Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/97004b-b671-4f3d-8d50-d1a4a45fafbc/1/3iuimqARP6_TcNhl-0REmHtHMIo.mft
File: 3iuimqARP6_TcNhl-0REmHtHMIo.mft (raw, json)
Hash identifier: Ur8ofQAj1rAyQdOWnKn4lrEYdPMuaNiTPDmqVPnUIt4=
Subject key identifier: C2:37:2A:84:46:75:03:3A:A6:AA:6B:7B:AB:B2:98:ED:42:EA:88:B6
Authority key identifier: DE:2B:A2:9A:A0:11:3F:AF:D3:70:D8:65:FB:44:44:98:7B:47:30:8A
Certificate issuer: /CN=de2ba29aa0113fafd370d865fb4444987b47308a
Certificate serial: 019A72CA69F56E6C71EA113A86849D63BD68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3iuimqARP6_TcNhl-0REmHtHMIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/97004b-b671-4f3d-8d50-d1a4a45fafbc/1/3iuimqARP6_TcNhl-0REmHtHMIo.mft
Manifest number: 0B8B
Signing time: Tue 11 Nov 2025 12:00:59 +0000
Manifest this update: Tue 11 Nov 2025 12:00:59 +0000
Manifest next update: Wed 12 Nov 2025 12:00:59 +0000
Files and hashes: 1: 3iuimqARP6_TcNhl-0REmHtHMIo.crl (hash: 1gwCzI8Lw9IfyX0NVwXJasheECdRUSnKSQ4vG8XDfIw=)
2: PMD1GlDLGk7gMbwF-9_w1YlsV4M.roa (hash: yxn0bsBf+yoGp2ebzQpXlOvhqAaQoPdbhmTGHyH8IaM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/97004b-b671-4f3d-8d50-d1a4a45fafbc/1/3iuimqARP6_TcNhl-0REmHtHMIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/97004b-b671-4f3d-8d50-d1a4a45fafbc/1/3iuimqARP6_TcNhl-0REmHtHMIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/3iuimqARP6_TcNhl-0REmHtHMIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:69:f5:6e:6c:71:ea:11:3a:86:84:9d:63:bd:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2ba29aa0113fafd370d865fb4444987b47308a
Validity
Not Before: Nov 11 12:00:59 2025 GMT
Not After : Nov 12 12:00:59 2025 GMT
Subject: CN=c2372a844675033aa6aa6b7babb298ed42ea88b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b5:6e:4f:98:4e:4f:f7:09:64:07:8e:3c:8f:
db:e9:c6:c9:7d:c4:83:41:5b:ae:23:bb:5e:9f:3f:
07:e6:1f:40:ca:8b:2f:8e:39:98:19:bd:4b:80:4c:
3e:e5:d2:ed:c4:a9:cc:a0:3e:55:23:73:44:4d:18:
a9:60:47:4b:01:23:d1:c0:9f:c8:23:41:f6:03:3e:
93:bb:cb:49:1c:7d:be:4e:ce:82:5f:30:5f:23:6f:
3a:9e:a7:cc:55:e1:80:a0:a3:b3:d7:51:43:c1:e8:
74:50:1d:d7:00:bb:6a:ef:33:ec:cb:33:eb:a4:5f:
36:76:8e:43:fe:c5:73:41:a7:25:49:e2:56:7e:33:
48:2c:51:4f:a5:fb:06:ea:7f:08:72:69:59:78:32:
50:32:b7:e7:30:81:f7:e1:0f:6e:77:1b:09:a5:96:
9e:27:08:76:66:f2:eb:2c:93:15:41:16:3d:1c:f2:
79:69:b2:6f:d8:cf:49:e5:77:f9:16:af:ad:38:21:
42:6a:0c:1c:ff:d8:c3:b1:70:4d:2d:d7:ec:9a:bc:
54:b0:15:bc:b3:e2:3c:07:40:52:91:97:c4:5e:b6:
a2:14:49:40:a0:93:f0:50:5c:8e:5b:1a:37:02:bb:
69:f6:72:34:27:bc:81:e5:e0:43:35:c5:d8:47:39:
5c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:37:2A:84:46:75:03:3A:A6:AA:6B:7B:AB:B2:98:ED:42:EA:88:B6
X509v3 Authority Key Identifier:
keyid:DE:2B:A2:9A:A0:11:3F:AF:D3:70:D8:65:FB:44:44:98:7B:47:30:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3iuimqARP6_TcNhl-0REmHtHMIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97004b-b671-4f3d-8d50-d1a4a45fafbc/1/3iuimqARP6_TcNhl-0REmHtHMIo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97004b-b671-4f3d-8d50-d1a4a45fafbc/1/3iuimqARP6_TcNhl-0REmHtHMIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:2b:2b:e2:a7:55:29:bf:df:fe:2e:67:26:ce:a1:2a:d1:c1:
1d:d9:06:8a:f4:b3:95:69:1d:2f:16:cd:ba:45:68:f6:7d:f8:
a3:51:6e:e5:92:13:b8:f4:f0:2e:4f:df:f4:a8:12:2e:1c:43:
8f:9d:a9:29:b7:00:11:86:2b:c1:0b:ca:dc:77:29:21:d0:93:
a8:21:1a:14:0b:bf:95:1c:fc:49:fb:9b:98:c5:ff:c7:76:b6:
37:bc:70:ae:6a:a7:53:cc:8d:08:31:10:96:76:57:49:b7:7f:
bb:58:2f:de:fc:e3:70:eb:0a:3b:70:ce:2b:6a:9d:24:2e:da:
a6:55:4d:1b:04:78:f5:ea:00:95:49:75:2c:e9:fa:42:8a:31:
b1:e7:d0:bc:87:b4:e9:6e:7f:7e:73:be:b6:ea:6a:06:5b:44:
99:91:23:b7:9e:ff:4c:1c:f9:27:62:62:e3:c0:0d:9e:6c:f2:
a2:a9:f3:87:d4:3b:39:b2:11:e3:9e:5e:9c:aa:73:12:66:b2:
36:e2:83:75:bf:bd:62:1f:fd:44:eb:3d:67:c7:1b:fb:1a:81:
b2:c5:9b:e1:0d:28:53:93:21:18:56:aa:78:1e:02:f5:a5:4d:
62:27:94:5a:3b:51:4a:2e:14:bf:60:97:0a:b9:be:bb:3b:dc:
f4:aa:ea:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyymn1bmxx6hE6hoSdY71oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmJhMjlhYTAxMTNmYWZkMzcwZDg2NWZiNDQ0NDk4N2I0
NzMwOGEwHhcNMjUxMTExMTIwMDU5WhcNMjUxMTEyMTIwMDU5WjAzMTEwLwYDVQQD
EyhjMjM3MmE4NDQ2NzUwMzNhYTZhYTZiN2JhYmIyOThlZDQyZWE4OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7VuT5hOT/cJZAeOPI/b6cbJfcSD
QVuuI7tenz8H5h9AyosvjjmYGb1LgEw+5dLtxKnMoD5VI3NETRipYEdLASPRwJ/I
I0H2Az6Tu8tJHH2+Ts6CXzBfI286nqfMVeGAoKOz11FDweh0UB3XALtq7zPsyzPr
pF82do5D/sVzQaclSeJWfjNILFFPpfsG6n8IcmlZeDJQMrfnMIH34Q9udxsJpZae
Jwh2ZvLrLJMVQRY9HPJ5abJv2M9J5Xf5Fq+tOCFCagwc/9jDsXBNLdfsmrxUsBW8
s+I8B0BSkZfEXraiFElAoJPwUFyOWxo3Artp9nI0J7yB5eBDNcXYRzlc0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMI3KoRGdQM6pqpre6uymO1C6oi2MB8GA1UdIwQY
MBaAFN4ropqgET+v03DYZftERJh7RzCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2l1aW1xQVJQNl9UY05obC0wUkVtSHRITUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85NzAwNGItYjY3MS00ZjNkLThkNTAt
ZDFhNGE0NWZhZmJjLzEvM2l1aW1xQVJQNl9UY05obC0wUkVtSHRITUlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85NzAwNGItYjY3MS00ZjNkLThkNTAtZDFhNGE0NWZhZmJj
LzEvM2l1aW1xQVJQNl9UY05obC0wUkVtSHRITUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiisr4qdV
Kb/f/i5nJs6hKtHBHdkGivSzlWkdLxbNukVo9n34o1Fu5ZITuPTwLk/f9KgSLhxD
j52pKbcAEYYrwQvK3HcpIdCTqCEaFAu/lRz8SfubmMX/x3a2N7xwrmqnU8yNCDEQ
lnZXSbd/u1gv3vzjcOsKO3DOK2qdJC7aplVNGwR49eoAlUl1LOn6QooxsefQvIe0
6W5/fnO+tupqBltEmZEjt57/TBz5J2Ji48ANnmzyoqnzh9Q7ObIR455enKpzEmay
NuKDdb+9Yh/9ROs9Z8cb+xqBssWb4Q0oU5MhGFaqeB4C9aVNYieUWjtRSi4Uv2CX
Crm+uzvc9KrqPA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:49 2025 by rpki-client