Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/868a9c-fe25-4b59-a329-18401da43563/1/a3sSBFsa8JrPlmLuNbos1-HIW60.mft
File: a3sSBFsa8JrPlmLuNbos1-HIW60.mft (raw, json)
Hash identifier: 6hFKY/+Wvjp+14160kjf7/kfmVGT9MiE6evXBT6pYfE=
Subject key identifier: E1:65:C4:F6:24:7C:C8:C9:D5:EF:64:32:10:81:69:59:AE:C2:44:8D
Authority key identifier: 6B:7B:12:04:5B:1A:F0:9A:CF:96:62:EE:35:BA:2C:D7:E1:C8:5B:AD
Certificate issuer: /CN=6b7b12045b1af09acf9662ee35ba2cd7e1c85bad
Certificate serial: 019A3F13AFD49D82BCD29BACB5418CCBA009
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a3sSBFsa8JrPlmLuNbos1-HIW60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/868a9c-fe25-4b59-a329-18401da43563/1/a3sSBFsa8JrPlmLuNbos1-HIW60.mft
Manifest number: 06B0
Signing time: Sat 01 Nov 2025 11:00:46 +0000
Manifest this update: Sat 01 Nov 2025 11:00:46 +0000
Manifest next update: Sun 02 Nov 2025 11:00:46 +0000
Files and hashes: 1: 6rvpyTq3GpToeI0SORQBn8auSqk.roa (hash: It3me0g3R8Ie8D4qrGq2UTC1Pz9Blt9bU50UXq7GwOE=)
2: a3sSBFsa8JrPlmLuNbos1-HIW60.crl (hash: b3SGyCpgKdRFVleOw3xxrSkHaIU1uBN9KHQIUuIGKMY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/868a9c-fe25-4b59-a329-18401da43563/1/a3sSBFsa8JrPlmLuNbos1-HIW60.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/868a9c-fe25-4b59-a329-18401da43563/1/a3sSBFsa8JrPlmLuNbos1-HIW60.mft
rsync://rpki.ripe.net/repository/DEFAULT/a3sSBFsa8JrPlmLuNbos1-HIW60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 11:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:13:af:d4:9d:82:bc:d2:9b:ac:b5:41:8c:cb:a0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b7b12045b1af09acf9662ee35ba2cd7e1c85bad
Validity
Not Before: Nov 1 11:00:46 2025 GMT
Not After : Nov 2 11:00:46 2025 GMT
Subject: CN=e165c4f6247cc8c9d5ef643210816959aec2448d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3e:b2:56:ba:76:20:21:64:b0:6e:b2:4c:6e:
1d:4a:78:74:99:87:c2:87:b6:ed:6f:c2:dd:8c:dc:
bf:ae:bb:77:41:01:73:28:46:59:3e:50:41:db:e6:
29:d8:ad:78:1b:a4:bd:e5:36:c7:2c:67:2f:a9:94:
8a:9a:65:8d:61:57:b2:b8:7a:62:ca:32:37:45:4e:
28:8e:a4:11:74:1d:df:2a:39:e5:e9:5b:15:85:24:
f6:89:e9:0d:fe:b8:10:26:66:90:1c:41:91:fd:b5:
b0:7a:67:93:52:b9:f6:cd:37:83:4a:e6:ec:66:07:
c1:bb:01:62:95:3e:1d:08:2a:6e:f9:4c:f2:d8:d2:
25:01:85:84:ef:f7:b5:f0:b4:ba:71:ba:1a:d8:11:
63:c3:51:e1:1d:85:e0:5b:b3:64:59:2e:7f:56:be:
6b:e7:bd:ca:ee:87:2e:44:35:ac:e4:13:57:d9:c5:
5c:38:af:e2:53:32:d0:6e:ec:67:ea:5b:ca:6c:b6:
22:bc:a7:19:0d:28:27:f0:45:9e:7a:04:48:15:be:
af:fb:cb:8c:6f:55:d0:f1:98:1a:cc:af:fe:7d:e4:
32:e2:ab:13:f8:60:33:2d:50:04:8d:96:13:11:ac:
d2:c2:8e:9a:b9:ca:57:fa:7e:31:50:a0:40:05:c5:
31:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:65:C4:F6:24:7C:C8:C9:D5:EF:64:32:10:81:69:59:AE:C2:44:8D
X509v3 Authority Key Identifier:
keyid:6B:7B:12:04:5B:1A:F0:9A:CF:96:62:EE:35:BA:2C:D7:E1:C8:5B:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3sSBFsa8JrPlmLuNbos1-HIW60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/868a9c-fe25-4b59-a329-18401da43563/1/a3sSBFsa8JrPlmLuNbos1-HIW60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/868a9c-fe25-4b59-a329-18401da43563/1/a3sSBFsa8JrPlmLuNbos1-HIW60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:a7:bf:36:0a:f5:3b:26:72:94:99:d5:06:3e:d9:1e:20:85:
0d:17:4a:e9:28:8b:07:0e:7c:b1:03:49:ce:c7:ed:77:a7:62:
f8:2a:f0:88:69:6d:b7:1c:54:a5:97:f9:85:ac:05:c1:cb:3b:
54:fa:a6:0e:b5:d8:61:e8:90:41:68:70:1f:d7:50:e6:98:eb:
81:4e:43:f0:b3:f3:85:bb:88:9d:42:5b:07:35:93:4d:2e:44:
0c:93:9e:0c:8f:82:9f:b7:02:d8:cd:12:ec:67:28:a2:b7:7c:
66:eb:34:6e:88:38:05:2d:59:3d:8d:ee:42:6d:e7:e3:af:83:
f3:ff:df:2e:53:ee:9b:57:1c:05:57:0c:ae:8c:05:1f:86:54:
a1:a5:e5:9a:4e:b2:16:7a:aa:1c:27:87:4e:d1:df:32:dc:ef:
01:d5:7e:cf:6d:31:84:7a:90:18:ee:ea:ca:5a:bc:5b:1b:1d:
32:0e:05:56:20:0b:6c:04:0f:fa:d0:42:03:da:64:56:b9:51:
b2:fa:3a:f7:12:a1:eb:26:69:87:7e:b1:dc:0a:06:1c:95:af:
03:42:39:27:de:78:70:72:ab:0a:29:8f:5d:fa:15:bd:ff:19:
d7:a7:04:7e:27:55:30:f6:a7:e3:31:c5:7f:f2:e9:13:8c:0e:
0e:d5:15:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZo/E6/UnYK80pustUGMy6AJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2IxMjA0NWIxYWYwOWFjZjk2NjJlZTM1YmEyY2Q3ZTFj
ODViYWQwHhcNMjUxMTAxMTEwMDQ2WhcNMjUxMTAyMTEwMDQ2WjAzMTEwLwYDVQQD
EyhlMTY1YzRmNjI0N2NjOGM5ZDVlZjY0MzIxMDgxNjk1OWFlYzI0NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7j6yVrp2ICFksG6yTG4dSnh0mYfC
h7btb8LdjNy/rrt3QQFzKEZZPlBB2+Yp2K14G6S95TbHLGcvqZSKmmWNYVeyuHpi
yjI3RU4ojqQRdB3fKjnl6VsVhST2iekN/rgQJmaQHEGR/bWwemeTUrn2zTeDSubs
ZgfBuwFilT4dCCpu+Uzy2NIlAYWE7/e18LS6cboa2BFjw1HhHYXgW7NkWS5/Vr5r
573K7ocuRDWs5BNX2cVcOK/iUzLQbuxn6lvKbLYivKcZDSgn8EWeegRIFb6v+8uM
b1XQ8ZgazK/+feQy4qsT+GAzLVAEjZYTEazSwo6aucpX+n4xUKBABcUxnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFlxPYkfMjJ1e9kMhCBaVmuwkSNMB8GA1UdIwQY
MBaAFGt7EgRbGvCaz5Zi7jW6LNfhyFutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTNzU0JGc2E4SnJQbG1MdU5ib3MxLUhJVzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84NjhhOWMtZmUyNS00YjU5LWEzMjkt
MTg0MDFkYTQzNTYzLzEvYTNzU0JGc2E4SnJQbG1MdU5ib3MxLUhJVzYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84NjhhOWMtZmUyNS00YjU5LWEzMjktMTg0MDFkYTQzNTYz
LzEvYTNzU0JGc2E4SnJQbG1MdU5ib3MxLUhJVzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARae/Ngr1
OyZylJnVBj7ZHiCFDRdK6SiLBw58sQNJzsftd6di+CrwiGlttxxUpZf5hawFwcs7
VPqmDrXYYeiQQWhwH9dQ5pjrgU5D8LPzhbuInUJbBzWTTS5EDJOeDI+Cn7cC2M0S
7Gcoord8Zus0bog4BS1ZPY3uQm3n46+D8//fLlPum1ccBVcMrowFH4ZUoaXlmk6y
FnqqHCeHTtHfMtzvAdV+z20xhHqQGO7qylq8WxsdMg4FViALbAQP+tBCA9pkVrlR
svo69xKh6yZph36x3AoGHJWvA0I5J954cHKrCimPXfoVvf8Z16cEfidVMPan4zHF
f/LpE4wODtUV5Q==
-----END CERTIFICATE-----
Generated at Sat Nov 1 14:06:33 2025 by rpki-client