
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json)
Hash identifier: 6qd8a5GO0z1ofR4yiNBNhQXBCbeLt0WGuqfAIiVl0eI=
Subject key identifier: 42:C6:83:F0:44:E9:E5:3F:01:1A:A9:42:6B:A6:FC:93:C7:71:16:86
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 0199FC2181A8215F0F5077B7E51138A11518
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
Manifest number: 16E3
Signing time: Sun 19 Oct 2025 11:01:18 +0000
Manifest this update: Sun 19 Oct 2025 11:01:18 +0000
Manifest next update: Mon 20 Oct 2025 11:01:18 +0000
Files and hashes: 1: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (hash: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=)
2: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: WS/wlRegEXF7djjHts7DOOn2NCCkEp7juDxdESF4XcI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:81:a8:21:5f:0f:50:77:b7:e5:11:38:a1:15:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Oct 19 11:01:18 2025 GMT
Not After : Oct 20 11:01:18 2025 GMT
Subject: CN=42c683f044e9e53f011aa9426ba6fc93c7711686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b5:45:99:13:bd:cb:68:f3:ab:9f:6d:1a:8c:
91:88:bb:34:69:c6:4c:56:e4:9f:e1:1a:de:4f:01:
b6:7c:8d:0d:8d:1f:9b:e1:d2:3b:ed:67:c9:68:4f:
da:8c:5f:88:bf:6d:63:4d:89:be:30:3c:da:2d:58:
df:b9:c1:ea:7c:3d:e9:98:70:8d:a9:fa:3c:fc:a9:
c1:57:f5:a7:e3:13:32:0a:a7:3a:5d:d1:14:9e:ec:
dd:6f:20:54:5d:0f:96:61:8c:4f:55:07:07:83:9b:
0e:f5:47:da:02:1c:38:6a:be:ee:47:08:66:82:4e:
2f:46:27:77:23:50:fa:cc:73:02:9f:97:31:54:c6:
25:7c:fb:69:0c:b4:f3:ad:1c:9f:b4:99:3b:49:07:
74:dc:8e:0d:75:e5:48:5a:7f:e5:7b:d6:bc:fb:a9:
50:b6:03:2b:a1:99:4f:82:13:c8:3f:72:88:31:3f:
cf:4e:e2:8b:53:95:dd:50:24:59:a7:95:30:19:a0:
df:15:10:1a:3d:61:50:33:5b:4b:36:b5:7a:55:2c:
8a:e6:2d:64:99:43:fb:4f:93:07:6e:34:e0:31:32:
ba:c1:7e:19:01:50:98:e5:61:91:d4:7f:d4:97:4f:
09:af:75:ec:ed:85:25:0d:d6:c1:a0:bf:0d:47:df:
da:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C6:83:F0:44:E9:E5:3F:01:1A:A9:42:6B:A6:FC:93:C7:71:16:86
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:d0:68:a5:1e:09:f6:f4:12:53:30:5c:10:31:60:fe:69:f6:
f6:dc:b8:05:be:b4:b3:4a:17:a5:1b:5e:c6:36:53:84:e0:cc:
c2:74:ef:60:36:58:1b:b7:fb:be:65:ab:9a:67:a8:6a:e9:0c:
05:c0:d3:da:45:6c:be:dc:2b:a3:23:03:80:23:35:ac:b8:ad:
2d:ad:c6:1b:9a:84:91:35:83:53:0c:b0:e0:fe:74:b3:2d:27:
be:a7:a6:46:18:58:32:06:c2:f8:00:07:14:5b:d2:b1:75:49:
fd:6f:55:5a:78:64:2f:08:98:27:b3:f9:fb:3f:97:4a:ef:24:
0d:c4:58:b6:1e:ee:7b:26:b1:bc:1d:2d:c7:78:5e:c4:20:ed:
1b:b5:22:c2:53:5a:32:ac:8b:03:87:e8:b1:74:18:7c:2a:76:
14:7b:7d:80:71:b9:30:c5:09:7d:ab:4b:83:c5:4a:a5:e7:09:
5c:80:b5:32:4b:f9:2f:e1:ea:2b:bb:32:d7:ec:24:d5:d8:cd:
d1:dc:e8:dd:1f:25:4d:2c:46:a3:56:bb:5a:46:63:dc:4b:95:
53:1d:55:a3:1d:cf:84:e4:fa:67:24:49:d9:be:92:11:ae:12:
08:2e:e2:c5:c1:4e:2c:e1:e0:bd:81:98:c5:1b:58:89:f8:bd:
25:b8:a2:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IYGoIV8PUHe35RE4oRUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjUxMDE5MTEwMTE4WhcNMjUxMDIwMTEwMTE4WjAzMTEwLwYDVQQD
Eyg0MmM2ODNmMDQ0ZTllNTNmMDExYWE5NDI2YmE2ZmM5M2M3NzExNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bVFmRO9y2jzq59tGoyRiLs0acZM
VuSf4RreTwG2fI0NjR+b4dI77WfJaE/ajF+Iv21jTYm+MDzaLVjfucHqfD3pmHCN
qfo8/KnBV/Wn4xMyCqc6XdEUnuzdbyBUXQ+WYYxPVQcHg5sO9UfaAhw4ar7uRwhm
gk4vRid3I1D6zHMCn5cxVMYlfPtpDLTzrRyftJk7SQd03I4NdeVIWn/le9a8+6lQ
tgMroZlPghPIP3KIMT/PTuKLU5XdUCRZp5UwGaDfFRAaPWFQM1tLNrV6VSyK5i1k
mUP7T5MHbjTgMTK6wX4ZAVCY5WGR1H/Ul08Jr3Xs7YUlDdbBoL8NR9/avwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELGg/BE6eU/ARqpQmum/JPHcRaGMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAktBopR4J
9vQSUzBcEDFg/mn29ty4Bb60s0oXpRtexjZThODMwnTvYDZYG7f7vmWrmmeoaukM
BcDT2kVsvtwroyMDgCM1rLitLa3GG5qEkTWDUwyw4P50sy0nvqemRhhYMgbC+AAH
FFvSsXVJ/W9VWnhkLwiYJ7P5+z+XSu8kDcRYth7ueyaxvB0tx3hexCDtG7UiwlNa
MqyLA4fosXQYfCp2FHt9gHG5MMUJfatLg8VKpecJXIC1Mkv5L+HqK7sy1+wk1djN
0dzo3R8lTSxGo1a7WkZj3EuVUx1Vox3PhOT6ZyRJ2b6SEa4SCC7ixcFOLOHgvYGY
xRtYifi9JbiicA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:37 2025 by rpki-client