Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft
File: 3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft (raw, json)
Hash identifier: +uVWBVsKctj9JvhgSkI6XWGYXFztAQmuvJRHiwgR9/E=
Subject key identifier: E3:06:8E:48:A9:60:63:FB:35:C1:F3:D5:76:5D:40:B9:DF:BB:50:E6
Authority key identifier: DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F
Certificate issuer: /CN=df3b1d2773a03d317a7703193d2f45429a94ba9f
Certificate serial: 0199FFC7307F24E5950CFA5AA30B69726568
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft
Manifest number: CA
Signing time: Mon 20 Oct 2025 04:01:08 +0000
Manifest this update: Mon 20 Oct 2025 04:01:08 +0000
Manifest next update: Tue 21 Oct 2025 04:01:08 +0000
Files and hashes: 1: 1OnAxERvwCdnk__Rn-ReVSlbcoM.roa (hash: aqwsdMgIbP4mFzFG0p4x2dQgO0GnM+i3JMeyA55YC7E=)
2: 3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl (hash: Z12UNC6uZ+dcfBkQzI7S9srduou29ja54VSW8VFpxg4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:30:7f:24:e5:95:0c:fa:5a:a3:0b:69:72:65:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3b1d2773a03d317a7703193d2f45429a94ba9f
Validity
Not Before: Oct 20 04:01:08 2025 GMT
Not After : Oct 21 04:01:08 2025 GMT
Subject: CN=e3068e48a96063fb35c1f3d5765d40b9dfbb50e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1a:73:08:8f:5d:29:d1:79:4f:3d:fb:2f:49:
a4:18:92:6e:e4:f2:27:ef:e7:ad:a7:c8:c4:02:2b:
41:89:88:2d:92:d3:b6:bf:c7:e8:9f:f2:e3:1d:e3:
bc:fd:7e:97:42:8d:36:4b:a8:91:ed:bf:bf:59:2c:
e5:a6:b9:fc:bb:59:9b:86:a8:1f:f9:66:81:40:dc:
71:10:6a:d0:f3:36:58:22:1c:5a:a5:77:0b:c0:86:
22:a7:49:fd:a2:4a:ce:29:bf:d2:95:d1:a1:a0:8b:
83:91:8b:71:17:51:13:87:1e:16:3c:dd:fc:7c:de:
a7:10:bb:d5:fa:a8:db:aa:75:3d:1d:2a:da:68:76:
e8:22:78:4d:f8:59:b1:6b:03:f0:89:31:f0:45:95:
08:cd:60:62:02:48:ac:6d:cb:3a:f9:02:40:4f:e3:
22:fb:fd:5d:a1:3a:e1:8c:47:96:2c:f1:9c:d1:9a:
56:9f:d8:bb:32:6b:d0:01:50:59:f8:34:5a:26:75:
90:87:c2:a2:26:9e:e1:2b:5f:06:c2:16:65:4c:2c:
e4:e6:0c:a0:35:c6:2d:49:52:52:80:2e:fb:ec:cd:
68:4b:9b:30:cc:a4:b7:bc:39:98:1d:09:9c:3b:2e:
9e:b2:13:b6:88:b1:9c:4b:19:a6:69:ea:7e:31:99:
97:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:06:8E:48:A9:60:63:FB:35:C1:F3:D5:76:5D:40:B9:DF:BB:50:E6
X509v3 Authority Key Identifier:
keyid:DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:6c:11:9d:5b:4f:2f:97:82:ee:e9:ea:b4:bd:57:4c:f0:cd:
39:79:5a:81:3a:02:24:19:c9:f2:b9:52:9c:e1:8d:64:0a:e8:
45:ec:1c:81:c3:8a:85:4b:b0:48:c0:70:27:9e:76:38:f9:b8:
8b:b1:a4:b1:5d:af:1d:48:dc:99:63:20:15:8a:ee:40:4c:d2:
27:cc:2c:4d:49:ca:8c:93:2a:d1:59:01:43:ef:e9:d2:5a:65:
a5:be:be:0d:26:03:2b:93:da:f5:2f:55:42:24:32:44:45:51:
ee:b0:26:4a:95:d4:a5:d8:ac:7f:b2:69:5a:00:24:41:2a:a7:
b8:02:81:e2:da:0c:8d:5d:36:e7:f5:11:3f:48:a8:ef:e8:7d:
26:77:50:6c:21:59:2f:a6:59:f5:71:d2:3d:c7:1a:d2:5d:17:
15:4e:0a:66:df:db:56:b6:a6:83:fb:ed:a8:ac:a1:bb:41:24:
2d:65:c9:31:09:96:51:fa:a1:96:e1:f4:39:bb:95:6d:45:9d:
1b:19:3b:a9:0d:0e:38:87:7f:4d:cc:9b:df:82:43:44:35:92:
10:d7:07:2f:45:5f:b5:82:9f:b6:51:f1:b2:e0:12:cc:9a:78:
ab:ae:35:6e:78:c0:d3:e1:78:c8:52:33:a5:42:09:c4:1a:fd:
71:6f:a9:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/xzB/JOWVDPpaowtpcmVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2IxZDI3NzNhMDNkMzE3YTc3MDMxOTNkMmY0NTQyOWE5
NGJhOWYwHhcNMjUxMDIwMDQwMTA4WhcNMjUxMDIxMDQwMTA4WjAzMTEwLwYDVQQD
EyhlMzA2OGU0OGE5NjA2M2ZiMzVjMWYzZDU3NjVkNDBiOWRmYmI1MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRpzCI9dKdF5Tz37L0mkGJJu5PIn
7+etp8jEAitBiYgtktO2v8fon/LjHeO8/X6XQo02S6iR7b+/WSzlprn8u1mbhqgf
+WaBQNxxEGrQ8zZYIhxapXcLwIYip0n9okrOKb/SldGhoIuDkYtxF1EThx4WPN38
fN6nELvV+qjbqnU9HSraaHboInhN+FmxawPwiTHwRZUIzWBiAkisbcs6+QJAT+Mi
+/1doTrhjEeWLPGc0ZpWn9i7MmvQAVBZ+DRaJnWQh8KiJp7hK18GwhZlTCzk5gyg
NcYtSVJSgC777M1oS5swzKS3vDmYHQmcOy6eshO2iLGcSxmmaep+MZmXPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMGjkipYGP7NcHz1XZdQLnfu1DmMB8GA1UdIwQY
MBaAFN87HSdzoD0xencDGT0vRUKalLqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3Nzct
NTI2ZGNiMmEyM2JkLzEvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3NzctNTI2ZGNiMmEyM2Jk
LzEvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhWwRnVtP
L5eC7unqtL1XTPDNOXlagToCJBnJ8rlSnOGNZAroRewcgcOKhUuwSMBwJ552OPm4
i7GksV2vHUjcmWMgFYruQEzSJ8wsTUnKjJMq0VkBQ+/p0lplpb6+DSYDK5Pa9S9V
QiQyREVR7rAmSpXUpdisf7JpWgAkQSqnuAKB4toMjV025/URP0io7+h9JndQbCFZ
L6ZZ9XHSPcca0l0XFU4KZt/bVramg/vtqKyhu0EkLWXJMQmWUfqhluH0ObuVbUWd
Gxk7qQ0OOId/Tcyb34JDRDWSENcHL0VftYKftlHxsuASzJp4q641bnjA0+F4yFIz
pUIJxBr9cW+p2w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:16:09 2025 by rpki-client