Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: aSp581+AdLKq/QXp8Mns3Nackvf0tg6l6A9tJm4H8Yw=
Subject key identifier: B9:A6:9A:CE:B6:2D:1B:A9:1F:89:11:08:16:E2:F8:F3:2A:EF:56:10
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 0199FE7E1223D6CA22375B15DBF7B094AE60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 1652
Signing time: Sun 19 Oct 2025 22:01:38 +0000
Manifest this update: Sun 19 Oct 2025 22:01:38 +0000
Manifest next update: Mon 20 Oct 2025 22:01:38 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: CFU43U7Btn8qpATc8+ukPOqB6iEvRHnMSpD0s2ytEPc=)
2: 42kA1PGA8no_1otOl8ofpG12v3U.roa (hash: xUXq/2K3klfSiQDOaLNutcuHJyhv84PrwrhgM3PQUAM=)
3: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (hash: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:7e:12:23:d6:ca:22:37:5b:15:db:f7:b0:94:ae:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Oct 19 22:01:38 2025 GMT
Not After : Oct 20 22:01:38 2025 GMT
Subject: CN=b9a69aceb62d1ba91f89110816e2f8f32aef5610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:7b:b7:57:69:77:b3:fc:f2:9a:a4:81:a5:
bd:eb:42:f0:5b:95:3d:85:0d:a7:ed:af:85:0f:69:
9f:9b:f0:a3:4c:38:b7:e3:64:98:55:ae:94:b4:3a:
f7:d8:56:65:40:3a:b7:50:41:0c:00:8d:94:7f:6c:
f5:28:1a:76:3d:97:df:aa:06:cb:db:04:d0:37:02:
cb:33:c9:63:db:46:71:04:6e:e6:55:68:f9:de:fa:
ae:71:7c:2a:4f:2c:66:3c:ba:58:48:d4:d6:2e:38:
d2:12:ef:c5:d5:60:af:68:0d:7a:b0:1e:e2:44:8d:
3b:0b:93:59:3b:93:dd:ab:32:a9:80:28:47:72:b8:
2d:98:92:92:c2:d3:1b:ea:b8:fb:ff:89:ea:fd:5d:
e8:b0:21:b1:08:4d:2e:03:74:0a:83:86:8a:21:3c:
52:b1:fe:af:17:ee:63:83:85:80:9d:51:9c:89:c9:
2d:00:b8:12:71:ee:37:cf:9b:d4:51:b0:e7:1f:86:
48:bd:38:9d:7c:e8:20:83:71:07:4c:6f:93:0d:18:
ba:6a:b2:d1:9e:a6:55:4a:19:0b:f0:0e:a8:99:d2:
aa:f0:9b:00:39:32:f1:1c:4e:9a:af:36:3e:62:7d:
b0:f9:bc:21:f9:79:8b:ff:c8:ec:bb:2f:5e:95:47:
fd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A6:9A:CE:B6:2D:1B:A9:1F:89:11:08:16:E2:F8:F3:2A:EF:56:10
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:87:78:ce:e8:65:de:e4:07:4b:a5:db:26:31:47:29:f7:6e:
bb:0a:b4:fc:4f:41:72:03:e7:12:59:e2:1e:8d:d0:7a:9f:08:
50:43:1b:66:4f:1d:c2:93:81:15:9f:fb:10:3b:4d:94:e1:5c:
8a:2f:dc:6f:cd:31:49:0f:24:be:dc:22:d6:04:38:44:18:c7:
0f:a1:55:2f:cc:cd:05:ab:31:f2:52:91:66:62:55:5a:cb:7a:
45:85:a3:79:0c:ec:93:ea:4c:c8:27:8f:f3:e4:f6:66:9b:40:
95:5d:1c:59:06:71:a9:5c:4c:a3:6a:ea:13:b8:21:11:2e:fe:
48:96:50:19:ff:80:89:fc:86:e4:06:c2:9a:fe:51:24:ba:35:
e9:ad:22:4a:76:76:64:10:5f:88:58:da:96:ee:5c:71:87:c7:
b9:65:16:69:9a:bf:f1:7e:99:99:b9:2a:0e:68:84:3a:7b:8e:
7b:0e:24:46:4d:7e:1a:e6:07:e0:e2:66:a1:ab:bb:36:02:36:
05:5d:75:ed:31:d9:15:c0:d9:32:9d:5e:fd:8a:90:0b:68:5c:
91:6a:42:f3:15:ac:5c:80:99:61:75:b6:7a:de:20:b0:8b:66:
67:d8:1d:5b:01:ac:bf:c6:2d:82:31:11:66:9d:b0:34:c0:f6:
d9:81:70:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fhIj1soiN1sV2/ewlK5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUxMDE5MjIwMTM4WhcNMjUxMDIwMjIwMTM4WjAzMTEwLwYDVQQD
EyhiOWE2OWFjZWI2MmQxYmE5MWY4OTExMDgxNmUyZjhmMzJhZWY1NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIJ7t1dpd7P88pqkgaW960LwW5U9
hQ2n7a+FD2mfm/CjTDi342SYVa6UtDr32FZlQDq3UEEMAI2Uf2z1KBp2PZffqgbL
2wTQNwLLM8lj20ZxBG7mVWj53vqucXwqTyxmPLpYSNTWLjjSEu/F1WCvaA16sB7i
RI07C5NZO5PdqzKpgChHcrgtmJKSwtMb6rj7/4nq/V3osCGxCE0uA3QKg4aKITxS
sf6vF+5jg4WAnVGcicktALgSce43z5vUUbDnH4ZIvTidfOggg3EHTG+TDRi6arLR
nqZVShkL8A6omdKq8JsAOTLxHE6arzY+Yn2w+bwh+XmL/8jsuy9elUf9/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmmms62LRupH4kRCBbi+PMq71YQMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq4d4zuhl
3uQHS6XbJjFHKfduuwq0/E9BcgPnElniHo3Qep8IUEMbZk8dwpOBFZ/7EDtNlOFc
ii/cb80xSQ8kvtwi1gQ4RBjHD6FVL8zNBasx8lKRZmJVWst6RYWjeQzsk+pMyCeP
8+T2ZptAlV0cWQZxqVxMo2rqE7ghES7+SJZQGf+AifyG5AbCmv5RJLo16a0iSnZ2
ZBBfiFjalu5ccYfHuWUWaZq/8X6ZmbkqDmiEOnuOew4kRk1+GuYH4OJmoau7NgI2
BV117THZFcDZMp1e/YqQC2hckWpC8xWsXICZYXW2et4gsItmZ9gdWwGsv8YtgjER
Zp2wNMD22YFwVQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:25:16 2025 by rpki-client