Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File: 3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier: VK8IJ+/cz8DvHmjCC+dN4URgf9lGae+nuVa1OjZrIKQ=
Subject key identifier: 39:6F:33:CA:B4:4D:FA:11:CA:EF:7D:86:A0:89:08:1B:5C:98:E5:2F
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer: /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial: 019923A0562CBD5D85D74531C54E85BAAD93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number: 01B5
Signing time: Sun 07 Sep 2025 10:02:14 +0000
Manifest this update: Sun 07 Sep 2025 10:02:14 +0000
Manifest next update: Mon 08 Sep 2025 10:02:14 +0000
Files and hashes: 1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: kfPapHfbfGwurqUafXXiI+VP4hdZUosmwAnqmbnccqs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:56:2c:bd:5d:85:d7:45:31:c5:4e:85:ba:ad:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Validity
Not Before: Sep 7 10:02:14 2025 GMT
Not After : Sep 8 10:02:14 2025 GMT
Subject: CN=396f33cab44dfa11caef7d86a089081b5c98e52f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:11:e1:10:19:48:7b:5d:97:69:3c:e9:89:1a:
08:40:da:e5:44:a9:c2:83:ac:5d:cb:cd:75:07:d9:
49:5b:b8:23:05:1f:ad:23:32:4c:91:49:34:ff:50:
ad:32:54:92:8f:c1:dd:36:2a:b1:68:52:2d:5f:04:
99:82:ef:b4:14:26:22:ec:2a:05:82:b1:f3:97:f6:
64:89:88:8e:aa:88:b5:a4:cc:28:35:ff:cd:3c:0d:
08:8f:76:8a:39:a3:81:0a:7e:da:15:7e:9a:69:b8:
69:80:2f:56:92:85:66:ac:4c:9b:b1:0c:c1:65:45:
dc:d1:a2:3a:13:28:61:df:b4:9f:7b:45:3f:58:a1:
99:40:67:df:4d:c5:dc:16:a8:91:aa:ab:90:6c:9d:
cf:0f:6a:e7:ae:58:a3:3e:b7:1d:0c:80:20:7a:c4:
95:6a:c0:a8:c8:38:99:d2:71:86:de:50:02:ac:de:
34:0b:de:5c:90:ad:8a:a5:9e:55:86:8c:94:d8:5b:
16:9b:aa:7f:54:bc:20:32:55:8f:e2:a9:fd:72:66:
0b:c3:92:8c:f3:05:47:4a:6c:87:3a:01:12:58:b1:
3f:ea:88:2f:08:d3:5e:7a:c4:30:0f:ee:c8:0f:6c:
e4:11:69:3b:c2:1f:1f:1e:a1:93:a7:c6:61:6d:16:
17:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6F:33:CA:B4:4D:FA:11:CA:EF:7D:86:A0:89:08:1B:5C:98:E5:2F
X509v3 Authority Key Identifier:
keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:0f:55:66:16:fc:71:f3:00:75:a6:61:c2:bb:30:f4:b8:46:
be:5f:5e:32:11:5a:6b:6f:3c:bd:07:7d:6c:7a:cf:f8:9b:e8:
89:97:a6:69:3c:8d:a3:59:08:11:6a:86:39:14:13:9e:1f:59:
14:bc:2d:15:61:a7:92:e1:74:f6:04:eb:15:29:53:01:26:74:
8e:da:a1:fb:34:ba:f3:27:3c:37:16:f0:84:9f:ae:3e:39:a8:
f0:bf:d2:fc:12:28:a4:f4:9a:4b:87:3f:24:69:a2:db:4a:51:
d7:92:4b:d4:cb:41:6d:c5:ea:7c:91:3b:c5:f8:5a:88:14:10:
a4:58:c0:b4:e0:52:0a:e7:4d:33:a9:22:1c:eb:a2:13:10:e4:
20:67:32:28:52:18:bc:58:16:e5:59:c4:2a:93:b9:c9:e0:98:
80:dc:41:7d:74:c0:cf:a1:6f:c6:02:6b:24:e2:54:f4:96:88:
23:36:fc:ff:13:79:e2:2f:61:5d:1d:53:5d:0d:83:3a:a5:15:
5d:a4:a7:f5:a3:27:f5:3b:bf:9e:39:4c:41:79:31:46:7b:94:
6c:a5:d7:26:43:09:f5:ed:9d:58:d9:d9:c0:d6:aa:f9:fe:45:
28:fd:41:a2:93:5c:d3:29:fa:02:cd:6a:d0:9c:ee:5c:76:5d:
9c:3e:6a:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoFYsvV2F10UxxU6Fuq2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjUwOTA3MTAwMjE0WhcNMjUwOTA4MTAwMjE0WjAzMTEwLwYDVQQD
EygzOTZmMzNjYWI0NGRmYTExY2FlZjdkODZhMDg5MDgxYjVjOThlNTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphHhEBlIe12XaTzpiRoIQNrlRKnC
g6xdy811B9lJW7gjBR+tIzJMkUk0/1CtMlSSj8HdNiqxaFItXwSZgu+0FCYi7CoF
grHzl/ZkiYiOqoi1pMwoNf/NPA0Ij3aKOaOBCn7aFX6aabhpgC9WkoVmrEybsQzB
ZUXc0aI6Eyhh37Sfe0U/WKGZQGffTcXcFqiRqquQbJ3PD2rnrlijPrcdDIAgesSV
asCoyDiZ0nGG3lACrN40C95ckK2KpZ5VhoyU2FsWm6p/VLwgMlWP4qn9cmYLw5KM
8wVHSmyHOgESWLE/6ogvCNNeesQwD+7ID2zkEWk7wh8fHqGTp8ZhbRYXswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlvM8q0TfoRyu99hqCJCBtcmOUvMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeg9VZhb8
cfMAdaZhwrsw9LhGvl9eMhFaa288vQd9bHrP+JvoiZemaTyNo1kIEWqGORQTnh9Z
FLwtFWGnkuF09gTrFSlTASZ0jtqh+zS68yc8NxbwhJ+uPjmo8L/S/BIopPSaS4c/
JGmi20pR15JL1MtBbcXqfJE7xfhaiBQQpFjAtOBSCudNM6kiHOuiExDkIGcyKFIY
vFgW5VnEKpO5yeCYgNxBfXTAz6FvxgJrJOJU9JaIIzb8/xN54i9hXR1TXQ2DOqUV
XaSn9aMn9Tu/njlMQXkxRnuUbKXXJkMJ9e2dWNnZwNaq+f5FKP1BopNc0yn6As1q
0JzuXHZdnD5qpw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:21:53 2025 by rpki-client