Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft
File: 3OVg8OyFDainwPjW84JRAtTeSs4.mft (raw, json)
Hash identifier: F9EDSUGB04XlrZq3XwkS+Z23plMHd4nQ9uCv+ijBp8g=
Subject key identifier: E0:F0:B8:47:BB:D3:8E:15:B4:75:E8:D7:61:A8:46:21:E9:33:BF:7C
Authority key identifier: DC:E5:60:F0:EC:85:0D:A8:A7:C0:F8:D6:F3:82:51:02:D4:DE:4A:CE
Certificate issuer: /CN=dce560f0ec850da8a7c0f8d6f3825102d4de4ace
Certificate serial: 019A71B76DE17B7378398AEED83E9A7930E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 07:00:37 +0000
Manifest this update: Tue 11 Nov 2025 07:00:37 +0000
Manifest next update: Wed 12 Nov 2025 07:00:37 +0000
Files and hashes: 1: 3OVg8OyFDainwPjW84JRAtTeSs4.crl (hash: J55lXxUpE8O2tE7mkX2rKZewr7dFP53Y9dWeReM+1Fw=)
2: cvAMZ-azozJjAwqBJfc2rmmZkME.roa (hash: Gewk40CVQw5q21r2SfPnFc/pGMGpE0T4SZt3vyzVUaM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:6d:e1:7b:73:78:39:8a:ee:d8:3e:9a:79:30:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dce560f0ec850da8a7c0f8d6f3825102d4de4ace
Validity
Not Before: Nov 11 07:00:37 2025 GMT
Not After : Nov 12 07:00:37 2025 GMT
Subject: CN=e0f0b847bbd38e15b475e8d761a84621e933bf7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:06:ca:b4:53:98:bd:80:57:48:45:4d:8f:fd:
c2:c1:60:ca:16:e5:1a:a6:95:ab:31:66:ae:b6:bb:
17:14:53:ab:2c:5c:d2:af:6e:57:8e:67:a4:4e:c4:
5a:6e:ba:db:62:2a:ce:8e:58:b2:e9:b8:4d:4f:12:
8e:96:08:17:c1:c7:45:bd:00:97:3f:2e:39:84:09:
96:a1:b0:e4:a3:4d:84:02:86:bf:a9:a6:a1:70:9b:
c9:1a:5f:65:12:9e:e1:e1:87:98:2d:0d:35:f3:81:
6b:b8:73:b3:af:bc:e2:d0:b3:2f:5e:b7:26:7e:03:
db:6d:56:04:2b:64:1e:12:f3:6d:ba:ef:82:75:58:
29:b6:00:83:b3:43:bf:95:30:76:97:6f:7c:d5:c5:
d1:8c:a8:62:ac:06:6b:31:8e:49:61:0d:61:d0:f8:
b3:59:2f:29:83:1a:e7:dd:b0:0b:8e:89:12:6f:b4:
96:34:a5:07:5d:72:73:f9:f6:8e:1c:e8:48:6b:e5:
29:01:7b:8c:eb:de:43:84:93:ea:68:f7:c1:68:9f:
c2:db:64:a2:05:f6:dd:37:35:59:fb:25:0d:7f:70:
62:35:6f:28:19:99:4a:e9:30:d9:f4:47:69:fb:07:
93:f6:42:dd:51:b5:7c:82:e6:b8:c4:ff:c8:18:fd:
3d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F0:B8:47:BB:D3:8E:15:B4:75:E8:D7:61:A8:46:21:E9:33:BF:7C
X509v3 Authority Key Identifier:
keyid:DC:E5:60:F0:EC:85:0D:A8:A7:C0:F8:D6:F3:82:51:02:D4:DE:4A:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:c9:f6:f1:23:99:b6:ac:2c:07:79:d4:60:59:c5:c6:77:17:
54:cd:77:03:8f:06:a7:7f:58:cc:b4:15:3a:80:ea:89:9d:f7:
09:4e:4a:b5:13:df:db:44:b2:dc:ab:b7:a7:4e:d5:32:2c:af:
00:61:92:53:f9:b1:fd:4e:75:80:4a:bc:93:dc:8d:1f:e5:53:
42:fd:ee:ce:d1:7b:82:5e:3f:4a:c2:ab:ed:4a:9c:ad:ce:52:
f9:0e:4d:d4:ce:41:b2:f5:f6:9e:84:63:9c:1b:5c:97:77:ce:
1c:ad:30:7e:43:0c:6e:ea:b7:d9:2d:fb:7b:4c:e7:c8:c2:96:
85:36:29:ef:8d:b5:6f:c8:62:a4:86:e1:bc:9e:97:64:c9:8d:
bc:e0:4e:28:87:e6:2e:d5:ff:8c:6a:84:bf:1b:21:31:7f:96:
c5:4c:be:39:1d:a9:bd:89:b6:ad:97:9e:2e:a8:e3:9f:88:7b:
aa:61:db:f5:4e:4d:05:d1:94:29:37:3e:54:e4:98:7f:29:8e:
26:a7:f4:72:07:0e:2f:00:16:ad:61:d4:08:59:f9:0e:92:5f:
57:12:41:c0:b2:d7:61:f8:cd:f0:0f:5b:07:02:a6:cf:04:40:
0c:a5:b0:69:d5:23:02:8e:d1:e8:27:3e:86:85:36:fc:01:e0:
aa:50:dc:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt23he3N4OYru2D6aeTDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZTU2MGYwZWM4NTBkYThhN2MwZjhkNmYzODI1MTAyZDRk
ZTRhY2UwHhcNMjUxMTExMDcwMDM3WhcNMjUxMTEyMDcwMDM3WjAzMTEwLwYDVQQD
EyhlMGYwYjg0N2JiZDM4ZTE1YjQ3NWU4ZDc2MWE4NDYyMWU5MzNiZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwbKtFOYvYBXSEVNj/3CwWDKFuUa
ppWrMWautrsXFFOrLFzSr25XjmekTsRabrrbYirOjliy6bhNTxKOlggXwcdFvQCX
Py45hAmWobDko02EAoa/qaahcJvJGl9lEp7h4YeYLQ0184FruHOzr7zi0LMvXrcm
fgPbbVYEK2QeEvNtuu+CdVgptgCDs0O/lTB2l2981cXRjKhirAZrMY5JYQ1h0Piz
WS8pgxrn3bALjokSb7SWNKUHXXJz+faOHOhIa+UpAXuM695DhJPqaPfBaJ/C22Si
BfbdNzVZ+yUNf3BiNW8oGZlK6TDZ9Edp+weT9kLdUbV8gua4xP/IGP09MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODwuEe7044VtHXo12GoRiHpM798MB8GA1UdIwQY
MBaAFNzlYPDshQ2op8D41vOCUQLU3krOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wNTNkMzktMzc0Yy00Mzg3LTk5NDUt
NDMxZjc1YmE4Njc1LzEvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wNTNkMzktMzc0Yy00Mzg3LTk5NDUtNDMxZjc1YmE4Njc1
LzEvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAMn28SOZ
tqwsB3nUYFnFxncXVM13A48Gp39YzLQVOoDqiZ33CU5KtRPf20Sy3Ku3p07VMiyv
AGGSU/mx/U51gEq8k9yNH+VTQv3uztF7gl4/SsKr7Uqcrc5S+Q5N1M5BsvX2noRj
nBtcl3fOHK0wfkMMbuq32S37e0znyMKWhTYp7421b8hipIbhvJ6XZMmNvOBOKIfm
LtX/jGqEvxshMX+WxUy+OR2pvYm2rZeeLqjjn4h7qmHb9U5NBdGUKTc+VOSYfymO
Jqf0cgcOLwAWrWHUCFn5DpJfVxJBwLLXYfjN8A9bBwKmzwRADKWwadUjAo7R6Cc+
hoU2/AHgqlDcFA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:07:05 2025 by rpki-client