Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
File: 3DU3KrVODfO_UU1fCMpS5De9kaQ.mft (raw, json)
Hash identifier: aHX3SWHV/3E6XAqai1+SCwmniZUUA4Sa31cEfG0FvMo=
Subject key identifier: ED:5E:28:FC:FC:F1:49:5D:4D:E7:5C:D8:38:C6:73:EB:67:60:25:BA
Authority key identifier: DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4
Certificate issuer: /CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
Certificate serial: 019A7149F1CED21C4843DCCAC6ADD06F4C92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
Manifest number: 0670
Signing time: Tue 11 Nov 2025 05:01:02 +0000
Manifest this update: Tue 11 Nov 2025 05:01:02 +0000
Manifest next update: Wed 12 Nov 2025 05:01:02 +0000
Files and hashes: 1: 3DU3KrVODfO_UU1fCMpS5De9kaQ.crl (hash: AlPPbEySdjVpk5HaqlWpYDXJXn6qf1VJC2Eicz32JK0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:f1:ce:d2:1c:48:43:dc:ca:c6:ad:d0:6f:4c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4
Validity
Not Before: Nov 11 05:01:02 2025 GMT
Not After : Nov 12 05:01:02 2025 GMT
Subject: CN=ed5e28fcfcf1495d4de75cd838c673eb676025ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c5:9a:71:3d:13:df:ef:ba:a1:12:ca:a6:3f:
a2:7c:ed:5d:7f:6f:2b:f7:dd:a5:f9:c8:be:d0:0b:
e5:30:a3:9e:fe:cb:83:46:85:b0:1a:82:28:50:d2:
d1:82:04:0e:89:eb:8a:96:7e:90:13:cc:96:71:57:
30:f8:0a:58:57:e5:b7:63:f4:2e:a1:dc:98:4f:d7:
ed:3b:af:92:88:34:e5:90:52:dc:d9:03:f3:35:79:
84:cc:84:5a:c7:7f:40:1a:1b:5d:ac:07:9d:ca:e4:
df:99:fa:00:be:f9:11:6b:37:67:0b:22:79:3e:81:
65:99:c2:c4:ce:0b:16:cc:55:04:47:96:76:b7:dd:
28:ec:0d:34:23:69:4c:05:d6:9d:f2:84:b9:45:9d:
a4:69:9a:a7:f9:2f:0a:bc:dd:d9:12:d6:98:a6:cd:
a7:9f:73:b1:4f:9d:99:4e:1c:ae:b6:de:0c:06:45:
72:43:ea:05:b8:be:5d:7b:34:13:f6:e3:f3:7b:e9:
fa:bf:69:6d:77:da:ac:cf:98:93:7c:79:14:e9:fa:
7f:b7:bc:82:a0:46:7c:3e:1d:2f:01:f1:97:8c:66:
09:2b:7d:b9:3b:06:aa:65:7c:76:8f:85:e5:3a:80:
3c:f0:49:5b:a0:e8:a5:1d:91:e8:18:f5:44:3f:c1:
76:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5E:28:FC:FC:F1:49:5D:4D:E7:5C:D8:38:C6:73:EB:67:60:25:BA
X509v3 Authority Key Identifier:
keyid:DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:9a:70:a4:0c:2c:c3:9e:bf:43:38:b2:5d:d3:a9:92:fe:8c:
c9:05:48:75:44:d9:76:cc:18:2c:d8:1c:cb:fb:eb:ff:ad:31:
3d:b5:2b:44:33:d1:77:b7:bd:44:20:de:1c:79:b1:a0:2a:a5:
7f:71:b0:5d:e3:ad:8a:93:c2:20:6b:e7:22:7b:9d:03:eb:33:
0b:a3:15:4f:6f:d8:08:2a:86:0e:22:04:e1:a4:e0:ef:7f:6d:
e5:55:45:ea:69:56:86:38:26:f1:44:58:45:01:cb:9a:cf:5e:
2e:33:27:7b:fa:56:3b:c7:82:0e:46:70:4f:20:38:a7:00:84:
6d:91:b5:84:1a:d4:3d:2d:b0:80:cc:9f:16:39:01:59:29:e1:
16:27:45:cf:01:fe:e3:e2:fe:cb:de:99:71:c6:a8:c2:d2:38:
58:7d:a4:14:b9:a1:9f:0a:d1:7f:cd:ca:ce:b0:90:f7:0f:c1:
fb:9d:09:8c:df:71:8d:fe:83:f1:48:b9:a6:7c:2b:b4:80:89:
4b:6a:cc:fd:c1:04:2b:5d:97:7e:8f:7c:00:de:3a:43:1e:3d:
05:f8:3c:59:74:a5:47:86:05:9e:d9:46:79:20:ce:91:d0:38:
f0:69:9a:9a:06:78:8e:61:09:eb:6c:df:ee:69:a0:aa:fb:3f:
04:f8:db:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfHO0hxIQ9zKxq3Qb0ySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzUzNzJhYjU0ZTBkZjNiZjUxNGQ1ZjA4Y2E1MmU0Mzdi
ZDkxYTQwHhcNMjUxMTExMDUwMTAyWhcNMjUxMTEyMDUwMTAyWjAzMTEwLwYDVQQD
EyhlZDVlMjhmY2ZjZjE0OTVkNGRlNzVjZDgzOGM2NzNlYjY3NjAyNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sWacT0T3++6oRLKpj+ifO1df28r
992l+ci+0AvlMKOe/suDRoWwGoIoUNLRggQOieuKln6QE8yWcVcw+ApYV+W3Y/Qu
odyYT9ftO6+SiDTlkFLc2QPzNXmEzIRax39AGhtdrAedyuTfmfoAvvkRazdnCyJ5
PoFlmcLEzgsWzFUER5Z2t90o7A00I2lMBdad8oS5RZ2kaZqn+S8KvN3ZEtaYps2n
n3OxT52ZThyutt4MBkVyQ+oFuL5dezQT9uPze+n6v2ltd9qsz5iTfHkU6fp/t7yC
oEZ8Ph0vAfGXjGYJK325OwaqZXx2j4XlOoA88ElboOilHZHoGPVEP8F2jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1eKPz88UldTedc2DjGc+tnYCW6MB8GA1UdIwQY
MBaAFNw1Nyq1Tg3zv1FNXwjKUuQ3vZGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYt
MTk3N2FjMjRkMjExLzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYtMTk3N2FjMjRkMjEx
LzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFppwpAws
w56/QziyXdOpkv6MyQVIdUTZdswYLNgcy/vr/60xPbUrRDPRd7e9RCDeHHmxoCql
f3GwXeOtipPCIGvnInudA+szC6MVT2/YCCqGDiIE4aTg739t5VVF6mlWhjgm8URY
RQHLms9eLjMne/pWO8eCDkZwTyA4pwCEbZG1hBrUPS2wgMyfFjkBWSnhFidFzwH+
4+L+y96ZccaowtI4WH2kFLmhnwrRf83KzrCQ9w/B+50JjN9xjf6D8Ui5pnwrtICJ
S2rM/cEEK12Xfo98AN46Qx49Bfg8WXSlR4YFntlGeSDOkdA48GmamgZ4jmEJ62zf
7mmgqvs/BPjb7A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:13 2025 by rpki-client