Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/9d09af-017a-4ac1-9872-6166ff6e665c/1/3ozUdpwybYRex1OmcNo6yptp7hU.mft
File: 3ozUdpwybYRex1OmcNo6yptp7hU.mft (raw, json)
Hash identifier: 8z05WgM5GjGmca7aiHS/8349+28bpLiNsaxpT79Upog=
Subject key identifier: CB:01:DA:34:4D:89:FC:D6:8F:08:DD:8C:24:44:5B:C1:5A:49:3E:47
Authority key identifier: DE:8C:D4:76:9C:32:6D:84:5E:C7:53:A6:70:DA:3A:CA:9B:69:EE:15
Certificate issuer: /CN=de8cd4769c326d845ec753a670da3aca9b69ee15
Certificate serial: 019A71EEB31296FBEBD09E5C7DA5D42B78DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ozUdpwybYRex1OmcNo6yptp7hU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/9d09af-017a-4ac1-9872-6166ff6e665c/1/3ozUdpwybYRex1OmcNo6yptp7hU.mft
Manifest number: 017B
Signing time: Tue 11 Nov 2025 08:01:00 +0000
Manifest this update: Tue 11 Nov 2025 08:01:00 +0000
Manifest next update: Wed 12 Nov 2025 08:01:00 +0000
Files and hashes: 1: 3ozUdpwybYRex1OmcNo6yptp7hU.crl (hash: /nw8d5lt4MG1pSHgqRoKWvx2zjqT1ckVI4WhxyNHg3k=)
2: aizIqKjXfqxu2L9Do5SClHmuuHM.roa (hash: VG8x//8NLvTPdp7pULF9tX4PLkvXpJw9Gy/1Yk1G5KI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/9d09af-017a-4ac1-9872-6166ff6e665c/1/3ozUdpwybYRex1OmcNo6yptp7hU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/9d09af-017a-4ac1-9872-6166ff6e665c/1/3ozUdpwybYRex1OmcNo6yptp7hU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ozUdpwybYRex1OmcNo6yptp7hU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:b3:12:96:fb:eb:d0:9e:5c:7d:a5:d4:2b:78:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de8cd4769c326d845ec753a670da3aca9b69ee15
Validity
Not Before: Nov 11 08:01:00 2025 GMT
Not After : Nov 12 08:01:00 2025 GMT
Subject: CN=cb01da344d89fcd68f08dd8c24445bc15a493e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b4:fd:8f:c5:77:a4:61:65:53:c8:05:cb:b2:
03:2a:03:c7:23:64:00:fb:4c:9c:8c:fc:ce:ba:46:
8a:4c:b7:28:20:99:a5:bd:82:1e:f9:f9:a0:16:c9:
dc:cc:96:c8:75:7a:05:e6:9b:48:e2:6f:ab:61:8e:
02:69:75:5f:b8:fc:f2:c7:ac:d0:53:01:f2:f5:60:
5c:98:5a:6e:fa:5f:ed:11:1b:a6:c0:4b:52:51:56:
84:d5:28:fc:3f:6c:72:d7:f2:eb:ed:ed:10:49:11:
0e:ab:6e:7e:30:c8:21:a2:0e:bc:24:d4:05:ad:32:
6a:b1:60:6c:fc:b1:40:17:df:9f:a4:f0:0c:3a:54:
9f:3f:92:ad:7d:16:c3:5e:b7:97:ba:0b:14:12:61:
38:08:a0:11:cb:0a:00:97:e0:4d:91:52:1b:a8:5a:
02:e0:3f:34:20:f1:b6:72:22:7c:91:43:70:e3:33:
d3:7a:91:ce:89:54:a1:bb:93:02:2f:b1:b9:cf:54:
88:4f:ef:36:59:f6:d0:38:46:b1:57:32:8b:a8:d6:
11:7c:af:09:df:fa:60:1b:7d:b5:f7:b8:57:b7:9d:
79:64:fe:f6:38:86:ef:f3:b0:2b:3b:63:c5:1d:0d:
db:20:a6:e9:e0:12:5d:0e:95:13:a5:68:11:01:f5:
45:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:01:DA:34:4D:89:FC:D6:8F:08:DD:8C:24:44:5B:C1:5A:49:3E:47
X509v3 Authority Key Identifier:
keyid:DE:8C:D4:76:9C:32:6D:84:5E:C7:53:A6:70:DA:3A:CA:9B:69:EE:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ozUdpwybYRex1OmcNo6yptp7hU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/9d09af-017a-4ac1-9872-6166ff6e665c/1/3ozUdpwybYRex1OmcNo6yptp7hU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/9d09af-017a-4ac1-9872-6166ff6e665c/1/3ozUdpwybYRex1OmcNo6yptp7hU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:89:ee:75:e5:cf:d8:d4:96:57:a0:0c:18:e7:f8:28:2a:8c:
48:21:71:69:4b:b7:03:7c:76:92:c8:7a:ff:2b:6b:7e:18:99:
b3:f8:f3:64:86:a8:fe:c8:8c:b1:a3:39:9e:47:e9:74:10:8b:
9b:21:50:27:a4:a1:ec:c4:79:f0:43:f9:e5:47:09:32:db:38:
5f:db:8e:09:9d:c0:30:99:ca:d4:c5:69:45:1a:e0:01:67:26:
df:94:46:de:a6:cd:36:91:d5:a1:40:f3:46:34:e4:11:96:02:
78:64:3e:aa:46:22:2a:43:bd:e4:8c:bc:5a:fa:03:1a:35:46:
5c:d2:46:e7:08:a3:9c:19:f5:38:3d:e0:58:82:6a:48:1d:43:
0a:f9:78:60:89:04:14:e9:e1:76:8f:46:2e:74:54:f6:62:bd:
f2:07:9e:90:c4:09:6e:cb:9f:49:e2:3f:33:e1:6c:c2:bf:1c:
4f:aa:1c:e0:cb:ad:00:b5:10:e2:dd:3b:07:4a:ac:48:da:9b:
5e:3c:08:ed:32:86:79:68:66:75:f9:64:5d:bc:e5:60:10:0a:
eb:9b:07:eb:13:85:a7:78:8a:8d:ab:20:63:ee:2e:33:58:f0:
17:37:69:b1:9b:ec:2b:17:cb:22:ba:0a:f1:e7:4d:5b:4b:56:
8a:f8:69:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rMSlvvr0J5cfaXUK3jdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOGNkNDc2OWMzMjZkODQ1ZWM3NTNhNjcwZGEzYWNhOWI2
OWVlMTUwHhcNMjUxMTExMDgwMTAwWhcNMjUxMTEyMDgwMTAwWjAzMTEwLwYDVQQD
EyhjYjAxZGEzNDRkODlmY2Q2OGYwOGRkOGMyNDQ0NWJjMTVhNDkzZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rT9j8V3pGFlU8gFy7IDKgPHI2QA
+0ycjPzOukaKTLcoIJmlvYIe+fmgFsnczJbIdXoF5ptI4m+rYY4CaXVfuPzyx6zQ
UwHy9WBcmFpu+l/tERumwEtSUVaE1Sj8P2xy1/Lr7e0QSREOq25+MMghog68JNQF
rTJqsWBs/LFAF9+fpPAMOlSfP5KtfRbDXreXugsUEmE4CKARywoAl+BNkVIbqFoC
4D80IPG2ciJ8kUNw4zPTepHOiVShu5MCL7G5z1SIT+82WfbQOEaxVzKLqNYRfK8J
3/pgG32197hXt515ZP72OIbv87ArO2PFHQ3bIKbp4BJdDpUTpWgRAfVFiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsB2jRNifzWjwjdjCREW8FaST5HMB8GA1UdIwQY
MBaAFN6M1HacMm2EXsdTpnDaOsqbae4VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM296VWRwd3liWVJleDFPbWNObzZ5cHRwN2hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy85ZDA5YWYtMDE3YS00YWMxLTk4NzIt
NjE2NmZmNmU2NjVjLzEvM296VWRwd3liWVJleDFPbWNObzZ5cHRwN2hVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy85ZDA5YWYtMDE3YS00YWMxLTk4NzItNjE2NmZmNmU2NjVj
LzEvM296VWRwd3liWVJleDFPbWNObzZ5cHRwN2hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYnudeXP
2NSWV6AMGOf4KCqMSCFxaUu3A3x2ksh6/ytrfhiZs/jzZIao/siMsaM5nkfpdBCL
myFQJ6Sh7MR58EP55UcJMts4X9uOCZ3AMJnK1MVpRRrgAWcm35RG3qbNNpHVoUDz
RjTkEZYCeGQ+qkYiKkO95Iy8WvoDGjVGXNJG5wijnBn1OD3gWIJqSB1DCvl4YIkE
FOnhdo9GLnRU9mK98geekMQJbsufSeI/M+Fswr8cT6oc4MutALUQ4t07B0qsSNqb
XjwI7TKGeWhmdflkXbzlYBAK65sH6xOFp3iKjasgY+4uM1jwFzdpsZvsKxfLIroK
8edNW0tWivhp1Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:19 2025 by rpki-client