Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
File: 3z_cS_M72A_hKNdWhD9gs51b7uM.mft (raw, json)
Hash identifier: tVVuYw5DXpG648LIaAAunjRXozdFk0HGzbnYP2IDxNs=
Subject key identifier: CA:F7:B7:AD:6E:E7:F4:18:C9:20:95:4E:D0:E8:05:F2:DB:DE:BC:CD
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 019A19BD9AD955BBAEC843A2BC703D22AB28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
Manifest number: 066A
Signing time: Sat 25 Oct 2025 05:00:47 +0000
Manifest this update: Sat 25 Oct 2025 05:00:47 +0000
Manifest next update: Sun 26 Oct 2025 05:00:47 +0000
Files and hashes: 1: 3z_cS_M72A_hKNdWhD9gs51b7uM.crl (hash: GrauBR2gWIXMSGNjsn7ow9QiybMThJEf7pK/vSKduZg=)
2: LhFRmWbupiZRrTcY1BMgZx0XNm0.roa (hash: 1sSu4Xw0ICcOgnrgocU5c3W/gRE/T8H+tT4ltd3ayqM=)
3: RVm4PleqV8m6zGkcPiKBRGWO1cI.roa (hash: 3p0hXdk+JmHhQEiq1MExor2f3lGKmZyobEJTxOu9buE=)
4: ZqlSlV8xEjtTIPrwJS75wdXWNMY.roa (hash: IHSrkovQ51TOwmRPUF5AIxkAHRZYZBJiA4cpIYri+jU=)
5: eHnC0ZqJNqxv3y7mak9QRJMJw-o.roa (hash: +LqAwsdmA3jPuO+2IgsX5kZHBO+HuvNtjbjVsU8ziig=)
6: f25v4uVZY4JbTyMqNXKXGA35WKk.roa (hash: Cmqw5364kiAvR31aujca3rQebhgV1WXm34C80bI/lTU=)
7: l05lA3ihNrsbi6O1jQgYe6U6RiI.roa (hash: cFNLHeKumGIo0r4P/u4GyYnqlWIoiMqc4hH4vqv6oWg=)
8: xJ0_FRg6EplS-mzoDbYvP1y_mUw.roa (hash: 7evtOJQCPXqekbIigyPzPGbzquzgJixLY3c438GOL/g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:19:bd:9a:d9:55:bb:ae:c8:43:a2:bc:70:3d:22:ab:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Oct 25 05:00:47 2025 GMT
Not After : Oct 26 05:00:47 2025 GMT
Subject: CN=caf7b7ad6ee7f418c920954ed0e805f2dbdebccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:d7:44:e0:a7:8f:c2:82:d1:08:d3:fe:d0:
72:d8:e4:99:5e:5e:37:68:3c:53:3e:ad:a7:01:c5:
df:36:b4:5f:8f:03:90:f7:c5:50:6e:ea:f4:0c:8f:
3e:00:e6:7b:1d:7e:23:70:0a:f8:0f:23:3a:1e:cd:
33:c6:fe:88:6d:24:04:92:c9:75:15:cc:9a:27:5f:
98:8c:13:24:eb:df:e0:c8:4f:da:8a:94:85:ea:09:
59:bf:3e:bc:6c:c6:45:cc:79:df:3e:5b:16:44:95:
f4:33:c1:5c:b2:99:91:0c:a9:39:5e:9c:19:95:07:
fa:e8:8b:dc:2d:0c:f5:45:25:3b:ef:41:de:e3:35:
44:3a:72:16:3a:e5:00:22:db:39:f5:b7:0c:87:c8:
d8:45:79:de:5b:50:18:60:ce:37:4e:ba:ec:bf:70:
1b:3d:ba:21:35:e1:06:30:ba:27:a0:dc:0c:e4:84:
d0:82:3a:49:ad:dd:d9:18:ee:88:36:ca:a2:4a:e8:
3b:d2:c6:1a:39:ac:0b:29:ab:59:bc:87:ad:9b:2d:
a8:f3:fb:b6:e0:5b:7b:4c:b1:ee:82:fa:ff:11:82:
f7:16:09:f7:11:df:be:64:20:c4:95:c6:da:3b:10:
52:ad:2c:73:f0:f5:da:28:06:fd:d8:21:b6:ca:5f:
db:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F7:B7:AD:6E:E7:F4:18:C9:20:95:4E:D0:E8:05:F2:DB:DE:BC:CD
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:97:83:9d:41:8e:d2:80:cf:e5:38:dc:6b:f8:fb:57:92:b4:
3c:a6:32:e8:a0:e4:33:0e:c2:d1:66:ab:f4:23:b7:79:78:5a:
dc:d5:d5:14:fa:c0:86:63:e4:da:cf:8e:f4:ec:f0:a7:2d:75:
ff:d4:cb:d7:83:27:68:37:cb:88:f2:c3:f1:28:12:32:db:e3:
c7:16:c2:f4:06:01:99:74:25:ae:76:aa:1f:8f:21:82:09:cc:
e7:45:0e:7d:18:af:b2:8b:83:eb:7d:93:c3:b5:e7:da:d5:ad:
35:bb:ee:db:a4:5a:79:9d:a0:45:8d:98:f4:0f:fd:d5:e0:a2:
39:44:5d:4a:89:de:36:f5:99:73:2e:5b:20:53:88:d4:ae:46:
f2:0c:f3:80:14:2a:da:79:24:82:d8:6d:08:03:40:d9:2e:f5:
58:4c:7a:cd:48:df:9d:02:61:fa:30:0a:3b:0c:89:9b:43:77:
16:de:c5:e4:4c:81:64:9e:e7:8b:63:c0:b1:d4:bb:ac:8b:1f:
a6:d3:c8:33:d3:2d:8f:cc:32:9f:2c:c8:a3:ae:a6:a1:54:b7:
8a:7d:72:16:0a:ea:b4:88:a7:f1:86:f5:2d:91:a8:57:a5:4f:
b9:49:66:2c:b8:36:ea:4d:04:07:0e:b8:0f:cd:d0:30:1f:6b:
f4:79:2a:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoZvZrZVbuuyEOivHA9IqsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjUxMDI1MDUwMDQ3WhcNMjUxMDI2MDUwMDQ3WjAzMTEwLwYDVQQD
EyhjYWY3YjdhZDZlZTdmNDE4YzkyMDk1NGVkMGU4MDVmMmRiZGViY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQXXROCnj8KC0QjT/tBy2OSZXl43
aDxTPq2nAcXfNrRfjwOQ98VQbur0DI8+AOZ7HX4jcAr4DyM6Hs0zxv6IbSQEksl1
FcyaJ1+YjBMk69/gyE/aipSF6glZvz68bMZFzHnfPlsWRJX0M8FcspmRDKk5XpwZ
lQf66IvcLQz1RSU770He4zVEOnIWOuUAIts59bcMh8jYRXneW1AYYM43Trrsv3Ab
PbohNeEGMLonoNwM5ITQgjpJrd3ZGO6INsqiSug70sYaOawLKatZvIetmy2o8/u2
4Ft7TLHugvr/EYL3Fgn3Ed++ZCDElcbaOxBSrSxz8PXaKAb92CG2yl/bswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMr3t61u5/QYySCVTtDoBfLb3rzNMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZeDnUGO
0oDP5Tjca/j7V5K0PKYy6KDkMw7C0War9CO3eXha3NXVFPrAhmPk2s+O9Ozwpy11
/9TL14MnaDfLiPLD8SgSMtvjxxbC9AYBmXQlrnaqH48hggnM50UOfRivsouD632T
w7Xn2tWtNbvu26RaeZ2gRY2Y9A/91eCiOURdSoneNvWZcy5bIFOI1K5G8gzzgBQq
2nkkgthtCANA2S71WEx6zUjfnQJh+jAKOwyJm0N3Ft7F5EyBZJ7ni2PAsdS7rIsf
ptPIM9Mtj8wynyzIo66moVS3in1yFgrqtIin8Yb1LZGoV6VPuUlmLLg26k0EBw64
D83QMB9r9Hkqpg==
-----END CERTIFICATE-----
Generated at Sat Oct 25 08:06:46 2025 by rpki-client