Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
File: MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json)
Hash identifier: /leV79vqAzCoKO8nkL4WBQxxGkIkOxCqIK99J+TWWqA=
Subject key identifier: DE:D9:A9:F4:91:96:43:10:FF:70:4B:E0:F4:09:CE:3C:0F:36:05:56
Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
Certificate issuer: /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Certificate serial: 019A70DC1E94CDAC26E4E3199D5810D79344
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
Manifest number: 0252
Signing time: Tue 11 Nov 2025 03:01:05 +0000
Manifest this update: Tue 11 Nov 2025 03:01:05 +0000
Manifest next update: Wed 12 Nov 2025 03:01:05 +0000
Files and hashes: 1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: FOeQhlIwa1KjQtrn+99y+uPwMfvcKbkc6BFrdFlZWAc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:1e:94:cd:ac:26:e4:e3:19:9d:58:10:d7:93:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173
Validity
Not Before: Nov 11 03:01:05 2025 GMT
Not After : Nov 12 03:01:05 2025 GMT
Subject: CN=ded9a9f491964310ff704be0f409ce3c0f360556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2e:48:21:7e:c4:3e:a6:ca:e7:a5:c4:29:b5:
8c:9e:3f:8c:39:a4:53:24:b8:a2:35:b2:e9:76:aa:
0b:25:f7:2f:e6:74:88:6f:a9:36:e7:91:f6:5a:6c:
e4:91:e9:be:83:ab:2b:d0:6b:2c:79:ab:34:c5:d4:
c4:3f:36:81:a4:54:38:f4:30:4a:d4:26:46:18:e1:
f8:6f:4e:76:00:ad:de:24:fb:19:1a:ed:66:b3:19:
8a:cb:9b:53:bb:99:1d:52:e1:1e:c0:a7:69:5a:72:
1a:c1:f6:5b:de:5e:95:21:e7:c7:a4:83:d4:ed:ef:
d9:f3:ce:70:72:40:9b:88:2a:83:bf:9a:05:30:82:
72:77:f4:af:26:92:c9:b3:53:4c:3f:c7:47:45:5e:
40:1e:2f:cc:8d:db:18:9b:02:a4:95:74:87:21:2d:
88:7b:c8:25:ac:b6:b3:96:79:ca:68:8c:a6:cc:88:
c7:54:3b:d1:c9:f7:50:87:17:97:f4:53:c9:d6:1e:
a5:6e:fa:b8:ea:ea:ac:2b:95:9a:95:36:00:2d:53:
62:81:3c:11:99:62:8b:32:f3:27:26:9a:fa:fa:40:
4c:48:fb:f5:f1:ec:52:ab:66:05:25:a0:40:10:f9:
5c:53:84:5d:cd:87:76:99:51:a7:68:90:c9:72:3a:
49:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D9:A9:F4:91:96:43:10:FF:70:4B:E0:F4:09:CE:3C:0F:36:05:56
X509v3 Authority Key Identifier:
keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:75:d3:47:0b:0d:f8:af:4b:c4:16:a0:0d:5a:ad:a2:72:59:
b9:a1:b2:e2:d8:7a:c0:20:22:0a:3d:16:52:ca:fd:f4:3f:2b:
ca:bc:aa:18:b8:ca:cd:8b:d7:7e:42:9d:59:c6:ae:27:da:a6:
62:58:d2:50:06:5b:8b:40:0b:ac:0a:3d:04:f4:68:f8:0d:0d:
52:d8:88:63:63:fc:85:43:f0:d8:5b:1e:c0:de:f8:ab:28:06:
94:05:5b:a3:56:fd:6e:43:59:8b:27:ac:15:26:8c:05:3a:c1:
6e:fa:59:17:f3:50:6b:f4:72:89:01:56:6d:ed:fe:b2:9b:f3:
f1:c9:85:f9:18:f9:79:e4:95:7b:87:60:e7:96:2e:f3:07:02:
5b:39:0d:ca:05:5d:5b:55:99:de:72:67:28:75:05:9f:c6:44:
03:19:2b:3e:d1:0a:bc:a5:ba:b4:76:25:75:b3:c7:37:77:ab:
4f:04:49:f9:eb:ed:90:72:e9:d4:06:d9:8f:8b:14:da:d2:53:
80:6f:ea:24:2c:62:96:68:81:e1:6e:b6:50:63:16:9e:46:be:
11:70:73:db:76:28:01:07:db:c7:11:f9:77:98:e6:7f:7b:9c:
31:07:28:68:ea:a5:09:e5:58:3a:11:93:7b:60:04:c9:c8:db:
b9:8a:bd:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3B6Uzawm5OMZnVgQ15NEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk
MmQxNzMwHhcNMjUxMTExMDMwMTA1WhcNMjUxMTEyMDMwMTA1WjAzMTEwLwYDVQQD
EyhkZWQ5YTlmNDkxOTY0MzEwZmY3MDRiZTBmNDA5Y2UzYzBmMzYwNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy5IIX7EPqbK56XEKbWMnj+MOaRT
JLiiNbLpdqoLJfcv5nSIb6k255H2Wmzkkem+g6sr0Gsseas0xdTEPzaBpFQ49DBK
1CZGGOH4b052AK3eJPsZGu1msxmKy5tTu5kdUuEewKdpWnIawfZb3l6VIefHpIPU
7e/Z885wckCbiCqDv5oFMIJyd/SvJpLJs1NMP8dHRV5AHi/MjdsYmwKklXSHIS2I
e8glrLazlnnKaIymzIjHVDvRyfdQhxeX9FPJ1h6lbvq46uqsK5WalTYALVNigTwR
mWKLMvMnJpr6+kBMSPv18exSq2YFJaBAEPlcU4RdzYd2mVGnaJDJcjpJHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7ZqfSRlkMQ/3BL4PQJzjwPNgVWMB8GA1UdIwQY
MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut
MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2
LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALXXTRwsN
+K9LxBagDVqtonJZuaGy4th6wCAiCj0WUsr99D8ryryqGLjKzYvXfkKdWcauJ9qm
YljSUAZbi0ALrAo9BPRo+A0NUtiIY2P8hUPw2FsewN74qygGlAVbo1b9bkNZiyes
FSaMBTrBbvpZF/NQa/RyiQFWbe3+spvz8cmF+Rj5eeSVe4dg55Yu8wcCWzkNygVd
W1WZ3nJnKHUFn8ZEAxkrPtEKvKW6tHYldbPHN3erTwRJ+evtkHLp1AbZj4sU2tJT
gG/qJCxilmiB4W62UGMWnka+EXBz23YoAQfbxxH5d5jmf3ucMQcoaOqlCeVYOhGT
e2AEycjbuYq93A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:44:26 2025 by rpki-client