Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
File: 3XGhKciwiZWUIZnqbRsigmU1DQs.mft (raw, json)
Hash identifier: OzAMPOcG4T4Vgo6fSEF7+jIWnUHQt1YyVfKai13Du90=
Subject key identifier: 9B:D8:05:91:2B:06:2B:AE:99:23:24:50:6F:87:BD:D3:A4:35:C9:BD
Authority key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
Certificate issuer: /CN=dd71a129c8b08995942199ea6d1b228265350d0b
Certificate serial: 019A725C9FB13774E7BFC648D04C9086D8A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 10:01:04 +0000
Manifest this update: Tue 11 Nov 2025 10:01:04 +0000
Manifest next update: Wed 12 Nov 2025 10:01:04 +0000
Files and hashes: 1: 3XGhKciwiZWUIZnqbRsigmU1DQs.crl (hash: 8BPQqDbbuneuBH0yrUQpbp23QhjLp45V1AInjqMn1bU=)
2: OwG4_h94ip7CzANECDf39dfwNGk.roa (hash: XIXqYD1CZdADAiBPHja+pimegzmDxikS2efUTrBV4t8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:9f:b1:37:74:e7:bf:c6:48:d0:4c:90:86:d8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd71a129c8b08995942199ea6d1b228265350d0b
Validity
Not Before: Nov 11 10:01:04 2025 GMT
Not After : Nov 12 10:01:04 2025 GMT
Subject: CN=9bd805912b062bae992324506f87bdd3a435c9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:90:93:5e:5f:48:e5:59:b9:9c:1c:5b:db:4f:
68:cc:73:e9:14:83:8a:4a:c1:ae:0f:07:ac:99:e7:
22:44:71:19:5b:58:b9:2c:2d:62:c9:e5:db:a3:22:
58:73:57:d5:16:19:16:86:e1:5a:9a:88:01:eb:af:
fb:2c:46:38:80:1d:b0:8d:b6:73:71:cd:7d:75:19:
0c:36:a2:1d:8a:71:80:74:48:bf:14:35:4f:d3:54:
35:da:c8:be:3f:3c:6b:af:a7:d9:e6:08:16:aa:11:
c7:5e:fe:93:87:ae:c2:5c:37:28:18:cc:26:86:d8:
58:e3:92:72:4f:43:62:dc:0c:c7:77:3d:37:93:2b:
d6:53:1d:4d:1a:ff:1b:d1:13:c7:f6:c6:bf:a0:17:
9a:4d:0d:a4:71:b5:df:ce:77:11:4a:d1:78:5f:66:
b6:65:c7:db:aa:f6:03:98:58:0e:03:f6:fc:6d:68:
de:e3:6a:97:27:12:ec:3d:3a:04:9a:2c:66:d7:47:
8a:86:5d:82:51:06:db:62:13:f4:c2:3f:f4:d2:2e:
84:44:88:b7:8e:48:71:9c:f8:56:65:b1:b6:15:cb:
e7:ab:8f:85:bf:76:10:75:4f:cf:50:2f:6b:cf:1c:
14:bc:37:01:bc:64:f2:e7:02:ad:56:27:69:39:4c:
68:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D8:05:91:2B:06:2B:AE:99:23:24:50:6F:87:BD:D3:A4:35:C9:BD
X509v3 Authority Key Identifier:
keyid:DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:27:88:ed:88:10:48:10:bc:ad:9c:1d:6e:bb:5f:a1:d4:a9:
62:0c:77:34:ac:fa:0b:18:32:ff:8c:33:0e:10:07:63:75:34:
30:02:25:dd:4a:2f:1e:3b:a8:24:72:76:5f:54:97:16:74:5b:
6c:ab:38:af:f0:d1:20:8d:6a:fd:2f:99:a9:38:f0:bf:49:36:
47:06:d6:25:ad:68:fc:e9:3c:7b:5d:28:03:d4:e7:54:dd:92:
b8:08:5c:c9:f1:99:dc:28:56:e2:86:b9:6a:10:93:ee:67:d8:
5a:a8:c9:16:a7:19:18:59:3b:3c:09:c1:5b:00:64:2f:a2:33:
40:ca:3f:83:52:e8:b1:ed:00:4a:81:e4:01:09:b2:a4:5e:f9:
8d:0c:75:80:13:7c:7b:b9:4b:03:11:2b:24:5b:a9:97:57:9f:
17:db:7d:22:74:cc:03:96:09:58:69:b3:08:78:be:7a:b6:65:
18:64:40:3a:bf:6e:1a:6e:97:42:b7:a0:6f:90:d4:4d:8b:3e:
c1:9c:b2:50:89:9c:59:11:17:df:7a:91:af:b4:24:32:c1:67:
da:af:a6:da:a7:06:ae:6a:d3:54:b6:74:0b:f6:be:62:ff:4f:
66:e9:66:e2:71:1d:7d:5b:42:7f:91:9b:9c:98:43:c1:79:89:
b9:39:ed:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJ+xN3Tnv8ZI0EyQhtimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzFhMTI5YzhiMDg5OTU5NDIxOTllYTZkMWIyMjgyNjUz
NTBkMGIwHhcNMjUxMTExMTAwMTA0WhcNMjUxMTEyMTAwMTA0WjAzMTEwLwYDVQQD
Eyg5YmQ4MDU5MTJiMDYyYmFlOTkyMzI0NTA2Zjg3YmRkM2E0MzVjOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15CTXl9I5Vm5nBxb209ozHPpFIOK
SsGuDwesmeciRHEZW1i5LC1iyeXboyJYc1fVFhkWhuFamogB66/7LEY4gB2wjbZz
cc19dRkMNqIdinGAdEi/FDVP01Q12si+Pzxrr6fZ5ggWqhHHXv6Th67CXDcoGMwm
hthY45JyT0Ni3AzHdz03kyvWUx1NGv8b0RPH9sa/oBeaTQ2kcbXfzncRStF4X2a2
ZcfbqvYDmFgOA/b8bWje42qXJxLsPToEmixm10eKhl2CUQbbYhP0wj/00i6ERIi3
jkhxnPhWZbG2Fcvnq4+Fv3YQdU/PUC9rzxwUvDcBvGTy5wKtVidpOUxo6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJvYBZErBiuumSMkUG+HvdOkNcm9MB8GA1UdIwQY
MBaAFN1xoSnIsImVlCGZ6m0bIoJlNQ0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYt
YzBkOGM4NjY4OTNmLzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYtYzBkOGM4NjY4OTNm
LzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjyeI7YgQ
SBC8rZwdbrtfodSpYgx3NKz6Cxgy/4wzDhAHY3U0MAIl3UovHjuoJHJ2X1SXFnRb
bKs4r/DRII1q/S+ZqTjwv0k2RwbWJa1o/Ok8e10oA9TnVN2SuAhcyfGZ3ChW4oa5
ahCT7mfYWqjJFqcZGFk7PAnBWwBkL6IzQMo/g1Lose0ASoHkAQmypF75jQx1gBN8
e7lLAxErJFupl1efF9t9InTMA5YJWGmzCHi+erZlGGRAOr9uGm6XQregb5DUTYs+
wZyyUImcWREX33qRr7QkMsFn2q+m2qcGrmrTVLZ0C/a+Yv9PZulm4nEdfVtCf5Gb
nJhDwXmJuTnt6g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:35 2025 by rpki-client