Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
File: 3z_cS_M72A_hKNdWhD9gs51b7uM.mft (raw, json)
Hash identifier: bk/rnXEQAYUvzmhMvXbH4HuP3XXAVUnuoP+hKntiio0=
Subject key identifier: 14:DD:55:B4:89:5C:8D:A8:A7:02:FB:93:9F:94:93:1D:7E:01:22:82
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 0199307EA45421C87E91E4B247B511B88F5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
Manifest number: 05F1
Signing time: Tue 09 Sep 2025 22:00:29 +0000
Manifest this update: Tue 09 Sep 2025 22:00:29 +0000
Manifest next update: Wed 10 Sep 2025 22:00:29 +0000
Files and hashes: 1: 3z_cS_M72A_hKNdWhD9gs51b7uM.crl (hash: HSWarLTD0NLzjv094W6gQkKGcwiifRrT2sbBdYdXgRM=)
2: LhFRmWbupiZRrTcY1BMgZx0XNm0.roa (hash: 1sSu4Xw0ICcOgnrgocU5c3W/gRE/T8H+tT4ltd3ayqM=)
3: RVm4PleqV8m6zGkcPiKBRGWO1cI.roa (hash: 3p0hXdk+JmHhQEiq1MExor2f3lGKmZyobEJTxOu9buE=)
4: ZqlSlV8xEjtTIPrwJS75wdXWNMY.roa (hash: IHSrkovQ51TOwmRPUF5AIxkAHRZYZBJiA4cpIYri+jU=)
5: eHnC0ZqJNqxv3y7mak9QRJMJw-o.roa (hash: +LqAwsdmA3jPuO+2IgsX5kZHBO+HuvNtjbjVsU8ziig=)
6: f25v4uVZY4JbTyMqNXKXGA35WKk.roa (hash: Cmqw5364kiAvR31aujca3rQebhgV1WXm34C80bI/lTU=)
7: q13-9N0ob4EuZWCOBMGdrrmovYs.roa (hash: eeKbIgwTI3WJxgPRBQEnAOsOn9kelg3Nk/9eNVvZbRQ=)
8: xJ0_FRg6EplS-mzoDbYvP1y_mUw.roa (hash: 7evtOJQCPXqekbIigyPzPGbzquzgJixLY3c438GOL/g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:30:7e:a4:54:21:c8:7e:91:e4:b2:47:b5:11:b8:8f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Sep 9 22:00:29 2025 GMT
Not After : Sep 10 22:00:29 2025 GMT
Subject: CN=14dd55b4895c8da8a702fb939f94931d7e012282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:20:33:be:c8:2d:b7:33:32:35:d9:d3:2f:3b:
90:42:04:fd:2f:37:27:27:f0:2d:f4:44:ab:d6:78:
08:e3:be:ec:2c:16:83:3f:2b:d3:c7:01:c9:6e:cc:
ea:79:fe:97:c3:67:09:18:7b:f2:3b:f5:ac:f3:99:
60:f2:b8:d2:36:3d:51:0d:48:a5:1d:2e:26:6b:18:
d0:f3:31:f4:22:8e:c4:1b:4b:6d:c8:05:f3:a7:9a:
1b:20:7d:9f:df:15:89:f2:43:b3:8b:8d:5c:d9:93:
bf:0d:82:b7:57:12:49:76:97:63:ba:4d:53:2e:13:
49:4a:63:ec:9d:40:e4:02:c7:41:35:b1:29:77:67:
57:a1:9e:5a:e1:c8:fe:ae:1e:32:1b:34:c6:bb:46:
7c:da:b3:21:cd:f1:b9:ef:81:ec:84:66:10:f9:23:
99:28:b5:a4:a9:1a:c4:76:0c:0b:72:30:4f:54:82:
ac:83:b6:a5:2a:79:b2:9d:25:91:af:50:69:5d:ad:
87:1f:e9:a7:1d:f8:c3:97:02:a0:ef:b5:11:90:71:
91:b3:16:28:10:cd:64:6b:d8:62:ca:e8:90:d5:c8:
dc:62:b8:47:b3:61:80:5d:53:33:a3:25:ef:70:f1:
6d:d3:28:ec:3f:f8:86:8c:c6:6e:d9:b2:e4:f9:a5:
c7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DD:55:B4:89:5C:8D:A8:A7:02:FB:93:9F:94:93:1D:7E:01:22:82
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:09:97:1f:61:1d:04:32:64:38:98:c3:18:40:24:c0:9e:a2:
7d:9e:e9:4a:0f:ca:dd:06:ca:14:a4:39:44:f4:ff:4e:74:9a:
55:b4:8b:63:04:68:4f:e9:e4:3e:db:3f:cc:99:b3:a1:bd:1f:
18:b7:c2:e0:a7:bb:c3:2d:df:67:41:d9:d4:7e:8c:27:aa:d5:
67:d3:62:a5:ac:e8:d1:5b:71:ea:2c:0e:6e:18:33:d0:c6:59:
14:c2:6d:76:99:5d:04:a7:97:e1:b3:d1:f9:c6:1c:22:64:fd:
ff:d4:94:75:89:12:13:3d:20:d9:57:d5:33:24:8f:05:66:32:
b5:e7:76:11:a6:fb:ac:db:9f:0d:cf:21:be:b0:d4:17:c3:4d:
fb:11:f5:cf:40:78:48:0d:c2:fd:46:ed:89:dd:05:33:54:e7:
fc:af:8e:b4:e5:48:df:bd:89:d7:4b:a4:92:81:79:ea:d8:d5:
44:25:89:6a:2e:76:49:fc:4f:f0:cb:72:64:e6:96:af:d2:88:
b6:8f:4c:ca:d2:a6:af:98:6c:bd:80:86:7b:f3:08:52:b4:a6:
1c:66:0b:c9:67:5a:4e:e4:31:8f:0a:8f:d0:c5:63:48:6e:69:
c2:f5:89:b7:d8:dd:02:35:f8:7f:e6:65:55:1a:e1:b0:00:90:
ad:01:5a:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkwfqRUIch+keSyR7URuI9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjUwOTA5MjIwMDI5WhcNMjUwOTEwMjIwMDI5WjAzMTEwLwYDVQQD
EygxNGRkNTViNDg5NWM4ZGE4YTcwMmZiOTM5Zjk0OTMxZDdlMDEyMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyAzvsgttzMyNdnTLzuQQgT9Lzcn
J/At9ESr1ngI477sLBaDPyvTxwHJbszqef6Xw2cJGHvyO/Ws85lg8rjSNj1RDUil
HS4maxjQ8zH0Io7EG0ttyAXzp5obIH2f3xWJ8kOzi41c2ZO/DYK3VxJJdpdjuk1T
LhNJSmPsnUDkAsdBNbEpd2dXoZ5a4cj+rh4yGzTGu0Z82rMhzfG574HshGYQ+SOZ
KLWkqRrEdgwLcjBPVIKsg7alKnmynSWRr1BpXa2HH+mnHfjDlwKg77URkHGRsxYo
EM1ka9hiyuiQ1cjcYrhHs2GAXVMzoyXvcPFt0yjsP/iGjMZu2bLk+aXH6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTdVbSJXI2opwL7k5+Ukx1+ASKCMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwmXH2Ed
BDJkOJjDGEAkwJ6ifZ7pSg/K3QbKFKQ5RPT/TnSaVbSLYwRoT+nkPts/zJmzob0f
GLfC4Ke7wy3fZ0HZ1H6MJ6rVZ9Nipazo0Vtx6iwObhgz0MZZFMJtdpldBKeX4bPR
+cYcImT9/9SUdYkSEz0g2VfVMySPBWYyted2Eab7rNufDc8hvrDUF8NN+xH1z0B4
SA3C/Ubtid0FM1Tn/K+OtOVI372J10ukkoF56tjVRCWJai52SfxP8MtyZOaWr9KI
to9MytKmr5hsvYCGe/MIUrSmHGYLyWdaTuQxjwqP0MVjSG5pwvWJt9jdAjX4f+Zl
VRrhsACQrQFa2Q==
-----END CERTIFICATE-----
Generated at Wed Sep 10 05:41:21 2025 by rpki-client