Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json)
Hash identifier: jU2RoSytKfR27fyAK6TyxUnB5gOhsDphrskQ9bc7bZo=
Subject key identifier: 99:9A:AC:C4:8F:D0:B3:DA:B6:40:A3:F9:06:23:DA:1B:75:C8:15:C5
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 019A71EEA144C65B5EB261CADFFECC213DAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 08:00:55 +0000
Manifest this update: Tue 11 Nov 2025 08:00:55 +0000
Manifest next update: Wed 12 Nov 2025 08:00:55 +0000
Files and hashes: 1: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (hash: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=)
2: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: tNfow1jlReqF6p/dYYco9i9YLdLkyWCxsr/6FMXr6E8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:a1:44:c6:5b:5e:b2:61:ca:df:fe:cc:21:3d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Nov 11 08:00:55 2025 GMT
Not After : Nov 12 08:00:55 2025 GMT
Subject: CN=999aacc48fd0b3dab640a3f90623da1b75c815c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:47:3f:4b:4c:13:a5:88:34:48:bc:7f:19:72:
3b:fe:4c:82:38:ca:ab:46:d4:62:33:c9:c4:90:b1:
10:8d:27:79:57:2b:cb:e4:a5:88:e5:e0:11:18:c8:
69:64:38:cc:d5:7c:fd:a2:67:a5:34:45:eb:c7:29:
37:57:35:cc:15:58:23:e8:57:99:c4:c9:43:fa:b0:
a6:c8:8d:33:2d:4d:ab:1c:e1:18:bb:59:1b:22:3d:
c2:c7:97:a0:02:5a:b2:7c:4e:08:bb:7d:6f:80:7a:
4b:25:b7:78:0a:54:f0:2e:d9:25:f1:da:15:06:d4:
ba:f8:c4:1d:ae:d6:d4:79:db:60:f6:6e:be:75:9e:
bf:cf:c1:24:6f:9a:76:99:02:7c:db:96:75:fa:1f:
cb:e8:89:af:e9:11:f3:d4:d4:1d:33:a6:17:67:2a:
94:ff:3f:93:07:c8:6c:ff:c5:f6:99:b3:34:b9:52:
3b:9c:cc:d6:8e:4d:60:fb:1b:45:e8:fe:39:58:67:
e3:2f:64:2f:0c:c8:ad:8d:a6:e8:9d:69:90:f2:e6:
66:58:ec:49:fd:56:e1:e7:9d:8b:02:87:ed:a4:df:
0f:29:5a:77:a0:7d:70:6b:b8:19:98:8e:26:8c:87:
b8:01:99:4f:ba:df:c6:92:75:05:6e:b9:20:5f:17:
76:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9A:AC:C4:8F:D0:B3:DA:B6:40:A3:F9:06:23:DA:1B:75:C8:15:C5
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:44:a1:9d:60:9a:46:1d:a7:0e:13:5c:30:3a:e1:a6:17:77:
16:89:e0:a0:1c:e7:5f:5d:13:d9:89:ae:ff:7d:7a:0f:f5:1e:
f1:0d:93:af:87:d7:51:c8:62:10:fe:3c:46:4a:bf:b0:1c:4b:
96:76:96:f0:cc:d2:f0:df:22:34:64:ad:77:e5:1e:f1:02:06:
f9:51:7d:4e:e8:4e:04:1f:4c:e1:e2:5c:f4:f1:db:9b:a3:c9:
8b:13:46:3a:9e:28:0a:60:10:db:06:d6:70:be:9e:d4:33:22:
ec:ca:e2:b3:ad:e7:bf:10:a8:78:0e:94:8d:77:d9:4d:f3:67:
31:0f:31:fe:35:b0:ba:d7:f9:b9:5f:90:fd:0a:f0:e9:67:7f:
eb:80:17:a0:f6:aa:f5:36:b1:5e:31:7a:b2:7a:02:a5:b0:7a:
10:f0:9d:88:c1:a2:5d:2e:15:dc:41:1e:4f:b5:2c:f2:76:a6:
1a:7e:be:42:e1:5d:5f:06:02:13:52:e8:35:25:08:47:ce:62:
aa:1c:85:52:6b:2b:cb:ca:60:68:d1:89:a1:40:41:e9:f4:ad:
13:f7:17:2d:7f:a9:5a:95:35:26:db:af:b3:f5:7b:79:73:14:
ec:4d:05:63:f6:32:84:97:6c:f0:6b:85:51:fe:6e:37:85:44:
2f:65:f8:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qFExltesmHK3/7MIT2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjUxMTExMDgwMDU1WhcNMjUxMTEyMDgwMDU1WjAzMTEwLwYDVQQD
Eyg5OTlhYWNjNDhmZDBiM2RhYjY0MGEzZjkwNjIzZGExYjc1YzgxNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kc/S0wTpYg0SLx/GXI7/kyCOMqr
RtRiM8nEkLEQjSd5VyvL5KWI5eARGMhpZDjM1Xz9omelNEXrxyk3VzXMFVgj6FeZ
xMlD+rCmyI0zLU2rHOEYu1kbIj3Cx5egAlqyfE4Iu31vgHpLJbd4ClTwLtkl8doV
BtS6+MQdrtbUedtg9m6+dZ6/z8Ekb5p2mQJ825Z1+h/L6Imv6RHz1NQdM6YXZyqU
/z+TB8hs/8X2mbM0uVI7nMzWjk1g+xtF6P45WGfjL2QvDMitjabonWmQ8uZmWOxJ
/Vbh552LAoftpN8PKVp3oH1wa7gZmI4mjIe4AZlPut/GknUFbrkgXxd25QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmarMSP0LPatkCj+QYj2ht1yBXFMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmkShnWCa
Rh2nDhNcMDrhphd3FongoBznX10T2Ymu/316D/Ue8Q2Tr4fXUchiEP48Rkq/sBxL
lnaW8MzS8N8iNGStd+Ue8QIG+VF9TuhOBB9M4eJc9PHbm6PJixNGOp4oCmAQ2wbW
cL6e1DMi7Mris63nvxCoeA6UjXfZTfNnMQ8x/jWwutf5uV+Q/Qrw6Wd/64AXoPaq
9TaxXjF6snoCpbB6EPCdiMGiXS4V3EEeT7Us8namGn6+QuFdXwYCE1LoNSUIR85i
qhyFUmsry8pgaNGJoUBB6fStE/cXLX+pWpU1Jtuvs/V7eXMU7E0FY/YyhJds8GuF
Uf5uN4VEL2X4lg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:50 2025 by rpki-client