Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
File: dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json)
Hash identifier: 9bJ/bj/Nlc/WzK0wvz8/QMhB3w6IsnpbBHhJdT9RWiw=
Subject key identifier: 3F:C1:FB:CF:1E:09:FB:96:36:47:55:74:E6:5D:FF:02:D1:B2:56:D6
Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
Certificate issuer: /CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Certificate serial: 019A71B8F300ABEE0905934A2190323ED17C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:02:17 +0000
Manifest this update: Tue 11 Nov 2025 07:02:17 +0000
Manifest next update: Wed 12 Nov 2025 07:02:17 +0000
Files and hashes: 1: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: cGWSOvTLabBHakCiLDzrYvw2mdKIroVA3Bmec/URM1M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:f3:00:ab:ee:09:05:93:4a:21:90:32:3e:d1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1
Validity
Not Before: Nov 11 07:02:17 2025 GMT
Not After : Nov 12 07:02:17 2025 GMT
Subject: CN=3fc1fbcf1e09fb9636475574e65dff02d1b256d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:df:74:80:3a:64:d0:bf:ff:9a:55:58:e1:e2:
38:cf:c5:38:c1:42:3a:af:c3:a0:e9:9e:a8:0d:35:
d1:77:61:d8:7e:eb:8c:74:0e:c1:71:bc:4f:ff:39:
bb:ba:fb:50:27:6d:0e:44:10:2f:29:f2:86:b0:44:
7b:0e:80:a6:8d:67:9b:b8:8c:67:ab:e3:01:66:cf:
ec:fd:eb:f7:e0:b8:13:b7:2a:f1:ec:f9:74:ca:ca:
ee:3b:50:38:67:c1:b1:97:72:a9:91:b6:b5:10:e8:
14:9a:26:c8:00:ee:4e:be:b5:57:a4:24:f0:7e:ee:
0a:ce:62:3e:19:ed:dd:8e:18:51:0a:5b:96:b9:02:
ad:8d:74:20:ee:dd:32:a0:21:40:31:df:b6:aa:9c:
42:74:63:05:ec:d4:01:8e:01:b6:c0:07:83:9e:a4:
da:b4:b7:b1:bc:76:d7:41:bc:cf:7c:4b:0a:39:48:
1c:f4:2c:c0:86:bc:c9:60:51:60:fe:0a:48:84:fd:
59:6e:02:c0:e1:cc:8c:f6:8d:03:f2:28:c3:1d:a1:
82:21:ab:ab:04:41:06:ed:e7:c2:df:5d:76:c6:84:
9c:26:ca:85:ba:ef:5b:01:58:13:2d:5b:71:d7:e5:
94:a5:44:62:f3:2a:61:0e:cb:d6:88:ea:14:ec:54:
e3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C1:FB:CF:1E:09:FB:96:36:47:55:74:E6:5D:FF:02:D1:B2:56:D6
X509v3 Authority Key Identifier:
keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cf:b8:f0:e5:83:96:72:27:d1:aa:d0:3d:7c:f7:5e:c4:e6:7e:
17:2e:80:79:53:63:2f:2f:1c:7b:7a:34:6c:2b:67:b8:f2:8f:
0e:09:03:02:97:a8:ca:1f:02:30:e7:fc:26:2a:4b:e3:e2:ff:
38:27:b7:c3:10:15:09:39:1c:64:f1:21:21:c1:24:b7:90:c4:
47:50:27:c1:1c:38:66:6e:ed:ad:76:98:08:5f:40:d0:26:28:
22:f2:c8:e3:b1:ef:d5:a7:24:12:83:25:75:94:63:39:fe:24:
0f:e2:5e:da:00:0d:3f:ec:35:80:68:ff:4c:4d:bc:ec:70:d6:
6b:97:a4:33:ce:d4:df:02:5a:85:d5:19:dc:d6:0c:09:d3:39:
67:83:58:69:9c:17:77:9e:e7:d7:62:b5:e4:d7:7a:49:ef:cf:
e9:dd:3a:ee:b7:c5:94:13:97:fb:66:84:18:c5:1c:cf:c9:79:
2e:98:9b:45:d9:85:07:7c:aa:87:31:78:76:fa:55:23:82:9b:
1d:ff:26:3a:30:66:50:38:31:ae:85:eb:d8:8a:80:52:57:36:
11:15:e3:6f:04:c4:f1:75:c0:77:e5:f9:89:c0:ee:db:12:39:
47:8c:f1:17:30:9e:74:be:de:f5:f0:73:3c:97:3a:68:7f:be:
00:26:54:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPMAq+4JBZNKIZAyPtF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4
ZjVkZjEwHhcNMjUxMTExMDcwMjE3WhcNMjUxMTEyMDcwMjE3WjAzMTEwLwYDVQQD
EygzZmMxZmJjZjFlMDlmYjk2MzY0NzU1NzRlNjVkZmYwMmQxYjI1NmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud90gDpk0L//mlVY4eI4z8U4wUI6
r8Og6Z6oDTXRd2HYfuuMdA7BcbxP/zm7uvtQJ20ORBAvKfKGsER7DoCmjWebuIxn
q+MBZs/s/ev34LgTtyrx7Pl0ysruO1A4Z8Gxl3Kpkba1EOgUmibIAO5OvrVXpCTw
fu4KzmI+Ge3djhhRCluWuQKtjXQg7t0yoCFAMd+2qpxCdGMF7NQBjgG2wAeDnqTa
tLexvHbXQbzPfEsKOUgc9CzAhrzJYFFg/gpIhP1ZbgLA4cyM9o0D8ijDHaGCIaur
BEEG7efC3112xoScJsqFuu9bAVgTLVtx1+WUpURi8yphDsvWiOoU7FTjVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/B+88eCfuWNkdVdOZd/wLRslbWMB8GA1UdIwQY
MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt
YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1
LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz7jw5YOW
cifRqtA9fPdexOZ+Fy6AeVNjLy8ce3o0bCtnuPKPDgkDApeoyh8CMOf8JipL4+L/
OCe3wxAVCTkcZPEhIcEkt5DER1AnwRw4Zm7trXaYCF9A0CYoIvLI47Hv1ackEoMl
dZRjOf4kD+Je2gANP+w1gGj/TE287HDWa5ekM87U3wJahdUZ3NYMCdM5Z4NYaZwX
d57n12K15Nd6Se/P6d067rfFlBOX+2aEGMUcz8l5LpibRdmFB3yqhzF4dvpVI4Kb
Hf8mOjBmUDgxroXr2IqAUlc2ERXjbwTE8XXAd+X5icDu2xI5R4zxFzCedL7e9fBz
PJc6aH++ACZUnA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:18 2025 by rpki-client