Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File: 3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier: oCKnf09FdcpXPxoYm+HR7b3CLwUrqXVDrpLZ2roWYqY=
Subject key identifier: 24:B1:A6:86:4D:72:58:BE:C4:10:C5:A9:41:D5:15:60:33:70:AF:CB
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer: /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial: 0199FBEA81BC33538A0A79CD97A6D70BC864
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number: 09AE
Signing time: Sun 19 Oct 2025 10:01:13 +0000
Manifest this update: Sun 19 Oct 2025 10:01:13 +0000
Manifest next update: Mon 20 Oct 2025 10:01:13 +0000
Files and hashes: 1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: rMRSZ7Ds1PCNFSSFzfx3cagcWVM36/55geFxFYxL7mk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:81:bc:33:53:8a:0a:79:cd:97:a6:d7:0b:c8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Validity
Not Before: Oct 19 10:01:13 2025 GMT
Not After : Oct 20 10:01:13 2025 GMT
Subject: CN=24b1a6864d7258bec410c5a941d515603370afcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:31:35:51:b1:2c:7d:8f:1c:a7:40:01:60:7d:
89:0b:27:6d:d3:4e:bc:96:a2:db:51:bf:c2:18:68:
2d:27:4f:5b:b0:41:18:be:d6:2e:1f:ca:d6:58:c4:
f0:4f:0f:0c:86:06:94:b5:19:d8:b2:8a:47:2a:de:
6e:32:d6:3a:49:14:16:dc:6f:7e:0b:98:da:e0:01:
47:d5:98:d6:d0:76:30:e7:c0:be:8b:8d:36:df:23:
8b:9e:db:ea:76:0b:42:3c:0d:54:64:27:18:11:8d:
9a:b3:ff:45:3c:65:97:6a:44:de:fb:b3:8b:27:9e:
45:7f:36:cc:df:89:6f:49:36:24:e6:7d:1a:6d:45:
a6:9a:b4:98:3c:bf:cb:b0:34:43:b4:bc:3e:97:97:
77:46:38:fc:a9:f9:8d:3a:24:8c:9a:bc:6d:4e:65:
d9:76:1d:4f:a8:9d:3e:f7:87:43:fe:b6:d9:e5:4b:
7e:83:49:65:0c:e8:f7:8d:84:a7:ef:0b:11:86:1e:
ac:68:b7:ed:0c:db:4e:e8:8c:73:7c:89:ac:f6:3d:
2b:81:17:34:98:58:58:aa:e5:c0:99:b7:1d:eb:fe:
13:b9:25:fd:ab:de:27:bf:19:fc:fc:30:e1:d0:f5:
ff:d1:cf:02:90:cd:f1:dd:e4:1d:2e:b2:a8:66:d2:
69:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B1:A6:86:4D:72:58:BE:C4:10:C5:A9:41:D5:15:60:33:70:AF:CB
X509v3 Authority Key Identifier:
keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:88:33:f0:8a:6c:e8:23:76:0a:4b:8d:1c:95:8d:59:94:58:
fa:b7:7c:d2:71:bc:6b:25:2c:cc:bf:c1:f9:0a:fd:33:95:79:
20:6d:30:5d:f2:5f:5c:84:9f:21:b6:27:7d:e7:a5:1a:a0:a0:
80:ac:14:9b:bc:de:3e:cd:04:f2:42:c0:b0:7a:9f:13:ed:8c:
22:29:46:29:4a:cb:8e:d3:59:5c:df:3d:1e:59:cc:94:f4:55:
d1:0b:69:74:50:76:d8:e2:42:11:5a:8c:e4:3a:00:de:d5:da:
77:19:2a:b7:2f:ef:5e:cf:89:56:34:f2:75:f2:94:55:d4:36:
cc:36:98:c5:ef:c9:47:e5:0b:6c:e2:56:77:60:6e:45:a2:98:
35:2d:73:1b:db:fc:09:a9:e1:30:54:86:12:94:41:4e:23:76:
f9:80:16:24:bc:8e:18:26:5b:18:49:5a:1b:c5:5d:3a:7a:c7:
8b:b8:ed:59:10:5b:c1:e6:e6:4e:a9:fe:51:ff:b6:dd:8b:93:
11:60:b2:a0:cc:70:8f:56:c2:37:fb:cc:9e:11:0e:c6:8e:77:
7c:14:10:16:89:97:d9:10:44:a5:46:52:b8:bf:9f:26:ec:76:
9b:3d:30:53:e2:59:88:f4:d6:ea:b4:84:e2:20:a3:7b:c5:d1:
91:a4:af:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76oG8M1OKCnnNl6bXC8hkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUxMDE5MTAwMTEzWhcNMjUxMDIwMTAwMTEzWjAzMTEwLwYDVQQD
EygyNGIxYTY4NjRkNzI1OGJlYzQxMGM1YTk0MWQ1MTU2MDMzNzBhZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTE1UbEsfY8cp0ABYH2JCydt0068
lqLbUb/CGGgtJ09bsEEYvtYuH8rWWMTwTw8MhgaUtRnYsopHKt5uMtY6SRQW3G9+
C5ja4AFH1ZjW0HYw58C+i4023yOLntvqdgtCPA1UZCcYEY2as/9FPGWXakTe+7OL
J55FfzbM34lvSTYk5n0abUWmmrSYPL/LsDRDtLw+l5d3Rjj8qfmNOiSMmrxtTmXZ
dh1PqJ0+94dD/rbZ5Ut+g0llDOj3jYSn7wsRhh6saLftDNtO6IxzfIms9j0rgRc0
mFhYquXAmbcd6/4TuSX9q94nvxn8/DDh0PX/0c8CkM3x3eQdLrKoZtJptQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSxpoZNcli+xBDFqUHVFWAzcK/LMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHYgz8Ips
6CN2CkuNHJWNWZRY+rd80nG8ayUszL/B+Qr9M5V5IG0wXfJfXISfIbYnfeelGqCg
gKwUm7zePs0E8kLAsHqfE+2MIilGKUrLjtNZXN89HlnMlPRV0QtpdFB22OJCEVqM
5DoA3tXadxkqty/vXs+JVjTydfKUVdQ2zDaYxe/JR+ULbOJWd2BuRaKYNS1zG9v8
CanhMFSGEpRBTiN2+YAWJLyOGCZbGElaG8VdOnrHi7jtWRBbwebmTqn+Uf+23YuT
EWCyoMxwj1bCN/vMnhEOxo53fBQQFomX2RBEpUZSuL+fJux2mz0wU+JZiPTW6rSE
4iCje8XRkaSv4A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:26:55 2025 by rpki-client