Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
File: 3VP2PxOgyVKgefRXihDtv246pYs.mft (raw, json)
Hash identifier: ekcE8tYHMdjt1W1+NK5quAzdiQBeuvtUss7EqLBjQ2A=
Subject key identifier: C6:4A:57:68:CD:4B:2F:F5:63:C1:25:17:E9:E7:C3:80:39:FD:1C:B2
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 0198D5157E71FC25D74835BE0A0871EAB812
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
Manifest number: 15B8
Signing time: Sat 23 Aug 2025 04:00:12 +0000
Manifest this update: Sat 23 Aug 2025 04:00:12 +0000
Manifest next update: Sun 24 Aug 2025 04:00:12 +0000
Files and hashes: 1: 3VP2PxOgyVKgefRXihDtv246pYs.crl (hash: pdreUk8QE2IcU2APar36/pl6CyBZ3MfdB0ShJHTBSvI=)
2: 42kA1PGA8no_1otOl8ofpG12v3U.roa (hash: xUXq/2K3klfSiQDOaLNutcuHJyhv84PrwrhgM3PQUAM=)
3: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (hash: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:15:7e:71:fc:25:d7:48:35:be:0a:08:71:ea:b8:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Aug 23 04:00:12 2025 GMT
Not After : Aug 24 04:00:12 2025 GMT
Subject: CN=c64a5768cd4b2ff563c12517e9e7c38039fd1cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d4:e4:17:b8:a1:6d:5b:a1:f1:81:49:00:ef:
c7:8d:72:cf:43:77:f6:19:10:37:8a:0c:5e:0e:ff:
53:cd:b3:c2:10:da:a9:5d:5e:89:65:54:b9:61:9c:
cd:32:be:27:ff:98:25:68:08:2b:74:6e:d7:02:00:
fb:23:17:50:82:96:46:43:6e:31:6e:fd:21:0a:d8:
dd:6e:47:5c:b2:0d:37:0f:6d:85:cc:0d:f7:2a:42:
0b:4e:d7:0f:ad:dc:6f:b6:86:e0:49:6a:42:c6:b8:
bb:f8:88:ad:25:6b:0a:60:68:7f:b4:3d:2a:6e:87:
ae:66:13:5a:8b:87:1f:e1:69:77:a8:06:df:81:70:
b3:1f:6c:64:3f:a1:77:f8:b4:8d:6a:ce:b7:ec:0b:
f5:d3:a6:6a:4a:91:f8:43:c3:db:5c:5e:a6:56:99:
d2:9f:c0:14:86:17:f3:b4:6b:ad:f2:b6:60:c5:5f:
0e:d4:47:b3:eb:79:02:ab:45:66:a9:71:3f:c3:60:
50:33:9f:a4:d3:0d:55:7d:ff:44:75:d9:ee:c9:a8:
ea:80:84:d1:46:1e:6b:5c:e0:c2:ed:c3:0b:3b:eb:
69:16:2c:d3:23:3a:c3:23:89:37:76:d1:b0:3d:b7:
41:e5:55:32:c6:f5:80:f3:ac:af:c3:73:b1:83:16:
19:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4A:57:68:CD:4B:2F:F5:63:C1:25:17:E9:E7:C3:80:39:FD:1C:B2
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:97:57:50:34:9c:d9:8a:d5:30:92:7a:f4:d8:9e:d4:09:06:
b6:07:32:a0:04:41:02:3a:6a:f7:40:e9:76:5a:01:ce:cc:e2:
50:01:ec:ee:2f:2f:1d:b6:3d:ab:6b:b4:6a:30:69:52:1d:cf:
73:a2:62:2e:65:ef:91:a8:dd:a4:19:29:d6:2c:5a:ce:6f:03:
32:61:c5:3a:19:cc:70:f9:1f:72:fd:ab:c0:3d:5f:cc:7f:11:
ec:d2:bc:24:05:75:84:97:5c:5b:4f:bd:a3:c5:37:c5:cd:bc:
e3:97:c2:b0:5e:5e:13:7c:02:02:d2:32:5d:d0:d5:bc:08:e1:
c4:83:45:01:77:cb:17:8a:be:41:e1:41:3a:04:a9:87:95:6c:
84:12:e6:c9:47:fb:a6:b7:e2:35:16:15:b0:be:27:c2:f5:cf:
21:7f:35:f5:ff:4f:4b:34:47:1b:9f:8a:ee:4d:44:3e:17:da:
14:7d:2b:2e:dd:26:12:54:c6:3f:26:61:b2:82:ca:e6:df:10:
6a:32:63:83:8e:7f:60:ce:5f:85:41:fb:a6:24:1a:ff:95:52:
5d:88:f2:91:13:7b:c5:c6:d1:82:fb:3a:20:d6:6f:00:62:a2:
a3:49:06:7c:d5:c8:91:b9:4c:7f:0b:e5:89:30:f2:af:43:74:
44:99:01:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFX5x/CXXSDW+Cghx6rgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUwODIzMDQwMDEyWhcNMjUwODI0MDQwMDEyWjAzMTEwLwYDVQQD
EyhjNjRhNTc2OGNkNGIyZmY1NjNjMTI1MTdlOWU3YzM4MDM5ZmQxY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydTkF7ihbVuh8YFJAO/HjXLPQ3f2
GRA3igxeDv9TzbPCENqpXV6JZVS5YZzNMr4n/5glaAgrdG7XAgD7IxdQgpZGQ24x
bv0hCtjdbkdcsg03D22FzA33KkILTtcPrdxvtobgSWpCxri7+IitJWsKYGh/tD0q
boeuZhNai4cf4Wl3qAbfgXCzH2xkP6F3+LSNas637Av106ZqSpH4Q8PbXF6mVpnS
n8AUhhfztGut8rZgxV8O1Eez63kCq0VmqXE/w2BQM5+k0w1Vff9EddnuyajqgITR
Rh5rXODC7cMLO+tpFizTIzrDI4k3dtGwPbdB5VUyxvWA86yvw3OxgxYZuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZKV2jNSy/1Y8ElF+nnw4A5/RyyMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjZdXUDSc
2YrVMJJ69Nie1AkGtgcyoARBAjpq90DpdloBzsziUAHs7i8vHbY9q2u0ajBpUh3P
c6JiLmXvkajdpBkp1ixazm8DMmHFOhnMcPkfcv2rwD1fzH8R7NK8JAV1hJdcW0+9
o8U3xc2845fCsF5eE3wCAtIyXdDVvAjhxINFAXfLF4q+QeFBOgSph5VshBLmyUf7
prfiNRYVsL4nwvXPIX819f9PSzRHG5+K7k1EPhfaFH0rLt0mElTGPyZhsoLK5t8Q
ajJjg45/YM5fhUH7piQa/5VSXYjykRN7xcbRgvs6INZvAGKio0kGfNXIkblMfwvl
iTDyr0N0RJkB5w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:36:30 2025 by rpki-client