Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
File: 3itcv5Z6A0nYiXBLtNYfpSajHW8.mft (raw, json)
Hash identifier: 2oWWXNL8qVIGjQRfx7br0WaLgbPFaWXauASc7kOdfrA=
Subject key identifier: 86:72:43:70:CC:99:4D:FA:D3:61:59:4E:6D:EB:F4:9D:CB:DD:51:DB
Authority key identifier: DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
Certificate issuer: /CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Certificate serial: 019A72CAB003901EBF448EF849DBAD707431
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
Manifest number: 165F
Signing time: Tue 11 Nov 2025 12:01:17 +0000
Manifest this update: Tue 11 Nov 2025 12:01:17 +0000
Manifest next update: Wed 12 Nov 2025 12:01:17 +0000
Files and hashes: 1: 3itcv5Z6A0nYiXBLtNYfpSajHW8.crl (hash: 9BQGgkM3g8gpo6gqiKV5cTWOatqsll2fCN4fX42YESg=)
2: RmRTHkNLraqOOzazgFQdU_YCKkM.roa (hash: 5SoXabo2aLivwm4lm+kA69S7S7+v67Nc52d80muCgcE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:b0:03:90:1e:bf:44:8e:f8:49:db:ad:70:74:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Validity
Not Before: Nov 11 12:01:17 2025 GMT
Not After : Nov 12 12:01:17 2025 GMT
Subject: CN=86724370cc994dfad361594e6debf49dcbdd51db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ad:b7:2a:5c:eb:04:a8:be:b8:ff:a5:65:bb:
a5:91:0a:97:35:4a:a3:97:cb:dc:29:a4:33:1f:2b:
92:77:f6:ee:58:ea:62:51:94:0f:02:3c:05:f1:11:
7d:be:69:f6:14:6a:43:21:05:ee:e7:b6:97:b2:2a:
55:7d:3e:d3:c1:90:a4:58:7c:c7:87:5f:4a:66:65:
15:0c:2e:a1:c3:cc:12:3c:d0:56:41:88:05:93:0e:
fc:9b:19:d6:51:63:11:a5:4f:a4:a0:bb:58:73:de:
08:b7:dd:79:c8:db:ec:b6:99:bf:be:07:1e:36:d4:
98:4f:d2:ef:92:4c:b7:df:d0:b8:27:c6:9f:f8:8c:
b6:8f:ac:b6:57:06:58:fa:58:85:f9:74:94:66:7e:
30:5e:d1:8a:23:d3:42:fd:81:9d:a5:42:8a:53:d6:
44:1a:d5:d2:4e:80:9a:83:d6:9e:63:4f:80:70:60:
d6:21:38:a1:f0:10:4a:4f:ed:c3:48:14:f0:d4:5a:
29:eb:3f:c0:5f:f1:e7:52:68:a1:65:7c:96:fd:a2:
1c:df:32:5e:74:7e:f0:88:5f:92:8b:c2:fb:ef:da:
fc:36:15:4c:c5:ee:ee:e1:a4:fb:2a:06:8a:92:ef:
38:98:cb:c2:6f:7a:b7:89:81:62:21:2a:6e:86:cb:
48:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:72:43:70:CC:99:4D:FA:D3:61:59:4E:6D:EB:F4:9D:CB:DD:51:DB
X509v3 Authority Key Identifier:
keyid:DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:f1:94:bb:56:ba:c4:9b:ab:02:ef:a0:ac:0c:49:e4:84:e7:
e0:27:5a:dd:66:52:7c:00:3d:b5:fd:70:8a:1b:cd:ee:06:5c:
da:3d:50:9c:bd:33:57:c1:9e:39:42:f4:68:8f:67:eb:4c:9f:
65:46:ad:51:65:32:6e:fa:eb:c5:96:2b:73:6b:72:cc:ef:81:
67:24:78:f8:6b:2d:88:b1:bd:34:e5:c4:5c:0b:ee:41:35:2c:
9d:37:c7:48:42:d0:a0:5a:32:b0:41:64:68:d2:c7:c0:17:00:
1a:f0:5a:0c:f4:90:42:a4:4c:48:91:73:d1:5e:3a:9e:d5:e7:
84:fc:0e:4b:2e:ce:22:74:13:f1:14:6d:8a:b2:ef:94:10:aa:
de:ac:71:57:c0:83:1c:fc:aa:6a:ac:e0:c7:4e:bb:0b:ab:e4:
f5:b2:cb:d4:a1:2c:cc:00:e8:88:95:71:0b:0e:6e:1e:ea:2d:
67:79:59:78:7f:35:85:01:77:b5:74:ea:94:44:b5:b6:b6:60:
5f:60:83:e4:ac:44:19:92:43:5f:81:90:12:46:bc:cd:23:bf:
f5:f4:fe:ff:a1:62:95:8c:b7:3d:ad:27:89:6f:82:69:7a:5a:
30:25:2e:87:f9:62:81:c6:17:8d:0b:c5:25:a3:12:d5:5b:ac:
e4:dd:14:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyrADkB6/RI74SdutcHQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmI1Y2JmOTY3YTAzNDlkODg5NzA0YmI0ZDYxZmE1MjZh
MzFkNmYwHhcNMjUxMTExMTIwMTE3WhcNMjUxMTEyMTIwMTE3WjAzMTEwLwYDVQQD
Eyg4NjcyNDM3MGNjOTk0ZGZhZDM2MTU5NGU2ZGViZjQ5ZGNiZGQ1MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8q23KlzrBKi+uP+lZbulkQqXNUqj
l8vcKaQzHyuSd/buWOpiUZQPAjwF8RF9vmn2FGpDIQXu57aXsipVfT7TwZCkWHzH
h19KZmUVDC6hw8wSPNBWQYgFkw78mxnWUWMRpU+koLtYc94It915yNvstpm/vgce
NtSYT9Lvkky339C4J8af+Iy2j6y2VwZY+liF+XSUZn4wXtGKI9NC/YGdpUKKU9ZE
GtXSToCag9aeY0+AcGDWITih8BBKT+3DSBTw1Fop6z/AX/HnUmihZXyW/aIc3zJe
dH7wiF+Si8L779r8NhVMxe7u4aT7KgaKku84mMvCb3q3iYFiISpuhstImwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZyQ3DMmU3602FZTm3r9J3L3VHbMB8GA1UdIwQY
MBaAFN4rXL+WegNJ2IlwS7TWH6Umox1vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAt
ZmQ3MmQ5NjJkZjI3LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAtZmQ3MmQ5NjJkZjI3
LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/GUu1a6
xJurAu+grAxJ5ITn4Cda3WZSfAA9tf1wihvN7gZc2j1QnL0zV8GeOUL0aI9n60yf
ZUatUWUybvrrxZYrc2tyzO+BZyR4+GstiLG9NOXEXAvuQTUsnTfHSELQoFoysEFk
aNLHwBcAGvBaDPSQQqRMSJFz0V46ntXnhPwOSy7OInQT8RRtirLvlBCq3qxxV8CD
HPyqaqzgx067C6vk9bLL1KEszADoiJVxCw5uHuotZ3lZeH81hQF3tXTqlES1trZg
X2CD5KxEGZJDX4GQEka8zSO/9fT+/6FilYy3Pa0niW+CaXpaMCUuh/ligcYXjQvF
JaMS1Vus5N0UxQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:23:48 2025 by rpki-client