Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier: +gdGvOql2XxZGQ8vrZ+9knGvw1MAEsiRIqyMVHS///U=
Subject key identifier: CC:16:95:7F:F5:A2:14:31:5B:A5:0F:FC:52:D3:E5:B4:42:F5:2A:DC
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer: /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial: 019A72935C4F9E6A6EC66B54F7E175180D44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number: 1021
Signing time: Tue 11 Nov 2025 11:00:51 +0000
Manifest this update: Tue 11 Nov 2025 11:00:51 +0000
Manifest next update: Wed 12 Nov 2025 11:00:51 +0000
Files and hashes: 1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: E3jMtHMfYYorzFKfE8CHlrpfERvVJ9f5N5z7l26/zwA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:5c:4f:9e:6a:6e:c6:6b:54:f7:e1:75:18:0d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Validity
Not Before: Nov 11 11:00:51 2025 GMT
Not After : Nov 12 11:00:51 2025 GMT
Subject: CN=cc16957ff5a214315ba50ffc52d3e5b442f52adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:50:a0:1f:a2:0a:c0:3e:d6:85:83:04:e2:ab:
30:8c:4b:22:2b:5e:e5:57:29:10:c9:55:11:2d:b6:
87:f3:e2:6b:58:aa:13:7b:fc:e9:2a:b7:ee:66:8b:
32:ce:2e:ff:af:bb:00:6e:1e:b5:63:0c:bd:80:0f:
c7:dc:79:16:62:ea:94:76:e9:3f:fd:48:cd:6f:7e:
f2:ec:df:d8:dd:cf:2b:8c:eb:7a:70:3e:50:48:fe:
c4:de:6c:0d:a0:70:f3:ed:d0:5c:ea:06:aa:07:a8:
c7:42:5c:9c:18:45:6b:41:27:48:bc:37:36:6c:d8:
82:4e:86:81:94:20:7f:ee:ba:88:71:3a:41:f4:0f:
96:67:d6:8f:9a:58:17:c6:b2:e0:eb:4e:79:1d:37:
14:7d:35:3b:0e:56:c3:b5:89:44:2f:bc:bb:e7:8b:
89:ab:d2:8f:75:46:b1:04:84:b2:7e:ce:25:ed:56:
60:93:cc:16:42:1e:14:62:45:f1:58:a6:ce:03:32:
81:cf:6b:f6:c9:69:b4:13:ce:bc:7b:08:0f:d3:87:
32:6c:cb:8c:cd:f1:d6:8c:00:a4:96:e4:d3:f3:79:
b8:78:be:46:8e:32:1d:b6:c5:10:10:e1:a9:cf:98:
a8:fe:fe:57:75:8e:8d:5b:90:4a:75:21:a6:51:23:
13:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:16:95:7F:F5:A2:14:31:5B:A5:0F:FC:52:D3:E5:B4:42:F5:2A:DC
X509v3 Authority Key Identifier:
keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:b7:ab:25:77:de:28:dc:fe:3f:18:85:be:88:05:6d:24:58:
01:fb:5b:9b:36:29:f3:3f:31:4b:41:08:5e:b2:f4:f8:d6:d4:
0c:82:2c:f0:3e:1c:14:5a:ef:75:c9:1c:f1:60:94:d0:7d:89:
e3:44:80:59:00:a1:46:04:04:cf:8c:84:1c:b7:58:9c:8a:fa:
ae:6b:af:98:eb:0a:b8:43:36:d8:6a:ce:b8:ba:91:82:7e:14:
99:02:2a:79:ad:31:77:47:d7:6f:c1:17:b0:24:d5:6e:86:08:
b5:6f:99:ca:17:6d:6e:08:8a:c0:4c:f3:a4:7d:a4:40:d0:5c:
15:83:f4:cd:98:f0:71:00:9d:0e:dd:4d:b5:b4:7e:6f:e8:04:
9a:a6:9a:34:3e:4d:4f:8e:c6:5d:3f:21:bf:2a:71:ed:28:87:
d1:04:23:df:d5:58:97:68:e0:ec:59:57:b6:8d:12:1f:6d:c4:
10:d5:e0:6f:af:30:26:6b:1d:68:d5:71:ef:f3:d6:84:e1:79:
24:b8:cb:64:f9:b8:9d:3e:c1:6e:34:c1:21:08:5a:e8:ef:c8:
4e:0c:6b:27:ad:11:0c:b2:4a:82:b9:39:c7:36:4b:f6:65:87:
f0:62:42:ae:4f:ac:d1:3f:1a:34:33:27:d6:b8:31:2e:e6:35:
3a:9a:83:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk1xPnmpuxmtU9+F1GA1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUxMTExMTEwMDUxWhcNMjUxMTEyMTEwMDUxWjAzMTEwLwYDVQQD
EyhjYzE2OTU3ZmY1YTIxNDMxNWJhNTBmZmM1MmQzZTViNDQyZjUyYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1CgH6IKwD7WhYME4qswjEsiK17l
VykQyVURLbaH8+JrWKoTe/zpKrfuZosyzi7/r7sAbh61Ywy9gA/H3HkWYuqUduk/
/UjNb37y7N/Y3c8rjOt6cD5QSP7E3mwNoHDz7dBc6gaqB6jHQlycGEVrQSdIvDc2
bNiCToaBlCB/7rqIcTpB9A+WZ9aPmlgXxrLg6055HTcUfTU7DlbDtYlEL7y754uJ
q9KPdUaxBISyfs4l7VZgk8wWQh4UYkXxWKbOAzKBz2v2yWm0E868ewgP04cybMuM
zfHWjACkluTT83m4eL5GjjIdtsUQEOGpz5io/v5XdY6NW5BKdSGmUSMTcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwWlX/1ohQxW6UP/FLT5bRC9SrcMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALberJXfe
KNz+PxiFvogFbSRYAftbmzYp8z8xS0EIXrL0+NbUDIIs8D4cFFrvdckc8WCU0H2J
40SAWQChRgQEz4yEHLdYnIr6rmuvmOsKuEM22GrOuLqRgn4UmQIqea0xd0fXb8EX
sCTVboYItW+ZyhdtbgiKwEzzpH2kQNBcFYP0zZjwcQCdDt1NtbR+b+gEmqaaND5N
T47GXT8hvypx7SiH0QQj39VYl2jg7FlXto0SH23EENXgb68wJmsdaNVx7/PWhOF5
JLjLZPm4nT7BbjTBIQha6O/ITgxrJ60RDLJKgrk5xzZL9mWH8GJCrk+s0T8aNDMn
1rgxLuY1OpqDTw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:17:00 2025 by rpki-client