Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
File: 3jCrARAqrvMOvUyJHAOAm6rQOeA.mft (raw, json)
Hash identifier: XhtZQhF1FQJp0l20/haB/S8mHMouTFJyxT8lUi98oS8=
Subject key identifier: FC:62:B8:64:94:19:A8:B2:37:A9:72:CE:4B:25:21:B3:11:2C:E8:4B
Authority key identifier: DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0
Certificate issuer: /CN=de30ab01102aaef30ebd4c891c03809baad039e0
Certificate serial: 019A7301B848E909663B77595E93FAB17401
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
Manifest number: E4
Signing time: Tue 11 Nov 2025 13:01:23 +0000
Manifest this update: Tue 11 Nov 2025 13:01:23 +0000
Manifest next update: Wed 12 Nov 2025 13:01:23 +0000
Files and hashes: 1: 3jCrARAqrvMOvUyJHAOAm6rQOeA.crl (hash: M1S7C8yQUHDrRaPDAoXguZY0DD0DIp9W4Guul18gul0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:b8:48:e9:09:66:3b:77:59:5e:93:fa:b1:74:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de30ab01102aaef30ebd4c891c03809baad039e0
Validity
Not Before: Nov 11 13:01:23 2025 GMT
Not After : Nov 12 13:01:23 2025 GMT
Subject: CN=fc62b8649419a8b237a972ce4b2521b3112ce84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:63:17:c2:d2:c9:bc:b7:5d:01:55:5f:ed:
58:f4:82:43:cc:2f:24:69:85:b0:97:43:e9:c3:da:
bd:66:2d:5d:b7:26:b4:83:d5:e3:dc:5a:d6:7a:64:
cb:ff:f0:ff:57:ce:0b:1a:eb:65:20:54:2a:d7:ac:
09:60:93:44:fe:97:03:2c:6e:27:95:d6:01:1d:89:
50:f6:ac:6d:b3:83:fd:c1:c3:dd:34:71:86:96:04:
e7:77:bd:e9:7b:e1:6c:7d:a5:77:84:6e:0a:49:78:
ce:e9:27:a8:53:a2:54:1d:09:30:48:67:17:ea:2f:
d6:6f:22:29:b1:6f:25:08:f7:fe:95:7a:77:b2:e4:
ad:ac:f3:7d:1f:4c:2c:9b:84:b9:6c:c7:4f:ca:1b:
af:24:40:4e:fd:b5:04:45:04:77:46:d8:78:a6:00:
7c:57:23:b9:5e:4f:9c:78:d4:17:ab:9e:b0:d0:6f:
20:16:ac:e8:c1:1b:e4:48:19:96:9f:70:ba:54:68:
42:e5:7f:69:56:25:a6:91:6e:3f:88:4f:87:ef:7c:
94:20:7e:0c:46:85:ff:55:20:e5:7a:74:cf:bf:a5:
42:f4:93:28:53:2d:7f:52:25:48:97:ee:ca:25:eb:
cf:da:ef:1a:1f:4a:28:c2:cf:01:37:76:d1:e0:59:
2e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:62:B8:64:94:19:A8:B2:37:A9:72:CE:4B:25:21:B3:11:2C:E8:4B
X509v3 Authority Key Identifier:
keyid:DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:0d:a1:26:03:c9:12:42:7f:e1:70:4b:cf:10:ec:e4:fe:6e:
ef:aa:d3:0b:27:df:47:03:7d:39:73:53:cf:23:1b:9e:c5:51:
fd:0a:68:36:9e:3d:bb:bd:45:17:35:09:7c:26:33:33:33:87:
04:00:fe:c2:a0:8b:b6:07:83:60:ca:d5:76:6b:b3:61:2e:f1:
76:01:97:0b:08:52:67:c3:a8:96:af:b9:07:b1:4f:ca:02:be:
aa:b8:f0:7e:2f:e1:d3:bc:a0:39:84:26:ff:a3:a9:a5:49:45:
3c:24:7a:94:ba:95:08:3e:3e:e2:04:f5:6b:75:59:4c:a5:2a:
dd:7c:fa:44:26:8d:74:df:7e:ca:2e:cb:ca:d7:07:4c:38:41:
86:61:7c:9a:91:58:22:08:5e:c1:6e:cf:40:65:af:88:6a:d2:
2a:51:9e:b5:71:d0:fe:64:6f:a8:ea:f5:da:a7:59:e2:d2:0c:
65:53:3c:31:6b:1e:62:23:c2:bb:c8:86:bc:93:af:32:78:0a:
4f:76:be:48:55:23:29:d6:a9:97:0b:86:38:61:53:1a:f1:86:
cf:ea:ab:ed:f2:b4:c1:5d:55:36:ba:ff:27:4f:3a:38:0a:9a:
e0:b9:f9:e3:4a:25:6c:23:be:3d:53:9c:33:12:f3:ba:57:88:
6d:24:9f:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAbhI6QlmO3dZXpP6sXQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzBhYjAxMTAyYWFlZjMwZWJkNGM4OTFjMDM4MDliYWFk
MDM5ZTAwHhcNMjUxMTExMTMwMTIzWhcNMjUxMTEyMTMwMTIzWjAzMTEwLwYDVQQD
EyhmYzYyYjg2NDk0MTlhOGIyMzdhOTcyY2U0YjI1MjFiMzExMmNlODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdhjF8LSyby3XQFVX+1Y9IJDzC8k
aYWwl0Ppw9q9Zi1dtya0g9Xj3FrWemTL//D/V84LGutlIFQq16wJYJNE/pcDLG4n
ldYBHYlQ9qxts4P9wcPdNHGGlgTnd73pe+FsfaV3hG4KSXjO6SeoU6JUHQkwSGcX
6i/WbyIpsW8lCPf+lXp3suStrPN9H0wsm4S5bMdPyhuvJEBO/bUERQR3Rth4pgB8
VyO5Xk+ceNQXq56w0G8gFqzowRvkSBmWn3C6VGhC5X9pViWmkW4/iE+H73yUIH4M
RoX/VSDlenTPv6VC9JMoUy1/UiVIl+7KJevP2u8aH0oows8BN3bR4FkuRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxiuGSUGaiyN6lyzkslIbMRLOhLMB8GA1UdIwQY
MBaAFN4wqwEQKq7zDr1MiRwDgJuq0DngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAt
ZDQyNzY4Yzg0ZGY3LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAtZDQyNzY4Yzg0ZGY3
LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhA2hJgPJ
EkJ/4XBLzxDs5P5u76rTCyffRwN9OXNTzyMbnsVR/QpoNp49u71FFzUJfCYzMzOH
BAD+wqCLtgeDYMrVdmuzYS7xdgGXCwhSZ8Oolq+5B7FPygK+qrjwfi/h07ygOYQm
/6OppUlFPCR6lLqVCD4+4gT1a3VZTKUq3Xz6RCaNdN9+yi7LytcHTDhBhmF8mpFY
IghewW7PQGWviGrSKlGetXHQ/mRvqOr12qdZ4tIMZVM8MWseYiPCu8iGvJOvMngK
T3a+SFUjKdaplwuGOGFTGvGGz+qr7fK0wV1VNrr/J086OAqa4Ln540olbCO+PVOc
MxLzuleIbSSfbw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:36:43 2025 by rpki-client