Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
File: 3AOqmk_p1gxc-FOpJIIiafHMdFI.mft (raw, json)
Hash identifier: n4BHCEsG5LAZqhzqBKvLifZZZOhQT3SX4Ff0nfQBg0w=
Subject key identifier: 9D:3A:C1:83:98:06:FA:C2:13:1D:A2:C5:59:E4:A5:3D:59:F9:AC:E0
Authority key identifier: DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52
Certificate issuer: /CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452
Certificate serial: 019A2741BBA8A47F6B1E048362011CEB42C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
Manifest number: 0CA4
Signing time: Mon 27 Oct 2025 20:00:10 +0000
Manifest this update: Mon 27 Oct 2025 20:00:10 +0000
Manifest next update: Tue 28 Oct 2025 20:00:10 +0000
Files and hashes: 1: 3AOqmk_p1gxc-FOpJIIiafHMdFI.crl (hash: pyPUpZviEj+t82T08yuhdz32bOFdMv4AAvXZoD9YdDU=)
2: qHsLN52OLV40PkdsNg1LTDhrI1k.roa (hash: o2jlcmcZCFuQ0+N7Kss7ufNJs+2izJmB43Pkb+WDd2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:27:41:bb:a8:a4:7f:6b:1e:04:83:62:01:1c:eb:42:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452
Validity
Not Before: Oct 27 20:00:10 2025 GMT
Not After : Oct 28 20:00:10 2025 GMT
Subject: CN=9d3ac1839806fac2131da2c559e4a53d59f9ace0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:76:20:9c:62:d0:53:06:03:ec:8c:d5:e7:b6:
58:d4:58:33:83:5f:b5:24:30:f2:fe:bb:5a:f0:f0:
1e:09:bd:1b:38:9c:5a:95:8f:83:b3:fa:df:1b:a6:
dd:30:30:19:a0:b6:a1:67:d9:1c:42:2e:40:09:ce:
aa:29:98:48:21:6e:7b:07:e3:c7:65:ea:d0:42:68:
bd:b2:d4:67:ce:e1:5b:20:de:37:0a:c9:a2:e0:92:
b0:32:db:0e:63:9a:dc:70:fd:88:57:98:ee:cf:b6:
c5:66:55:64:a0:3b:a8:1e:02:2d:38:a5:c7:66:cb:
f7:fb:4e:e9:ab:b5:6d:df:7e:5b:23:c1:3c:8d:1e:
e3:4e:6c:b2:aa:05:f8:10:43:28:e9:e7:41:c4:2e:
19:d6:97:9a:00:26:ea:51:76:95:2a:1a:87:23:81:
bb:38:81:30:6a:84:c2:e4:c4:e2:09:3b:b3:00:d6:
a2:44:55:45:1c:8e:e2:a4:0a:63:db:bb:83:95:4d:
1f:25:02:f4:ee:05:2c:3f:58:9c:ea:5b:29:41:8a:
02:02:7f:6f:76:0c:da:37:1c:39:28:f5:ea:15:b1:
92:cb:87:48:6d:0c:39:b0:ac:b8:d4:2e:f1:78:e5:
c1:28:c0:f9:1f:5a:11:c1:73:ba:7b:4a:51:ae:24:
75:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3A:C1:83:98:06:FA:C2:13:1D:A2:C5:59:E4:A5:3D:59:F9:AC:E0
X509v3 Authority Key Identifier:
keyid:DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:6d:1d:ef:7a:2c:2e:ad:e8:38:37:9f:aa:d9:45:b6:b0:82:
05:b7:d9:fc:13:b9:51:37:9d:c4:d6:85:b9:9d:74:c9:9e:b3:
e7:ab:a8:df:60:9a:1d:81:1e:d4:e9:fa:34:62:3a:b2:44:e9:
74:ab:1d:40:b1:a6:d7:16:4e:bc:e2:9c:a0:33:4c:b7:8c:75:
bd:cb:c5:6f:60:8f:ad:98:3a:13:ed:8f:2c:cc:9a:d3:c1:75:
e4:c4:b1:d8:97:cf:21:0e:de:ed:9e:1c:f5:ff:8e:b6:19:08:
0d:ff:fb:9a:a4:db:ea:9f:10:a8:71:0d:ff:77:4c:6e:f4:20:
ed:4d:89:3e:e2:f0:12:63:cb:14:58:43:9f:ff:df:72:f3:1b:
7d:9a:b4:fc:4b:45:ac:a6:2c:ad:da:3a:24:4a:e9:ff:64:78:
20:f9:8d:31:cc:7b:f3:04:eb:ae:47:a4:16:71:62:7b:4d:a3:
a7:fe:92:ec:4d:f0:1b:d2:f8:4a:fd:38:9b:26:76:32:d6:b3:
b6:bb:3f:6a:e8:a8:58:92:c6:dc:ed:4d:2a:69:80:18:6c:1d:
ba:ec:d1:1f:84:9b:51:39:36:27:e9:87:ee:d1:2f:e3:f5:2e:
2d:bd:a1:cd:8a:6e:d7:31:66:25:52:f6:fc:1b:8e:49:0d:9d:
da:23:8b:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZonQbuopH9rHgSDYgEc60LEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNhYTlhNGZlOWQ2MGM1Y2Y4NTNhOTI0ODIyMjY5ZjFj
Yzc0NTIwHhcNMjUxMDI3MjAwMDEwWhcNMjUxMDI4MjAwMDEwWjAzMTEwLwYDVQQD
Eyg5ZDNhYzE4Mzk4MDZmYWMyMTMxZGEyYzU1OWU0YTUzZDU5ZjlhY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXYgnGLQUwYD7IzV57ZY1Fgzg1+1
JDDy/rta8PAeCb0bOJxalY+Ds/rfG6bdMDAZoLahZ9kcQi5ACc6qKZhIIW57B+PH
ZerQQmi9stRnzuFbIN43Csmi4JKwMtsOY5rccP2IV5juz7bFZlVkoDuoHgItOKXH
Zsv3+07pq7Vt335bI8E8jR7jTmyyqgX4EEMo6edBxC4Z1peaACbqUXaVKhqHI4G7
OIEwaoTC5MTiCTuzANaiRFVFHI7ipApj27uDlU0fJQL07gUsP1ic6lspQYoCAn9v
dgzaNxw5KPXqFbGSy4dIbQw5sKy41C7xeOXBKMD5H1oRwXO6e0pRriR19wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ06wYOYBvrCEx2ixVnkpT1Z+azgMB8GA1UdIwQY
MBaAFNwDqppP6dYMXPhTqSSCImnxzHRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjkt
MWNhNzY2ZmJlZWJhLzEvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjktMWNhNzY2ZmJlZWJh
LzEvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc20d73os
Lq3oODefqtlFtrCCBbfZ/BO5UTedxNaFuZ10yZ6z56uo32CaHYEe1On6NGI6skTp
dKsdQLGm1xZOvOKcoDNMt4x1vcvFb2CPrZg6E+2PLMya08F15MSx2JfPIQ7e7Z4c
9f+OthkIDf/7mqTb6p8QqHEN/3dMbvQg7U2JPuLwEmPLFFhDn//fcvMbfZq0/EtF
rKYsrdo6JErp/2R4IPmNMcx78wTrrkekFnFie02jp/6S7E3wG9L4Sv04myZ2Mtaz
trs/auioWJLG3O1NKmmAGGwduuzRH4SbUTk2J+mH7tEv4/UuLb2hzYpu1zFmJVL2
/BuOSQ2d2iOLbQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 00:09:00 2025 by rpki-client