:dc:ae:36:81:a1:
c8:f1:24:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3A9QjxRIHhABV0/Do0dcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNmJhYTYwMTIzNmFiOWJlYTI5ZjgwN2E2NjkyMGVkNTY1
NmExOTYwHhcNMjUxMTExMDMwMTAxWhcNMjUxMTEyMDMwMTAxWjAzMTEwLwYDVQQD
EyhiMGY5MzM5OThlYTQwNTU1MzUxZjU5MjJhODEyYWExY2YzMGFhNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TIUs6grJ1RS/Ss5oPwLz5YQPw7d
t/I/6bCAVO2JeSJAp93uVwZrUakzusz0d6KDV+BKbQNZjFFpm3scfatVgqB1/0NN
FqGl2SxYo2Dr3oKlTxLW6fyFxUzOh/4QHmD+ggxhXaxCvY2dEhEInj1A0N44T1Sg
L+OFEbtfhT/EJWXQW2AVC2pSRiv9ErCVB1f3FJv/yPeGWZKCq28ayrpMd967ovBC
C8IY7sxboFaFOX5KZPwbuU3nrreoAA7dpLvKBm1HRZF/SAz8N3p7KkmOXHrz2fSK
14BQvSsX4udLyoURqCR2iJVFgDIdtDyz96j/tM7XE42oiTI61sQRpJ9IHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLD5M5mOpAVVNR9ZIqgSqhzzCqQ/MB8GA1UdIwQY
MBaAFNxrqmASNqub6in4B6ZpIO1WVqGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0d1cVlCSTJxNXZxS2ZnSHBta2c3VlpXb1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83YmQyZTMtZjNjNS00OTU1LWI5YTEt
MzRhMTIzN2YxNjcwLzEvM0d1cVlCSTJxNXZxS2ZnSHBta2c3VlpXb1pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83YmQyZTMtZjNjNS00OTU1LWI5YTEtMzRhMTIzN2YxNjcw
LzEvM0d1cVlCSTJxNXZxS2ZnSHBta2c3VlpXb1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvEvLyGI
KA4zywmZtyD5FncGeiJwcxvmCALrESZFCMtLkQwVU09YVBmf+9beprC1dPhrSTmH
in5aNAoAUX+yCj37f2Ogi4zQzatoAbIc9nZvB4zjYbs0JQIYYwUxJTg1x6jAr4gQ
2e2aoSSXc9I0qqCoR0Z+5VphBLcS6YT5M+0A1g8O4d2jwKLQMvoLCuTRlqRwqyj3
PunYh6FJHFZK1XcHQIxqrS90wRZd8k8Igel8A8S+oLtV2EDzqHZh9T/ux6a0I6bS
Jd0TvC+BOQkZ8+cMdd7zAxkZd5Dw+3GPUdHbn3fTd5jQclVbopSvI6JL2xhCKbnq
pNyuNoGhyPEkTg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:48 2025 by rpki-client