Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5d1908-6c4d-4581-8f10-985aac5beb30/1/3YpOHe5bseZXmxFhypEsqcA7Ru0.mft
File: 3YpOHe5bseZXmxFhypEsqcA7Ru0.mft (raw, json)
Hash identifier: +zaaF/XPxIAftfl3VfbqvDUXejbjxqCBouzMtIsva6I=
Subject key identifier: CB:EA:64:D8:DB:55:19:C8:41:58:9F:C0:AB:35:92:A3:05:BA:2A:F9
Authority key identifier: DD:8A:4E:1D:EE:5B:B1:E6:57:9B:11:61:CA:91:2C:A9:C0:3B:46:ED
Certificate issuer: /CN=dd8a4e1dee5bb1e6579b1161ca912ca9c03b46ed
Certificate serial: 019A71B7CF536934265FB60C67C061948E96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YpOHe5bseZXmxFhypEsqcA7Ru0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5d1908-6c4d-4581-8f10-985aac5beb30/1/3YpOHe5bseZXmxFhypEsqcA7Ru0.mft
Manifest number: 1072
Signing time: Tue 11 Nov 2025 07:01:02 +0000
Manifest this update: Tue 11 Nov 2025 07:01:02 +0000
Manifest next update: Wed 12 Nov 2025 07:01:02 +0000
Files and hashes: 1: 1-hdiWMY5l0xAZuqxRKYMnls1-tQ.roa (hash: T86Jb9a9Ub4X+hYRFQtCytnDevJ3Vo4p0E2BCYldVL4=)
2: 3YpOHe5bseZXmxFhypEsqcA7Ru0.crl (hash: hx+M87kxFoUTmAM+wQ7Y6WtSVY6hm1vOL03ci26HXtQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/5d1908-6c4d-4581-8f10-985aac5beb30/1/3YpOHe5bseZXmxFhypEsqcA7Ru0.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/5d1908-6c4d-4581-8f10-985aac5beb30/1/3YpOHe5bseZXmxFhypEsqcA7Ru0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3YpOHe5bseZXmxFhypEsqcA7Ru0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:cf:53:69:34:26:5f:b6:0c:67:c0:61:94:8e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd8a4e1dee5bb1e6579b1161ca912ca9c03b46ed
Validity
Not Before: Nov 11 07:01:02 2025 GMT
Not After : Nov 12 07:01:02 2025 GMT
Subject: CN=cbea64d8db5519c841589fc0ab3592a305ba2af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e3:57:b4:27:cf:65:ac:a7:62:61:2f:86:0a:
c7:df:19:32:05:64:ad:23:c7:5a:c0:bd:d3:25:ed:
68:09:22:be:b0:95:6f:8a:08:91:ee:bf:fb:14:3d:
40:39:b9:19:93:b2:de:f4:fa:dc:40:37:65:22:a5:
7e:37:14:ea:73:fa:92:37:40:b5:87:d9:83:6f:9b:
da:17:32:25:fb:79:7d:54:31:d7:9f:5e:86:06:bf:
a1:21:0e:00:bc:04:38:5f:e5:be:d3:8e:00:bf:c2:
4d:71:9f:9e:30:80:67:2b:12:13:68:b5:48:f9:ec:
80:7a:97:52:ea:13:28:7f:6b:26:ac:12:2a:e0:4a:
7d:a3:71:85:fc:8b:20:47:dc:51:94:75:02:ab:d3:
e5:47:f0:8f:8c:95:9b:57:18:d4:70:74:49:80:59:
f5:3f:6f:8f:31:5f:6e:3f:18:79:99:3a:96:02:67:
8e:67:91:61:5b:93:a0:66:6d:e9:a3:7f:ba:2d:44:
d7:e3:57:5d:d2:98:87:35:70:a8:7e:d0:db:f5:05:
8d:da:56:1b:2a:c1:19:b1:a7:c3:5d:8e:19:7a:99:
59:f4:1a:58:95:fc:a7:76:31:0e:cd:f9:1e:b8:00:
57:ed:49:55:de:c9:7c:e3:71:35:37:c5:1d:48:d6:
02:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EA:64:D8:DB:55:19:C8:41:58:9F:C0:AB:35:92:A3:05:BA:2A:F9
X509v3 Authority Key Identifier:
keyid:DD:8A:4E:1D:EE:5B:B1:E6:57:9B:11:61:CA:91:2C:A9:C0:3B:46:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YpOHe5bseZXmxFhypEsqcA7Ru0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5d1908-6c4d-4581-8f10-985aac5beb30/1/3YpOHe5bseZXmxFhypEsqcA7Ru0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5d1908-6c4d-4581-8f10-985aac5beb30/1/3YpOHe5bseZXmxFhypEsqcA7Ru0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:9d:51:7b:34:98:ab:00:a2:22:84:1b:3f:cf:01:b8:a7:de:
fc:c3:a1:eb:f7:e8:ee:6f:f1:6a:86:d6:d6:6d:4c:17:71:b7:
87:35:e5:a5:c9:35:41:1b:f9:d7:8e:f0:d6:09:26:49:e2:e2:
e0:0b:e1:52:00:ae:a8:c7:ff:72:dd:18:b9:88:67:36:30:db:
44:6d:5e:5d:ce:e2:53:bb:0c:71:40:12:f4:84:00:91:db:7f:
e9:2d:08:98:46:09:03:55:5e:04:81:d0:4d:5a:c2:6b:7a:87:
75:95:f7:03:ee:73:dc:5b:ca:b8:83:42:11:fb:89:c7:da:0a:
a1:cc:66:0c:66:3b:c3:23:70:d6:03:83:52:e0:09:43:1e:5e:
5e:ee:39:26:83:34:b3:ec:8c:9d:fa:13:8c:74:c2:88:5f:1a:
3c:aa:a4:fd:45:6c:bc:a3:94:4b:e6:2b:9d:dc:74:4b:72:be:
f3:62:70:00:01:15:ee:69:14:00:0e:bd:24:a1:e9:7b:3c:5f:
ff:46:6a:89:47:36:63:d2:d7:2b:4d:c2:f9:31:a6:d7:1c:03:
22:c1:ab:87:e0:a9:b2:e2:d9:58:71:d2:58:00:9c:10:de:90:
8d:45:57:03:68:93:1d:a5:68:b9:b6:a6:f6:ff:61:97:37:8c:
de:70:3a:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt89TaTQmX7YMZ8BhlI6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOGE0ZTFkZWU1YmIxZTY1NzliMTE2MWNhOTEyY2E5YzAz
YjQ2ZWQwHhcNMjUxMTExMDcwMTAyWhcNMjUxMTEyMDcwMTAyWjAzMTEwLwYDVQQD
EyhjYmVhNjRkOGRiNTUxOWM4NDE1ODlmYzBhYjM1OTJhMzA1YmEyYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uNXtCfPZaynYmEvhgrH3xkyBWSt
I8dawL3TJe1oCSK+sJVvigiR7r/7FD1AObkZk7Le9PrcQDdlIqV+NxTqc/qSN0C1
h9mDb5vaFzIl+3l9VDHXn16GBr+hIQ4AvAQ4X+W+044Av8JNcZ+eMIBnKxITaLVI
+eyAepdS6hMof2smrBIq4Ep9o3GF/IsgR9xRlHUCq9PlR/CPjJWbVxjUcHRJgFn1
P2+PMV9uPxh5mTqWAmeOZ5FhW5OgZm3po3+6LUTX41dd0piHNXCoftDb9QWN2lYb
KsEZsafDXY4ZeplZ9BpYlfyndjEOzfkeuABX7UlV3sl843E1N8UdSNYCGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvqZNjbVRnIQVifwKs1kqMFuir5MB8GA1UdIwQY
MBaAFN2KTh3uW7HmV5sRYcqRLKnAO0btMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lwT0hlNWJzZVpYbXhGaHlwRXNxY0E3UnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81ZDE5MDgtNmM0ZC00NTgxLThmMTAt
OTg1YWFjNWJlYjMwLzEvM1lwT0hlNWJzZVpYbXhGaHlwRXNxY0E3UnUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81ZDE5MDgtNmM0ZC00NTgxLThmMTAtOTg1YWFjNWJlYjMw
LzEvM1lwT0hlNWJzZVpYbXhGaHlwRXNxY0E3UnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEZ1RezSY
qwCiIoQbP88BuKfe/MOh6/fo7m/xaobW1m1MF3G3hzXlpck1QRv5147w1gkmSeLi
4AvhUgCuqMf/ct0YuYhnNjDbRG1eXc7iU7sMcUAS9IQAkdt/6S0ImEYJA1VeBIHQ
TVrCa3qHdZX3A+5z3FvKuINCEfuJx9oKocxmDGY7wyNw1gODUuAJQx5eXu45JoM0
s+yMnfoTjHTCiF8aPKqk/UVsvKOUS+Yrndx0S3K+82JwAAEV7mkUAA69JKHpezxf
/0ZqiUc2Y9LXK03C+TGm1xwDIsGrh+CpsuLZWHHSWACcEN6QjUVXA2iTHaVoubam
9v9hlzeM3nA6EA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:04 2025 by rpki-client