Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
File: 3PhcNsaW1dssu0j9Q-ghc37jQic.mft (raw, json)
Hash identifier: /FmXNIwcZZ9TMv9Lrc44DrcpI+74rz3o1ZZWhiq1RQs=
Subject key identifier: 85:E4:61:D4:A0:EC:4F:B1:A3:CC:DB:D5:32:7C:45:68:21:C9:6F:E9
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial: 019A1FF6102C62F827C8B845B4FEF520B847
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
Manifest number: 112F
Signing time: Sun 26 Oct 2025 10:00:10 +0000
Manifest this update: Sun 26 Oct 2025 10:00:10 +0000
Manifest next update: Mon 27 Oct 2025 10:00:10 +0000
Files and hashes: 1: 3PhcNsaW1dssu0j9Q-ghc37jQic.crl (hash: GMmUT7KCmkdigz+BUDQEFvX0UNAAStZQie8HB3lPlws=)
2: AuGSVrNkGgUtthLzU1YbunCRJmA.roa (hash: N+p3SVnY5s1RjPh5Td733eJn6W460syQCiw/MVZ+pqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 03:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1f:f6:10:2c:62:f8:27:c8:b8:45:b4:fe:f5:20:b8:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Validity
Not Before: Oct 26 10:00:10 2025 GMT
Not After : Oct 27 10:00:10 2025 GMT
Subject: CN=85e461d4a0ec4fb1a3ccdbd5327c456821c96fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8e:3b:ce:ef:f6:e2:5a:aa:a1:71:58:6c:6f:
09:5f:d2:b7:ea:c8:29:19:81:0b:e9:b8:01:79:96:
1f:2c:66:7e:91:54:ff:1c:06:68:94:bf:76:2e:4d:
a1:f3:7f:98:b0:f0:c4:37:e4:85:db:0c:26:c8:3a:
ba:62:80:93:a5:1b:13:2d:c0:05:8d:b6:ed:ce:94:
31:cd:22:5d:81:d0:46:be:ea:12:13:6f:81:36:f1:
74:17:aa:98:41:f1:ba:bc:cf:0d:42:01:14:d5:aa:
d9:db:28:46:b9:bb:27:69:e7:c2:72:9a:bd:c5:09:
ae:10:9d:18:f3:d2:f4:40:cd:2c:88:47:7e:1e:a8:
a7:e5:20:5c:6a:59:97:f6:91:8e:c5:1e:04:d6:df:
56:3e:90:c2:7a:a2:c4:be:af:bf:d7:3a:7a:b8:b9:
12:84:d2:9c:c4:2a:20:30:31:5f:2e:5b:ba:84:d5:
b6:41:ea:ae:73:37:2f:71:bf:57:b2:2b:6c:40:52:
e6:f3:12:fc:95:ee:91:15:6d:32:53:fe:c1:3a:81:
2c:55:45:8a:90:48:71:11:88:b9:a2:f9:f4:4d:70:
9d:c7:60:a8:28:79:f5:ca:be:98:3d:90:42:78:5d:
91:f8:df:3d:16:b4:7d:f2:70:58:12:24:da:25:da:
57:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E4:61:D4:A0:EC:4F:B1:A3:CC:DB:D5:32:7C:45:68:21:C9:6F:E9
X509v3 Authority Key Identifier:
keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:f6:a1:3e:f7:5c:91:f8:4a:44:aa:dc:81:94:0d:e8:77:e3:
9e:dc:5c:2c:d5:37:29:e8:90:37:8d:c5:6d:a1:39:e2:89:05:
bb:db:e6:f7:f5:77:44:5c:0e:38:47:54:c1:27:9b:31:4e:1c:
f2:19:41:ec:3f:30:85:87:4a:55:d2:f2:39:0f:0b:b9:08:f2:
ce:0a:b5:cf:09:d3:c0:64:91:9d:c1:f7:cf:fa:ef:47:6c:a8:
3b:a3:38:ea:ce:a8:c3:66:5f:c2:27:3d:97:ca:ba:cf:61:2b:
d8:24:ac:dc:e8:ec:c4:83:9d:d0:c2:02:4d:9c:a0:9a:81:f0:
c7:a0:6d:32:c3:d4:34:42:b0:76:9b:b2:2a:bb:c1:da:1a:0c:
02:55:55:e7:bc:07:e2:a8:cc:d3:1b:5a:c7:a7:d1:71:a3:d3:
25:49:26:a5:a6:42:8e:e1:44:73:7e:08:23:55:80:99:e7:92:
91:35:e6:58:80:a8:8a:1d:0c:43:c8:ab:14:fd:25:35:f7:e8:
41:6e:18:dd:30:05:53:f4:06:22:db:ca:a4:fe:ae:15:ae:05:
9a:30:a3:a5:44:75:97:fa:1c:b8:e5:29:2c:9c:dd:4f:ba:e5:
d3:fe:b5:00:4a:77:b9:e6:75:26:c4:c5:91:c9:08:46:a1:af:
cc:6e:c2:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZof9hAsYvgnyLhFtP71ILhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl
MzQyMjcwHhcNMjUxMDI2MTAwMDEwWhcNMjUxMDI3MTAwMDEwWjAzMTEwLwYDVQQD
Eyg4NWU0NjFkNGEwZWM0ZmIxYTNjY2RiZDUzMjdjNDU2ODIxYzk2ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y47zu/24lqqoXFYbG8JX9K36sgp
GYEL6bgBeZYfLGZ+kVT/HAZolL92Lk2h83+YsPDEN+SF2wwmyDq6YoCTpRsTLcAF
jbbtzpQxzSJdgdBGvuoSE2+BNvF0F6qYQfG6vM8NQgEU1arZ2yhGubsnaefCcpq9
xQmuEJ0Y89L0QM0siEd+Hqin5SBcalmX9pGOxR4E1t9WPpDCeqLEvq+/1zp6uLkS
hNKcxCogMDFfLlu6hNW2Qequczcvcb9XsitsQFLm8xL8le6RFW0yU/7BOoEsVUWK
kEhxEYi5ovn0TXCdx2CoKHn1yr6YPZBCeF2R+N89FrR98nBYEiTaJdpXXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXkYdSg7E+xo8zb1TJ8RWghyW/pMB8GA1UdIwQY
MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt
MGY1MmY4NjcxNzhkLzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk
LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPahPvdc
kfhKRKrcgZQN6HfjntxcLNU3KeiQN43FbaE54okFu9vm9/V3RFwOOEdUwSebMU4c
8hlB7D8whYdKVdLyOQ8LuQjyzgq1zwnTwGSRncH3z/rvR2yoO6M46s6ow2Zfwic9
l8q6z2Er2CSs3OjsxIOd0MICTZygmoHwx6BtMsPUNEKwdpuyKrvB2hoMAlVV57wH
4qjM0xtax6fRcaPTJUkmpaZCjuFEc34II1WAmeeSkTXmWICoih0MQ8irFP0lNffo
QW4Y3TAFU/QGItvKpP6uFa4FmjCjpUR1l/ocuOUpLJzdT7rl0/61AEp3ueZ1JsTF
kckIRqGvzG7C2g==
-----END CERTIFICATE-----
Generated at Sun Oct 26 13:45:16 2025 by rpki-client