Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json)
Hash identifier: CLyLtI8n8n4wWIvAxv4qfBHn6fXogI3a9rlknlkuWEg=
Subject key identifier: E8:10:1C:92:87:81:AC:A3:87:B4:23:FF:B2:51:D8:78:4C:90:C7:29
Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc
Certificate serial: 019A71EE8137FA8E320320D7D2D7FFBD44C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
Manifest number: 11B9
Signing time: Tue 11 Nov 2025 08:00:47 +0000
Manifest this update: Tue 11 Nov 2025 08:00:47 +0000
Manifest next update: Wed 12 Nov 2025 08:00:47 +0000
Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: n7txOYY/b/28eK1Wcg+NjCAgp4M+l4TUA3mGT9zYDoQ=)
2: V06h50tDruiBUg9uiKF_DSq52w8.roa (hash: A6FA8GQqXA3RMWxT5r25HFVTJrUQ2PZEYKc6YcmeWfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:81:37:fa:8e:32:03:20:d7:d2:d7:ff:bd:44:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc
Validity
Not Before: Nov 11 08:00:47 2025 GMT
Not After : Nov 12 08:00:47 2025 GMT
Subject: CN=e8101c928781aca387b423ffb251d8784c90c729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:aa:e6:e2:fa:52:ee:0a:c9:d5:8c:96:1f:01:
5d:6c:4f:7a:ab:0e:da:8d:14:80:39:bd:51:8d:f0:
92:e1:c5:f8:78:36:7f:a0:20:5f:ef:0b:7c:6f:18:
9a:21:da:90:ff:74:58:0a:8a:64:d4:d7:b1:12:d8:
33:fa:b3:1e:73:79:a1:cd:17:fe:df:ca:fb:cf:09:
e6:2d:1d:8b:a2:6d:65:48:d0:16:86:7a:2c:79:53:
84:41:39:ff:6e:f6:81:42:66:02:26:15:6f:af:a8:
36:f8:10:12:b2:ed:30:bd:d3:5a:99:23:18:99:66:
9b:69:ce:fb:2e:50:cd:b2:c6:6c:50:2c:58:b3:11:
1d:b9:a7:a2:1e:ca:ed:45:18:09:40:98:64:ce:34:
97:73:25:19:29:b9:a6:ae:39:9c:c4:0f:49:6b:ef:
d0:95:4d:92:08:e9:44:7f:7b:67:70:8e:4b:fb:c6:
8b:c4:4a:29:9e:b0:52:de:cb:0b:18:b2:82:33:31:
57:39:1c:08:e2:a4:dc:72:3f:e5:8d:5f:23:f6:3c:
98:90:02:ee:dc:f5:fb:ad:75:fd:d8:7e:cf:85:11:
4c:cc:49:6c:66:5e:1e:6f:b8:15:aa:d1:3f:01:c8:
77:8b:0f:60:22:0a:57:ad:a3:0e:00:8b:d4:f9:15:
de:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:10:1C:92:87:81:AC:A3:87:B4:23:FF:B2:51:D8:78:4C:90:C7:29
X509v3 Authority Key Identifier:
keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:40:2b:b9:51:68:b1:b0:d8:b0:d3:1d:b7:30:d5:5a:53:81:
fc:38:4c:10:74:11:64:38:cd:7f:b8:45:be:92:02:af:92:20:
cb:7a:f4:0e:d3:fe:bc:ce:fe:39:eb:cd:2f:78:9d:86:a0:d1:
eb:73:d5:c1:b1:45:93:1a:61:3d:64:98:28:28:3f:54:e1:2c:
2c:9a:08:8e:ca:95:91:81:b9:d5:be:f1:f0:d9:b6:64:30:36:
82:78:c5:02:09:bb:41:3a:f1:53:b0:a0:54:7d:e7:dd:e6:49:
1e:7c:28:de:aa:78:b4:38:de:dc:fb:4b:15:49:bb:bc:27:d2:
90:cc:24:c3:07:c6:00:b2:63:cd:f6:ce:a6:f0:c8:09:aa:99:
2a:3d:d3:1a:50:85:a0:f7:85:bb:d7:d3:24:46:51:00:fa:a5:
12:38:1e:44:69:f9:3f:1e:ef:0c:5b:d4:8f:fb:29:44:00:3f:
87:b6:0d:bf:3d:6a:2b:81:c0:50:03:a8:b3:22:b0:d2:e2:2f:
19:b3:94:47:59:36:90:ee:01:cd:e5:d3:80:93:28:f5:bd:1a:
e6:a6:cc:5e:79:90:f4:ec:a7:07:37:bc:f8:00:bc:57:6a:88:
e8:83:25:0e:fb:c6:c8:8a:d0:35:13:07:e7:94:5d:04:62:41:
96:c6:cb:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7oE3+o4yAyDX0tf/vUTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm
NDhhZGMwHhcNMjUxMTExMDgwMDQ3WhcNMjUxMTEyMDgwMDQ3WjAzMTEwLwYDVQQD
EyhlODEwMWM5Mjg3ODFhY2EzODdiNDIzZmZiMjUxZDg3ODRjOTBjNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Krm4vpS7grJ1YyWHwFdbE96qw7a
jRSAOb1RjfCS4cX4eDZ/oCBf7wt8bxiaIdqQ/3RYCopk1NexEtgz+rMec3mhzRf+
38r7zwnmLR2Lom1lSNAWhnoseVOEQTn/bvaBQmYCJhVvr6g2+BASsu0wvdNamSMY
mWabac77LlDNssZsUCxYsxEduaeiHsrtRRgJQJhkzjSXcyUZKbmmrjmcxA9Ja+/Q
lU2SCOlEf3tncI5L+8aLxEopnrBS3ssLGLKCMzFXORwI4qTccj/ljV8j9jyYkALu
3PX7rXX92H7PhRFMzElsZl4eb7gVqtE/Ach3iw9gIgpXraMOAIvU+RXerQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgQHJKHgayjh7Qj/7JR2HhMkMcpMB8GA1UdIwQY
MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt
NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk
LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS0AruVFo
sbDYsNMdtzDVWlOB/DhMEHQRZDjNf7hFvpICr5Igy3r0DtP+vM7+OevNL3idhqDR
63PVwbFFkxphPWSYKCg/VOEsLJoIjsqVkYG51b7x8Nm2ZDA2gnjFAgm7QTrxU7Cg
VH3n3eZJHnwo3qp4tDje3PtLFUm7vCfSkMwkwwfGALJjzfbOpvDICaqZKj3TGlCF
oPeFu9fTJEZRAPqlEjgeRGn5Px7vDFvUj/spRAA/h7YNvz1qK4HAUAOosyKw0uIv
GbOUR1k2kO4BzeXTgJMo9b0a5qbMXnmQ9OynBze8+AC8V2qI6IMlDvvGyIrQNRMH
55RdBGJBlsbLlg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:58 2025 by rpki-client