Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
File: 3dya0lC4XNOZSUZbZoGy8d8U1qM.mft (raw, json)
Hash identifier: 819ZXg1uDU4fXXTvpvWp2vAoTlwE2KH1Wy5VTm26qxs=
Subject key identifier: 64:A2:CB:33:5B:6C:FC:85:B9:A9:AE:9F:0C:96:A1:CF:F4:0F:80:22
Authority key identifier: DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3
Certificate issuer: /CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3
Certificate serial: 019A706DFCBD3F9C4AC364FB75C2566AD6B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
Manifest number: 0604
Signing time: Tue 11 Nov 2025 01:00:47 +0000
Manifest this update: Tue 11 Nov 2025 01:00:47 +0000
Manifest next update: Wed 12 Nov 2025 01:00:47 +0000
Files and hashes: 1: 3dya0lC4XNOZSUZbZoGy8d8U1qM.crl (hash: 9o3lVMGkRPQelYToa1MU/4Nb2m5gQ/8hiQ7jBi8UdYE=)
2: dA9DZPAABtlejc0G0adjQxYBv5c.roa (hash: 3UVeFl3N3ODI+QVLphkmL5y9dyL4Gw+YagDr/4SW4gs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6d:fc:bd:3f:9c:4a:c3:64:fb:75:c2:56:6a:d6:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3
Validity
Not Before: Nov 11 01:00:47 2025 GMT
Not After : Nov 12 01:00:47 2025 GMT
Subject: CN=64a2cb335b6cfc85b9a9ae9f0c96a1cff40f8022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4d:17:c5:f9:09:37:8e:54:82:c8:0b:11:86:
1b:17:9a:bb:30:b6:af:78:f1:0f:70:c1:d5:53:18:
a3:74:ac:e0:14:bb:b3:ef:00:29:9b:13:0e:cb:f1:
dc:cb:62:03:a9:9d:01:24:50:10:1d:32:72:2d:81:
02:15:df:69:3b:50:df:ef:1b:ed:08:0b:bf:88:18:
74:fc:09:f4:b0:60:f3:ef:ca:da:fb:b9:1a:6e:2b:
19:4e:5d:0f:f4:f6:76:d7:d0:3d:54:1c:31:04:47:
91:51:91:69:6c:e7:b3:2e:af:c0:de:28:23:e1:0a:
e8:07:7c:80:94:df:b9:7f:bc:61:cb:74:99:6c:eb:
0d:4c:91:cc:77:25:26:ed:46:d9:05:eb:d8:21:0a:
d2:73:2e:fa:17:ae:41:cb:73:4f:10:25:c1:d8:69:
6d:09:6e:95:b6:52:c5:8e:6d:47:13:fe:0a:62:74:
11:53:05:6b:c0:96:52:67:b8:68:45:5c:43:48:45:
ef:c7:c7:49:a1:06:d5:2d:eb:5b:5d:2f:7e:a4:37:
d9:fd:99:a9:43:d3:b3:f2:04:c3:ab:3e:99:61:20:
fa:77:58:0f:97:66:df:29:ab:82:7e:a4:31:e4:03:
4a:da:44:64:f5:7c:1e:34:ea:61:db:51:77:42:be:
0e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A2:CB:33:5B:6C:FC:85:B9:A9:AE:9F:0C:96:A1:CF:F4:0F:80:22
X509v3 Authority Key Identifier:
keyid:DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:84:b8:99:11:d3:de:34:41:9d:81:db:83:d7:c2:1b:3b:fe:
ac:5e:4a:99:29:4f:33:a5:c7:25:db:8e:ee:f5:e7:60:5b:99:
51:0e:a2:31:74:af:0f:d6:f1:67:a3:ee:22:e7:11:86:9b:b8:
10:ef:99:11:32:23:47:0c:6b:cb:a3:02:84:f8:0d:f4:d0:2c:
66:73:32:93:38:c3:46:10:02:9c:4d:04:f8:91:0e:0d:20:b8:
8d:b8:ee:dd:ce:3b:16:fc:b8:31:b3:19:32:aa:30:73:07:ca:
d6:f9:8d:f3:6a:c1:91:ad:cc:c0:6c:6b:58:12:b9:b6:2b:c0:
6b:e4:d1:5b:d4:e9:cf:a4:2e:b0:bd:ea:9d:98:8f:21:fb:e1:
fe:a9:40:aa:f7:fa:83:37:fe:c6:29:f4:94:a5:9f:f3:3a:da:
ce:77:b8:54:80:87:ad:10:d9:b1:5c:90:42:a2:e2:0b:63:58:
e3:9f:d5:50:eb:ff:87:a2:b2:d2:01:e4:38:33:90:91:fa:98:
7b:46:31:11:d2:df:0f:50:49:70:12:0f:15:0a:9b:d2:36:91:
06:ad:72:92:a5:11:db:a7:05:53:2d:a4:b8:a5:cf:87:ea:68:
09:af:40:b0:53:50:00:1e:88:a1:d9:a7:3d:69:f3:96:0d:55:
a3:76:74:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbfy9P5xKw2T7dcJWata1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZGM5YWQyNTBiODVjZDM5OTQ5NDY1YjY2ODFiMmYxZGYx
NGQ2YTMwHhcNMjUxMTExMDEwMDQ3WhcNMjUxMTEyMDEwMDQ3WjAzMTEwLwYDVQQD
Eyg2NGEyY2IzMzViNmNmYzg1YjlhOWFlOWYwYzk2YTFjZmY0MGY4MDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA100XxfkJN45UgsgLEYYbF5q7MLav
ePEPcMHVUxijdKzgFLuz7wApmxMOy/Hcy2IDqZ0BJFAQHTJyLYECFd9pO1Df7xvt
CAu/iBh0/An0sGDz78ra+7kabisZTl0P9PZ219A9VBwxBEeRUZFpbOezLq/A3igj
4QroB3yAlN+5f7xhy3SZbOsNTJHMdyUm7UbZBevYIQrScy76F65By3NPECXB2Glt
CW6VtlLFjm1HE/4KYnQRUwVrwJZSZ7hoRVxDSEXvx8dJoQbVLetbXS9+pDfZ/Zmp
Q9Oz8gTDqz6ZYSD6d1gPl2bfKauCfqQx5ANK2kRk9XweNOph21F3Qr4OjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSiyzNbbPyFuamunwyWoc/0D4AiMB8GA1UdIwQY
MBaAFN3cmtJQuFzTmUlGW2aBsvHfFNajMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTct
MGQ0MzE4Y2E4YzU1LzEvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTctMGQ0MzE4Y2E4YzU1
LzEvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4S4mRHT
3jRBnYHbg9fCGzv+rF5KmSlPM6XHJduO7vXnYFuZUQ6iMXSvD9bxZ6PuIucRhpu4
EO+ZETIjRwxry6MChPgN9NAsZnMykzjDRhACnE0E+JEODSC4jbju3c47Fvy4MbMZ
MqowcwfK1vmN82rBka3MwGxrWBK5tivAa+TRW9Tpz6QusL3qnZiPIfvh/qlAqvf6
gzf+xin0lKWf8zrazne4VICHrRDZsVyQQqLiC2NY45/VUOv/h6Ky0gHkODOQkfqY
e0YxEdLfD1BJcBIPFQqb0jaRBq1ykqUR26cFUy2kuKXPh+poCa9AsFNQAB6Iodmn
PWnzlg1Vo3Z0qg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:20 2025 by rpki-client