Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft
File: 3hgnB8REwxBksYmcWX6e_XNDj5I.mft (raw, json)
Hash identifier: l65DNfrn9hQU8h8UZbaioUuiyAlMg3JA4/cb3J6Na54=
Subject key identifier: 9F:48:78:EC:0D:F5:31:57:47:60:FF:C3:67:81:7D:80:FA:D7:57:CE
Authority key identifier: DE:18:27:07:C4:44:C3:10:64:B1:89:9C:59:7E:9E:FD:73:43:8F:92
Certificate issuer: /CN=de182707c444c31064b1899c597e9efd73438f92
Certificate serial: 019A5D8C43B5FB465572FB8414A2C8F33706
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hgnB8REwxBksYmcWX6e_XNDj5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft
Manifest number: 067C
Signing time: Fri 07 Nov 2025 09:01:04 +0000
Manifest this update: Fri 07 Nov 2025 09:01:04 +0000
Manifest next update: Sat 08 Nov 2025 09:01:04 +0000
Files and hashes: 1: 3hgnB8REwxBksYmcWX6e_XNDj5I.crl (hash: pPqI9ol3py7Yp2P2bgNWciF/A4wpbw61S1b+BZ0a0os=)
2: S2et9u3-k4c1RbSQYpZyfZKneKE.roa (hash: Ha/+fD6TOAGH3fDS11rGJPIxFiX3z4IR9RxVgbeKPDM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hgnB8REwxBksYmcWX6e_XNDj5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:5d:8c:43:b5:fb:46:55:72:fb:84:14:a2:c8:f3:37:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de182707c444c31064b1899c597e9efd73438f92
Validity
Not Before: Nov 7 09:01:04 2025 GMT
Not After : Nov 8 09:01:04 2025 GMT
Subject: CN=9f4878ec0df531574760ffc367817d80fad757ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:b6:b7:b6:44:31:2c:21:ec:a8:37:5a:16:
de:28:91:eb:dd:3b:a6:aa:22:45:81:be:ab:41:a2:
37:7f:b8:e5:ce:73:99:d1:cc:18:d0:e2:33:24:92:
71:59:ed:ae:da:f3:21:3f:bd:a2:9e:e4:2b:76:c6:
c4:51:1f:9e:dc:13:9d:e7:c3:61:ee:d3:c3:8e:79:
f3:06:ce:be:43:c7:d5:3d:49:78:98:8c:b9:b7:b9:
86:b1:e1:5c:49:3e:75:44:d8:47:2b:e8:dc:50:8c:
12:a8:b0:dc:d2:6e:4f:95:4d:6a:62:64:b6:f4:91:
b0:bd:04:35:e6:61:7c:88:5c:b3:de:48:67:e9:b2:
af:41:77:0f:b1:62:5e:a5:25:c7:ba:1e:cc:0d:f0:
5b:d5:11:fc:85:43:49:0f:be:ab:e4:17:5d:32:ae:
cf:a4:74:97:24:08:0b:b1:95:01:db:4e:23:b0:61:
6f:01:25:fd:96:7e:8f:4d:98:c3:8c:60:38:a4:ff:
e2:86:af:cb:86:3d:9c:dc:c7:6a:ac:fb:d8:13:8e:
78:c9:63:5e:c7:bc:22:3e:e3:1b:92:c4:8f:cc:fb:
00:48:18:4e:81:21:ee:ce:7b:b8:fa:4f:bc:d6:45:
7c:cb:7c:f5:44:09:db:a5:c0:a4:13:92:4c:b9:48:
96:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:48:78:EC:0D:F5:31:57:47:60:FF:C3:67:81:7D:80:FA:D7:57:CE
X509v3 Authority Key Identifier:
keyid:DE:18:27:07:C4:44:C3:10:64:B1:89:9C:59:7E:9E:FD:73:43:8F:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hgnB8REwxBksYmcWX6e_XNDj5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:ae:ed:90:cc:f4:e8:6c:31:4a:a8:f2:b7:a6:bf:04:52:89:
74:b9:12:08:df:35:bb:4f:c5:ae:4d:4a:51:a7:aa:be:c1:47:
98:ea:20:ae:01:94:d2:5c:f3:93:78:a2:dc:3a:1d:a9:2e:ec:
b4:3e:f8:7d:08:3a:e8:cf:55:09:01:10:29:7e:71:25:cf:b1:
6d:8a:8c:1f:f2:fc:31:bb:b1:bd:89:0b:fb:56:56:61:50:d0:
b3:88:08:9d:d1:a7:b4:fb:bc:4f:47:38:14:35:f4:01:cf:b2:
76:55:2f:db:47:af:10:f9:ef:c2:26:36:0f:a7:4b:40:19:ae:
77:31:39:62:7f:eb:01:f3:92:a6:40:09:3c:56:29:79:9d:73:
26:81:e9:d3:ac:25:0d:81:46:b3:64:d0:70:b0:1c:67:f2:66:
96:db:46:5d:b7:2a:62:7b:e4:21:1b:bf:e7:2a:b5:5f:be:fb:
e9:86:1f:16:a7:d2:71:0c:76:04:0c:33:41:09:2b:a1:6d:84:
1e:e3:6a:9b:b7:f0:c5:ec:fb:97:11:ae:81:9e:bb:53:21:9b:
7f:2e:d7:15:b5:b0:6c:5e:ca:2a:16:55:2e:7c:3b:a6:2e:a6:
1c:b6:08:6d:99:a0:09:47:6f:28:c0:58:4f:d3:86:e2:21:b1:
bd:2c:a8:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpdjEO1+0ZVcvuEFKLI8zcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTgyNzA3YzQ0NGMzMTA2NGIxODk5YzU5N2U5ZWZkNzM0
MzhmOTIwHhcNMjUxMTA3MDkwMTA0WhcNMjUxMTA4MDkwMTA0WjAzMTEwLwYDVQQD
Eyg5ZjQ4NzhlYzBkZjUzMTU3NDc2MGZmYzM2NzgxN2Q4MGZhZDc1N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG+2t7ZEMSwh7Kg3WhbeKJHr3Tum
qiJFgb6rQaI3f7jlznOZ0cwY0OIzJJJxWe2u2vMhP72inuQrdsbEUR+e3BOd58Nh
7tPDjnnzBs6+Q8fVPUl4mIy5t7mGseFcST51RNhHK+jcUIwSqLDc0m5PlU1qYmS2
9JGwvQQ15mF8iFyz3khn6bKvQXcPsWJepSXHuh7MDfBb1RH8hUNJD76r5BddMq7P
pHSXJAgLsZUB204jsGFvASX9ln6PTZjDjGA4pP/ihq/Lhj2c3MdqrPvYE454yWNe
x7wiPuMbksSPzPsASBhOgSHuznu4+k+81kV8y3z1RAnbpcCkE5JMuUiWQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9IeOwN9TFXR2D/w2eBfYD611fOMB8GA1UdIwQY
MBaAFN4YJwfERMMQZLGJnFl+nv1zQ4+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hnbkI4UkV3eEJrc1ltY1dYNmVfWE5EajVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zYmYzMDEtZDE4OS00NzVkLTk1ZGMt
ZWFhZTNkZThhYjU4LzEvM2hnbkI4UkV3eEJrc1ltY1dYNmVfWE5EajVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zYmYzMDEtZDE4OS00NzVkLTk1ZGMtZWFhZTNkZThhYjU4
LzEvM2hnbkI4UkV3eEJrc1ltY1dYNmVfWE5EajVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANq7tkMz0
6GwxSqjyt6a/BFKJdLkSCN81u0/Frk1KUaeqvsFHmOogrgGU0lzzk3ii3DodqS7s
tD74fQg66M9VCQEQKX5xJc+xbYqMH/L8MbuxvYkL+1ZWYVDQs4gIndGntPu8T0c4
FDX0Ac+ydlUv20evEPnvwiY2D6dLQBmudzE5Yn/rAfOSpkAJPFYpeZ1zJoHp06wl
DYFGs2TQcLAcZ/JmlttGXbcqYnvkIRu/5yq1X7776YYfFqfScQx2BAwzQQkroW2E
HuNqm7fwxez7lxGugZ67UyGbfy7XFbWwbF7KKhZVLnw7pi6mHLYIbZmgCUdvKMBY
T9OG4iGxvSyogQ==
-----END CERTIFICATE-----
Generated at Fri Nov 7 13:45:20 2025 by rpki-client