Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
File: 3AOqmk_p1gxc-FOpJIIiafHMdFI.mft (raw, json)
Hash identifier: SVgHYD/lZMfGA2FppKPXDf3cJ+2O3SZ3z72r63AWmws=
Subject key identifier: E8:06:CC:5F:F2:6E:2B:7F:DE:F6:07:86:4A:58:FE:0F:14:8C:B2:F8
Authority key identifier: DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52
Certificate issuer: /CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452
Certificate serial: 019937CB26C2F2303D2F1407FE45C46EE5F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
Manifest number: 0C28
Signing time: Thu 11 Sep 2025 08:01:24 +0000
Manifest this update: Thu 11 Sep 2025 08:01:24 +0000
Manifest next update: Fri 12 Sep 2025 08:01:24 +0000
Files and hashes: 1: 3AOqmk_p1gxc-FOpJIIiafHMdFI.crl (hash: +k+IZp3zueVWXXTFCUgLf4KsfnvYCsQcbqcgZzjhc6M=)
2: qHsLN52OLV40PkdsNg1LTDhrI1k.roa (hash: o2jlcmcZCFuQ0+N7Kss7ufNJs+2izJmB43Pkb+WDd2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:37:cb:26:c2:f2:30:3d:2f:14:07:fe:45:c4:6e:e5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452
Validity
Not Before: Sep 11 08:01:24 2025 GMT
Not After : Sep 12 08:01:24 2025 GMT
Subject: CN=e806cc5ff26e2b7fdef607864a58fe0f148cb2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:77:a2:84:a7:70:6e:46:f6:4c:34:5c:d9:fb:
87:1f:09:2f:f5:59:17:90:e6:96:0b:f4:84:24:4a:
cf:e3:af:f3:4e:0d:53:36:03:6c:f3:25:b8:e1:9f:
c6:9c:fa:46:3c:58:7e:d7:3b:ae:46:96:3f:c5:c8:
bc:cd:ad:d6:37:a5:54:54:ab:79:14:f0:86:1c:12:
fe:f0:14:89:fd:a4:c4:fd:55:12:a3:f5:6e:c0:76:
30:7a:85:a8:d6:79:d4:a3:72:b7:65:96:21:cb:04:
00:4e:8b:59:d9:57:45:11:8e:f5:52:92:73:0c:39:
aa:c7:d1:86:52:ea:ef:a6:b6:cd:86:c0:49:3f:0e:
0c:57:3c:57:a8:ad:e3:d5:ef:a4:17:bf:69:0e:c2:
e1:2b:0e:18:de:73:24:57:11:10:bb:71:3b:c0:31:
ea:8b:e0:fe:e3:75:68:e0:d0:c3:3c:8a:67:97:4d:
c0:88:16:73:19:4b:5d:17:a7:a4:fb:d7:54:1e:2c:
b5:09:8e:86:f5:82:39:71:8b:0f:6b:ed:cc:3b:f5:
4c:b9:01:05:c3:05:4a:1b:d6:cf:74:e1:06:47:b2:
50:44:16:7b:0d:45:ad:c8:c6:0f:bb:f9:a8:00:22:
b3:ef:7a:e3:5e:ce:17:3d:7f:98:24:36:b0:d3:a2:
c3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:06:CC:5F:F2:6E:2B:7F:DE:F6:07:86:4A:58:FE:0F:14:8C:B2:F8
X509v3 Authority Key Identifier:
keyid:DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:a5:1c:f6:e5:1a:32:71:80:cf:6b:9c:f4:fd:a7:3e:a6:2e:
fc:15:b2:50:44:96:e1:e8:0b:66:82:38:e7:7b:ae:8f:99:91:
c5:24:56:aa:64:73:0a:17:72:20:4e:dc:65:b0:f8:d1:f8:71:
02:64:8a:11:ad:48:3d:e1:e8:8a:27:1c:82:8c:80:44:ae:c8:
9f:14:99:93:cd:87:af:41:08:68:de:f9:9f:73:6a:31:f5:aa:
63:8a:3c:77:e8:02:b6:e7:4a:35:47:e9:bf:d0:7c:16:b0:f1:
c7:06:4d:ba:ff:8d:78:2b:09:02:a8:83:e7:bf:9b:26:ee:94:
c1:d2:51:02:ee:17:b6:43:39:df:e9:a6:00:7f:c4:ff:8e:06:
cc:d1:a2:a7:0f:2f:31:f0:29:66:30:1f:58:62:8b:1a:21:b4:
d8:ab:68:9a:f4:80:20:1a:fb:72:38:fc:1b:f9:6c:ab:e4:d2:
cc:06:6e:fc:7c:b1:72:f2:ba:24:71:59:2a:d7:d1:56:27:0f:
78:14:e8:9a:43:63:75:7c:be:22:11:00:69:27:be:9c:be:5d:
06:1b:88:93:e9:d4:92:40:57:6e:28:14:ab:04:68:d2:b6:ee:
61:f4:a3:81:3c:58:f7:70:9f:7b:bb:1c:04:0e:7c:0c:a9:2d:
aa:35:6f:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk3yybC8jA9LxQH/kXEbuXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNhYTlhNGZlOWQ2MGM1Y2Y4NTNhOTI0ODIyMjY5ZjFj
Yzc0NTIwHhcNMjUwOTExMDgwMTI0WhcNMjUwOTEyMDgwMTI0WjAzMTEwLwYDVQQD
EyhlODA2Y2M1ZmYyNmUyYjdmZGVmNjA3ODY0YTU4ZmUwZjE0OGNiMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXeihKdwbkb2TDRc2fuHHwkv9VkX
kOaWC/SEJErP46/zTg1TNgNs8yW44Z/GnPpGPFh+1zuuRpY/xci8za3WN6VUVKt5
FPCGHBL+8BSJ/aTE/VUSo/VuwHYweoWo1nnUo3K3ZZYhywQATotZ2VdFEY71UpJz
DDmqx9GGUurvprbNhsBJPw4MVzxXqK3j1e+kF79pDsLhKw4Y3nMkVxEQu3E7wDHq
i+D+43Vo4NDDPIpnl03AiBZzGUtdF6ek+9dUHiy1CY6G9YI5cYsPa+3MO/VMuQEF
wwVKG9bPdOEGR7JQRBZ7DUWtyMYPu/moACKz73rjXs4XPX+YJDaw06LDGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgGzF/ybit/3vYHhkpY/g8UjLL4MB8GA1UdIwQY
MBaAFNwDqppP6dYMXPhTqSSCImnxzHRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjkt
MWNhNzY2ZmJlZWJhLzEvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjktMWNhNzY2ZmJlZWJh
LzEvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAqUc9uUa
MnGAz2uc9P2nPqYu/BWyUESW4egLZoI453uuj5mRxSRWqmRzChdyIE7cZbD40fhx
AmSKEa1IPeHoiiccgoyARK7InxSZk82Hr0EIaN75n3NqMfWqY4o8d+gCtudKNUfp
v9B8FrDxxwZNuv+NeCsJAqiD57+bJu6UwdJRAu4XtkM53+mmAH/E/44GzNGipw8v
MfApZjAfWGKLGiG02KtomvSAIBr7cjj8G/lsq+TSzAZu/HyxcvK6JHFZKtfRVicP
eBTomkNjdXy+IhEAaSe+nL5dBhuIk+nUkkBXbigUqwRo0rbuYfSjgTxY93Cfe7sc
BA58DKktqjVvhg==
-----END CERTIFICATE-----
Generated at Thu Sep 11 11:46:05 2025 by rpki-client