Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: 43xEW+cvcypzkiic2WyLyA8fSb2xC8zep53Qwq8kFac=
Subject key identifier: 9D:D4:BC:89:77:A0:3E:2F:1B:42:48:84:48:70:D8:87:12:BF:9E:6B
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 01992255D92306080511FED7A5C7092807EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 15E0
Signing time: Sun 07 Sep 2025 04:01:15 +0000
Manifest this update: Sun 07 Sep 2025 04:01:15 +0000
Manifest next update: Mon 08 Sep 2025 04:01:15 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: vL8TIBUbzc1oqKxnvK3UPZmlU+kNXfWlS0cTQ+/dxXY=)
2: 42kA1PGA8no_1otOl8ofpG12v3U.roa (hash: xUXq/2K3klfSiQDOaLNutcuHJyhv84PrwrhgM3PQUAM=)
3: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (hash: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 04:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:55:d9:23:06:08:05:11:fe:d7:a5:c7:09:28:07:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Sep 7 04:01:15 2025 GMT
Not After : Sep 8 04:01:15 2025 GMT
Subject: CN=9dd4bc8977a03e2f1b4248844870d88712bf9e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a9:62:e5:3f:e3:d7:77:98:0e:67:b6:a8:bb:
cd:fc:61:a6:5a:f5:8f:ac:d9:f6:a3:f8:fc:d7:b8:
e5:16:bf:c1:4f:5d:65:6e:8f:03:f0:f1:8e:50:e1:
74:8e:d8:2a:4c:94:0e:e5:71:11:0a:e7:e7:c0:f9:
0d:cc:20:97:9e:79:f9:f7:6d:9a:67:ee:e9:34:fb:
06:b5:6d:2b:ae:71:05:ac:95:ef:9d:2a:eb:15:3a:
3f:3c:da:b7:0e:e9:93:d9:3b:16:8f:b9:1d:63:4e:
00:7e:0e:95:9b:05:09:48:30:97:dc:03:15:a8:39:
a1:24:20:e2:04:7e:ac:73:17:a7:a4:98:00:2c:4b:
bf:72:74:b4:4f:c7:5a:c1:a1:23:aa:3d:f3:09:a8:
57:20:29:a5:d6:1b:4f:2e:09:f9:e0:14:63:33:84:
bd:d1:c5:5d:87:d8:3d:83:c7:f8:32:61:7a:8e:dc:
1a:1d:2f:e7:92:23:5f:51:bc:a8:86:3e:eb:4d:00:
35:46:4c:91:bc:a5:5e:0f:5d:da:fd:03:4f:57:44:
1b:8d:40:f5:06:f5:c9:88:34:9d:7a:c1:8c:2c:9a:
9c:7f:96:32:78:d3:34:e9:1f:b0:98:4a:10:1c:dc:
09:80:c4:12:46:c2:cd:98:5c:a4:57:30:83:0b:59:
7c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D4:BC:89:77:A0:3E:2F:1B:42:48:84:48:70:D8:87:12:BF:9E:6B
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:47:c4:8a:ee:ec:e3:66:f2:c1:b0:50:82:d7:49:c0:ba:0f:
e6:14:59:97:e8:a9:f2:d9:6e:f7:0d:4f:c7:1b:71:e3:8a:c5:
46:d2:26:05:32:69:ff:ff:e8:c3:18:3f:1f:5e:8f:a3:a2:4e:
21:c1:68:ce:ba:a1:d4:32:d9:79:86:c3:96:ba:71:c3:a6:04:
f3:10:b2:d3:eb:2d:77:84:31:32:ad:eb:e0:66:db:1e:a0:31:
8e:66:35:c5:d3:8d:e9:83:93:bc:71:3f:1f:56:39:6b:ec:01:
bd:d3:1b:63:7c:6f:03:ad:db:4f:7c:41:9d:01:a7:b5:86:e5:
51:b9:ac:36:b0:35:f5:bb:2c:f4:f9:28:5b:d6:5b:76:3f:63:
b3:7c:b1:c6:ae:e6:ba:01:eb:3b:52:5e:ee:40:f1:c2:f9:53:
c3:04:0c:cc:0d:54:c6:22:cd:b4:e3:df:90:da:cd:45:fb:32:
aa:3a:29:61:77:db:e5:9c:6e:49:df:78:f5:30:a3:d8:5c:45:
a5:b4:25:b0:cb:8a:4e:fb:ff:79:fe:80:2e:54:d8:0e:dd:2f:
2f:67:b9:66:29:d1:44:11:bd:70:59:7a:bb:1a:3b:8c:5e:f5:
37:5f:1c:cd:e1:73:01:6d:9d:90:b2:8a:8c:d7:ad:53:db:64:
7f:6f:15:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVdkjBggFEf7XpccJKAfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUwOTA3MDQwMTE1WhcNMjUwOTA4MDQwMTE1WjAzMTEwLwYDVQQD
Eyg5ZGQ0YmM4OTc3YTAzZTJmMWI0MjQ4ODQ0ODcwZDg4NzEyYmY5ZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqli5T/j13eYDme2qLvN/GGmWvWP
rNn2o/j817jlFr/BT11lbo8D8PGOUOF0jtgqTJQO5XERCufnwPkNzCCXnnn5922a
Z+7pNPsGtW0rrnEFrJXvnSrrFTo/PNq3DumT2TsWj7kdY04Afg6VmwUJSDCX3AMV
qDmhJCDiBH6scxenpJgALEu/cnS0T8dawaEjqj3zCahXICml1htPLgn54BRjM4S9
0cVdh9g9g8f4MmF6jtwaHS/nkiNfUbyohj7rTQA1RkyRvKVeD13a/QNPV0QbjUD1
BvXJiDSdesGMLJqcf5YyeNM06R+wmEoQHNwJgMQSRsLNmFykVzCDC1l8jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3UvIl3oD4vG0JIhEhw2IcSv55rMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa0fEiu7s
42bywbBQgtdJwLoP5hRZl+ip8tlu9w1Pxxtx44rFRtImBTJp///owxg/H16Po6JO
IcFozrqh1DLZeYbDlrpxw6YE8xCy0+std4QxMq3r4GbbHqAxjmY1xdON6YOTvHE/
H1Y5a+wBvdMbY3xvA63bT3xBnQGntYblUbmsNrA19bss9PkoW9Zbdj9js3yxxq7m
ugHrO1Je7kDxwvlTwwQMzA1UxiLNtOPfkNrNRfsyqjopYXfb5ZxuSd949TCj2FxF
pbQlsMuKTvv/ef6ALlTYDt0vL2e5ZinRRBG9cFl6uxo7jF71N18czeFzAW2dkLKK
jNetU9tkf28VHw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:08:19 2025 by rpki-client