Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
File: 3hL5ZansM-LC6HthYb7vuL4obKM.mft (raw, json)
Hash identifier: M/frF1LzLXHskgnRV2AEaSQOtxrE3Su7fWM5fJ7LqFk=
Subject key identifier: 2C:60:F5:2E:D2:11:2C:4D:9B:E5:E5:00:C8:87:9C:1A:F5:20:C5:AE
Authority key identifier: DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3
Certificate issuer: /CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3
Certificate serial: 019A7112C5568E72D541066B51F75DFC4A48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
Manifest number: 1542
Signing time: Tue 11 Nov 2025 04:00:46 +0000
Manifest this update: Tue 11 Nov 2025 04:00:46 +0000
Manifest next update: Wed 12 Nov 2025 04:00:46 +0000
Files and hashes: 1: 3hL5ZansM-LC6HthYb7vuL4obKM.crl (hash: Gp0e2uKMDM2ZmsYgFv0bW916Ntfbl/RdElNDdhn9dGM=)
2: WwmcE7wGl7pyI1JEZUrcMqc8ydE.roa (hash: eYdzJRuLYCeHIGBMM52itYWmfWw58ujov0m3EgFoPMo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:c5:56:8e:72:d5:41:06:6b:51:f7:5d:fc:4a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3
Validity
Not Before: Nov 11 04:00:46 2025 GMT
Not After : Nov 12 04:00:46 2025 GMT
Subject: CN=2c60f52ed2112c4d9be5e500c8879c1af520c5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:86:36:db:60:d2:9c:ca:78:cb:0b:eb:8c:7f:
fc:17:6c:29:e2:f4:af:07:f3:68:47:1e:65:1a:83:
6c:99:eb:11:e5:8a:e0:ad:89:7b:29:40:47:63:66:
3d:b4:92:2d:b6:a3:0e:ea:90:98:39:b6:fd:c1:d8:
8e:40:c9:58:25:66:bf:7f:37:01:11:76:cd:ba:0b:
d6:d1:8a:8f:09:b3:1e:dd:16:b0:61:b8:50:41:d5:
8a:08:5c:6c:6e:0d:02:fb:63:11:46:a8:39:17:ac:
5a:07:79:b6:b9:1e:38:a9:9e:88:04:a9:5d:95:5c:
65:96:44:4a:a6:28:81:3d:64:cc:d9:22:ce:4f:57:
16:a9:42:38:47:9a:6c:2b:c5:47:33:02:39:d3:e0:
99:f7:6a:e0:24:52:ec:c9:0d:0d:76:52:3f:2e:1a:
86:52:75:51:82:0f:ae:d8:0d:ce:07:fd:01:72:8c:
8d:9a:99:71:4d:8c:82:95:06:63:c2:36:7a:4a:cb:
72:32:71:19:17:4f:70:ed:4f:0d:c5:aa:61:8b:6c:
46:6b:6c:00:bd:9f:0a:ec:fe:fa:b2:65:03:e2:29:
8b:db:ad:69:27:5a:ba:ca:f1:b7:a9:5f:ac:3b:dd:
3c:c1:99:dc:99:08:dc:44:7e:01:d0:76:d7:44:6d:
8d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:60:F5:2E:D2:11:2C:4D:9B:E5:E5:00:C8:87:9C:1A:F5:20:C5:AE
X509v3 Authority Key Identifier:
keyid:DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:83:fe:68:ac:d7:d7:41:15:8f:b4:06:bf:de:c6:42:0c:a5:
f5:65:03:d3:c3:8d:41:94:5f:68:04:56:a0:c2:9e:38:77:52:
fb:6c:8f:26:87:da:2d:5e:8a:e2:df:53:96:0a:7a:05:aa:8b:
8e:ff:0a:23:69:80:ff:6f:63:e8:ce:a6:d5:c9:59:82:0b:7e:
5c:b4:f6:1b:74:25:e0:e3:6d:34:56:5b:5c:52:f6:18:c8:5c:
b4:80:fc:9a:31:43:b4:71:14:d0:d7:32:fd:99:83:29:9e:3d:
3c:31:03:5e:f4:cf:23:ed:ea:66:9e:bd:15:56:70:48:e2:5a:
54:3c:30:8e:08:86:6d:c9:4f:c5:71:94:e6:56:8e:d6:ce:b6:
76:08:f9:aa:21:d4:1f:ba:f9:e6:5d:0f:c4:fb:ab:64:5a:22:
7d:3c:8c:b0:a8:97:fa:1c:86:d5:b7:8a:ae:31:50:f1:12:68:
a2:2b:74:93:27:e0:86:5e:94:88:a9:dc:9e:25:c6:aa:c2:e4:
90:5b:20:d5:10:ed:0b:c1:35:47:34:82:44:7b:79:fc:08:ac:
57:a7:75:59:00:a9:71:88:0b:e9:b7:64:bb:4c:78:f0:77:48:
d8:ed:9e:b9:b0:f2:85:39:e7:23:6a:86:a6:ee:a4:dd:87:07:
d1:75:d7:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEsVWjnLVQQZrUfdd/EpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTJmOTY1YTllYzMzZTJjMmU4N2I2MTYxYmVlZmI4YmUy
ODZjYTMwHhcNMjUxMTExMDQwMDQ2WhcNMjUxMTEyMDQwMDQ2WjAzMTEwLwYDVQQD
EygyYzYwZjUyZWQyMTEyYzRkOWJlNWU1MDBjODg3OWMxYWY1MjBjNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYY222DSnMp4ywvrjH/8F2wp4vSv
B/NoRx5lGoNsmesR5YrgrYl7KUBHY2Y9tJIttqMO6pCYObb9wdiOQMlYJWa/fzcB
EXbNugvW0YqPCbMe3RawYbhQQdWKCFxsbg0C+2MRRqg5F6xaB3m2uR44qZ6IBKld
lVxllkRKpiiBPWTM2SLOT1cWqUI4R5psK8VHMwI50+CZ92rgJFLsyQ0NdlI/LhqG
UnVRgg+u2A3OB/0BcoyNmplxTYyClQZjwjZ6SstyMnEZF09w7U8Nxaphi2xGa2wA
vZ8K7P76smUD4imL261pJ1q6yvG3qV+sO908wZncmQjcRH4B0HbXRG2NywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxg9S7SESxNm+XlAMiHnBr1IMWuMB8GA1UdIwQY
MBaAFN4S+WWp7DPiwuh7YWG+77i+KGyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQt
YjZkMTJhYzY2ODMxLzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQtYjZkMTJhYzY2ODMx
LzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4P+aKzX
10EVj7QGv97GQgyl9WUD08ONQZRfaARWoMKeOHdS+2yPJofaLV6K4t9Tlgp6BaqL
jv8KI2mA/29j6M6m1clZggt+XLT2G3Ql4ONtNFZbXFL2GMhctID8mjFDtHEU0Ncy
/ZmDKZ49PDEDXvTPI+3qZp69FVZwSOJaVDwwjgiGbclPxXGU5laO1s62dgj5qiHU
H7r55l0PxPurZFoifTyMsKiX+hyG1beKrjFQ8RJooit0kyfghl6UiKncniXGqsLk
kFsg1RDtC8E1RzSCRHt5/AisV6d1WQCpcYgL6bdku0x48HdI2O2eubDyhTnnI2qG
pu6k3YcH0XXXjw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:28 2025 by rpki-client