Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
File: 3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft (raw, json)
Hash identifier: hjMViHadgAi5xjV1kgElPpfwZyACBINMPMjTGweZwds=
Subject key identifier: C0:CF:D5:4E:6B:42:13:E8:20:F5:99:7A:BA:C7:8C:FB:21:2B:7D:FF
Authority key identifier: DF:15:8D:CB:29:0E:C5:AE:7F:66:C1:FA:0F:8D:96:32:11:DE:EA:54
Certificate issuer: /CN=df158dcb290ec5ae7f66c1fa0f8d963211deea54
Certificate serial: 019A71B883EAE44E0E4399639348F9F9AB45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
Manifest number: 0232
Signing time: Tue 11 Nov 2025 07:01:48 +0000
Manifest this update: Tue 11 Nov 2025 07:01:48 +0000
Manifest next update: Wed 12 Nov 2025 07:01:48 +0000
Files and hashes: 1: 3xWNyykOxa5_ZsH6D42WMhHe6lQ.crl (hash: C2b0P03UMcFMyJmaeZPqh3b6f1pzWPpUZJMt78foc8s=)
2: Hsu5uEPri8mQgaZ4Qzz1c8ZzqXs.roa (hash: DFoP5Rp4yqWzaWfGAIFOGX06a0KJXff63tIBuI2st8A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:83:ea:e4:4e:0e:43:99:63:93:48:f9:f9:ab:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df158dcb290ec5ae7f66c1fa0f8d963211deea54
Validity
Not Before: Nov 11 07:01:48 2025 GMT
Not After : Nov 12 07:01:48 2025 GMT
Subject: CN=c0cfd54e6b4213e820f5997abac78cfb212b7dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8f:9c:30:e0:39:b5:9e:ac:69:97:fe:cf:17:
be:26:44:ff:a6:e9:29:41:e6:ce:3c:df:ca:f6:cb:
20:c0:dc:57:e5:c9:e5:17:e6:73:e5:01:89:b5:06:
f7:ad:c7:5c:39:2a:e0:a5:c7:14:1e:d9:74:28:da:
ca:a1:a5:2a:42:cc:db:6a:4e:34:40:95:5d:41:8a:
51:58:7e:b8:61:73:94:d3:bd:80:85:09:8e:38:5b:
20:19:03:08:39:37:33:a8:5e:1c:5b:10:0f:22:b9:
cd:28:ea:7f:e4:40:a2:73:33:b6:be:9a:5b:63:b1:
3c:ea:1f:cc:2d:47:67:9f:ec:63:f2:5f:07:e9:8d:
e0:33:ae:22:fb:85:d6:95:e5:19:45:40:bd:e5:04:
aa:24:98:c5:e5:17:85:74:96:a5:43:7b:94:e8:96:
35:e3:1f:9e:38:7f:7c:e3:85:b1:29:07:95:42:71:
57:9e:e7:9f:a9:7f:fb:1f:52:00:96:8a:42:e8:6d:
93:aa:e8:40:9c:4a:c2:b9:a8:89:d1:5b:8a:c0:c8:
7d:e3:3d:a9:11:54:a6:4b:88:1a:94:34:80:53:f6:
da:de:fb:5c:40:74:1f:8f:06:0d:2a:17:c7:89:38:
00:f2:c5:44:70:70:b8:26:de:45:5a:a8:48:cf:0e:
86:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:CF:D5:4E:6B:42:13:E8:20:F5:99:7A:BA:C7:8C:FB:21:2B:7D:FF
X509v3 Authority Key Identifier:
keyid:DF:15:8D:CB:29:0E:C5:AE:7F:66:C1:FA:0F:8D:96:32:11:DE:EA:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xWNyykOxa5_ZsH6D42WMhHe6lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a54b85-af3e-47c6-80e7-c4142df35cc3/1/3xWNyykOxa5_ZsH6D42WMhHe6lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:28:ed:8b:41:58:15:f1:b3:a1:18:bc:60:d2:94:2a:e8:3c:
b8:39:89:99:c3:00:7c:d1:92:b3:d1:11:b0:9b:9d:3c:7a:53:
78:00:45:af:9a:33:cb:e1:19:17:c2:05:5a:93:6c:a1:ae:0a:
5d:74:f2:0f:84:3f:5c:19:9f:98:9e:60:45:6d:64:13:e3:7d:
38:a2:3c:36:fa:e7:82:cb:e8:86:57:39:69:68:50:0e:45:5f:
c9:93:31:35:50:29:08:d9:89:3b:a8:37:4c:7b:8c:36:08:67:
65:b0:c0:db:5d:f8:91:ed:3b:89:12:9b:08:1e:c2:4e:dd:89:
13:a2:dd:d9:7a:ba:42:21:14:64:e2:c3:8c:71:94:03:77:83:
db:92:bc:3b:0c:e1:8d:33:ce:e7:27:c9:eb:9b:85:fa:18:0e:
5b:49:fd:1b:58:97:53:fe:f9:66:7c:c6:19:e1:1e:7a:24:28:
54:8a:22:db:7d:c8:e5:80:cb:6f:0d:eb:3c:44:fc:84:ee:77:
b0:24:81:88:fc:73:63:ea:42:47:21:3d:ab:31:98:ad:1c:c6:
22:61:a9:e3:65:b5:62:20:e2:0a:05:d9:47:fd:01:0d:cb:1a:
0e:dd:63:85:44:91:fd:04:a7:ff:30:92:0e:fa:43:41:df:a3:
dd:8a:04:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIPq5E4OQ5ljk0j5+atFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMTU4ZGNiMjkwZWM1YWU3ZjY2YzFmYTBmOGQ5NjMyMTFk
ZWVhNTQwHhcNMjUxMTExMDcwMTQ4WhcNMjUxMTEyMDcwMTQ4WjAzMTEwLwYDVQQD
EyhjMGNmZDU0ZTZiNDIxM2U4MjBmNTk5N2FiYWM3OGNmYjIxMmI3ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY+cMOA5tZ6saZf+zxe+JkT/pukp
QebOPN/K9ssgwNxX5cnlF+Zz5QGJtQb3rcdcOSrgpccUHtl0KNrKoaUqQszbak40
QJVdQYpRWH64YXOU072AhQmOOFsgGQMIOTczqF4cWxAPIrnNKOp/5ECiczO2vppb
Y7E86h/MLUdnn+xj8l8H6Y3gM64i+4XWleUZRUC95QSqJJjF5ReFdJalQ3uU6JY1
4x+eOH9844WxKQeVQnFXnuefqX/7H1IAlopC6G2TquhAnErCuaiJ0VuKwMh94z2p
EVSmS4galDSAU/ba3vtcQHQfjwYNKhfHiTgA8sVEcHC4Jt5FWqhIzw6GoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDP1U5rQhPoIPWZerrHjPshK33/MB8GA1UdIwQY
MBaAFN8VjcspDsWuf2bB+g+NljIR3upUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hNTRiODUtYWYzZS00N2M2LTgwZTct
YzQxNDJkZjM1Y2MzLzEvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hNTRiODUtYWYzZS00N2M2LTgwZTctYzQxNDJkZjM1Y2Mz
LzEvM3hXTnl5a094YTVfWnNINkQ0MldNaEhlNmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCjti0FY
FfGzoRi8YNKUKug8uDmJmcMAfNGSs9ERsJudPHpTeABFr5ozy+EZF8IFWpNsoa4K
XXTyD4Q/XBmfmJ5gRW1kE+N9OKI8Nvrngsvohlc5aWhQDkVfyZMxNVApCNmJO6g3
THuMNghnZbDA2134ke07iRKbCB7CTt2JE6Ld2Xq6QiEUZOLDjHGUA3eD25K8Owzh
jTPO5yfJ65uF+hgOW0n9G1iXU/75ZnzGGeEeeiQoVIoi233I5YDLbw3rPET8hO53
sCSBiPxzY+pCRyE9qzGYrRzGImGp42W1YiDiCgXZR/0BDcsaDt1jhUSR/QSn/zCS
DvpDQd+j3YoExQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:39 2025 by rpki-client