Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: YvXo/mNUL5UQ7/+uY6gsMvIC1ZSy8h+EXSMJmQGGvzI=
Subject key identifier: 66:49:1A:35:97:9A:4F:3A:58:68:78:B0:A3:A5:36:2F:7F:F3:5F:78
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 019A725CD07EAEE1E5701B98EAB830A47979
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 168E
Signing time: Tue 11 Nov 2025 10:01:16 +0000
Manifest this update: Tue 11 Nov 2025 10:01:16 +0000
Manifest next update: Wed 12 Nov 2025 10:01:16 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: uNYX4OS2RCaP97HLcXPB2/cX1cAMxPvgwfQsijPmeG4=)
2: 42kA1PGA8no_1otOl8ofpG12v3U.roa (hash: xUXq/2K3klfSiQDOaLNutcuHJyhv84PrwrhgM3PQUAM=)
3: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (hash: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:d0:7e:ae:e1:e5:70:1b:98:ea:b8:30:a4:79:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Nov 11 10:01:16 2025 GMT
Not After : Nov 12 10:01:16 2025 GMT
Subject: CN=66491a35979a4f3a586878b0a3a5362f7ff35f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:a9:70:f6:e9:6f:fb:8e:3d:e4:73:dd:07:
22:46:0a:ab:3b:d2:8f:3b:ec:ba:24:07:7c:c6:e9:
3a:a0:20:17:27:1b:a3:00:87:a4:2f:2a:e1:45:4b:
c3:0e:ae:60:29:d5:e3:cd:7a:f9:59:89:aa:7a:39:
ed:36:c6:d8:8a:1c:43:eb:48:3a:49:58:e4:f9:fc:
34:21:75:9f:90:20:73:56:08:b2:24:43:3f:f1:30:
bd:ac:c4:27:54:41:ff:ad:5f:00:7f:77:65:b2:9e:
de:bb:32:44:db:a1:0b:ac:e4:c4:ad:56:59:6b:76:
6b:6d:7e:6d:0b:0b:75:5a:78:4e:5f:e6:16:87:e2:
0a:1d:47:cc:7b:1e:3f:5e:40:cc:be:b8:f9:ee:6a:
04:27:80:fc:d9:f7:30:67:cb:b2:dc:6a:0e:1f:d6:
89:b8:d4:a7:18:7d:54:2f:26:dc:69:7a:4b:02:b6:
43:1d:f4:7c:20:0c:53:3a:16:be:b4:e0:5f:95:5a:
4a:72:4b:ab:96:ec:26:89:22:3c:2d:19:45:45:da:
ac:e9:c0:9d:83:a5:ac:f0:13:b3:95:6a:63:8f:7f:
ab:d1:56:63:d7:1d:51:82:ae:91:4c:fc:7b:83:48:
31:c8:8c:e7:17:74:9b:a8:ed:1a:43:d4:ba:e9:bd:
b6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:49:1A:35:97:9A:4F:3A:58:68:78:B0:A3:A5:36:2F:7F:F3:5F:78
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:2b:fb:fb:20:8d:e9:3f:e8:39:23:f8:95:f7:8e:a8:51:af:
c1:28:3d:a6:87:cb:0e:5e:fc:05:22:67:08:6d:3e:b3:68:1c:
e8:c1:9a:43:cc:d5:17:67:ee:e0:bf:8d:b2:ca:13:3f:eb:cd:
58:e0:5a:70:2e:7f:c2:d9:29:11:0d:25:ca:fe:75:8e:55:47:
ac:29:c3:0f:fa:fe:d4:2f:45:36:1d:dc:68:a1:3d:d0:b0:ca:
87:1a:c9:e2:1b:8b:92:8b:53:b5:8a:70:f2:a3:3e:61:f1:1a:
db:91:ae:a8:cb:b7:ab:20:20:ba:b7:d7:af:f1:8d:b8:f1:ce:
b1:b5:6c:c5:7b:ca:9b:f4:09:13:f4:29:b4:24:04:42:3a:bc:
ad:49:06:f6:5f:49:d9:d0:63:54:58:96:0a:17:f8:56:b6:b0:
66:5d:a8:59:70:51:7b:b2:38:5f:85:46:87:6d:3d:e0:19:7b:
1a:72:4d:4d:b5:08:bf:70:66:0f:23:ef:24:c1:c8:01:c3:8c:
26:8e:ed:b8:6c:df:1b:cf:23:3e:be:92:ee:dd:d8:47:b1:91:
d9:f9:1a:f7:97:18:3a:4a:ba:84:9c:e9:a2:16:27:83:12:6a:
d1:9b:c8:8b:77:9e:c5:63:bd:ac:25:3e:b4:07:3b:cc:39:1d:
c1:73:60:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNB+ruHlcBuY6rgwpHl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUxMTExMTAwMTE2WhcNMjUxMTEyMTAwMTE2WjAzMTEwLwYDVQQD
Eyg2NjQ5MWEzNTk3OWE0ZjNhNTg2ODc4YjBhM2E1MzYyZjdmZjM1Zjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM6pcPbpb/uOPeRz3QciRgqrO9KP
O+y6JAd8xuk6oCAXJxujAIekLyrhRUvDDq5gKdXjzXr5WYmqejntNsbYihxD60g6
SVjk+fw0IXWfkCBzVgiyJEM/8TC9rMQnVEH/rV8Af3dlsp7euzJE26ELrOTErVZZ
a3ZrbX5tCwt1WnhOX+YWh+IKHUfMex4/XkDMvrj57moEJ4D82fcwZ8uy3GoOH9aJ
uNSnGH1ULybcaXpLArZDHfR8IAxTOha+tOBflVpKckurluwmiSI8LRlFRdqs6cCd
g6Ws8BOzlWpjj3+r0VZj1x1Rgq6RTPx7g0gxyIznF3SbqO0aQ9S66b22wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZJGjWXmk86WGh4sKOlNi9/8194MB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGCv7+yCN
6T/oOSP4lfeOqFGvwSg9pofLDl78BSJnCG0+s2gc6MGaQ8zVF2fu4L+NssoTP+vN
WOBacC5/wtkpEQ0lyv51jlVHrCnDD/r+1C9FNh3caKE90LDKhxrJ4huLkotTtYpw
8qM+YfEa25GuqMu3qyAgurfXr/GNuPHOsbVsxXvKm/QJE/QptCQEQjq8rUkG9l9J
2dBjVFiWChf4VrawZl2oWXBRe7I4X4VGh2094Bl7GnJNTbUIv3BmDyPvJMHIAcOM
Jo7tuGzfG88jPr6S7t3YR7GR2fka95cYOkq6hJzpohYngxJq0ZvIi3eexWO9rCU+
tAc7zDkdwXNgUQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:50:15 2025 by rpki-client