Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
File: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft (raw, json)
Hash identifier: Whe08TCGyJY7y1ya6OHMo/g/RHWQMfZgRqD0MXtd2JU=
Subject key identifier: 95:EF:B7:13:0E:34:6B:06:8F:CD:C3:42:63:D2:3C:DC:FB:F1:5A:2E
Authority key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Certificate issuer: /CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Certificate serial: 019A00350A101DE27FAF19637CC00C4AC029
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
Manifest number: 0EC5
Signing time: Mon 20 Oct 2025 06:01:07 +0000
Manifest this update: Mon 20 Oct 2025 06:01:07 +0000
Manifest next update: Tue 21 Oct 2025 06:01:07 +0000
Files and hashes: 1: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl (hash: 9Kv5ogGIcIgH3hcb4acrBj/xjf03rVKoOdikAK/1AUM=)
2: C9mugrtzW_-CpWlbrAzn7HLndJs.roa (hash: us/IF6tfe4s5IdJAAyc5z0B0e23waKBVaik+zvz/TyQ=)
3: yll503ISaq2wNzfEAk_Qb_MtGbg.roa (hash: LYtS+Gvc0u0aK5E+MP2oP4ZNnIbSc6rSwiTMseFfpYs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:0a:10:1d:e2:7f:af:19:63:7c:c0:0c:4a:c0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Validity
Not Before: Oct 20 06:01:07 2025 GMT
Not After : Oct 21 06:01:07 2025 GMT
Subject: CN=95efb7130e346b068fcdc34263d23cdcfbf15a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bc:43:e3:75:73:11:cf:8b:65:80:66:f3:f5:
b8:81:d9:ee:86:3d:06:e3:cf:5f:70:94:0e:fa:88:
c5:9b:8d:21:d4:0d:dc:ba:e4:b4:be:a5:64:69:bc:
82:5b:f0:33:6e:40:c4:0f:a5:d4:b8:e2:6c:16:ae:
0a:45:bd:af:a8:54:77:8d:95:62:e6:90:b6:21:7d:
11:99:d6:13:b3:e5:8c:e4:ab:02:ce:54:af:9a:f6:
44:4e:c5:d3:24:94:37:02:ee:1c:a9:45:b1:6c:e4:
92:1a:5e:23:4a:fd:83:8b:86:c0:91:66:b2:7d:fa:
d9:6b:e9:ef:18:ea:d0:eb:68:0c:62:00:04:ae:af:
0f:92:92:d4:35:ae:97:a3:a4:90:df:6b:5a:ad:58:
c0:96:06:f1:a8:05:54:2a:e6:80:0b:b1:50:32:4a:
32:7f:c1:6d:26:ef:11:c0:6e:f2:91:be:90:b5:6f:
24:c6:d0:38:f1:04:f4:b3:e4:c1:49:9d:dc:1e:1f:
fd:a7:72:41:8f:5b:f5:7a:d4:a0:78:78:30:92:df:
3d:90:af:a5:92:2f:9c:b6:25:f9:a2:27:16:3d:57:
ae:4d:f1:fa:ef:f2:c3:d0:7f:c7:32:04:a0:9d:ec:
5e:22:db:48:97:d2:3c:ff:2d:13:4f:ea:7b:27:c9:
c2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EF:B7:13:0E:34:6B:06:8F:CD:C3:42:63:D2:3C:DC:FB:F1:5A:2E
X509v3 Authority Key Identifier:
keyid:DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:d3:0c:2f:18:e0:52:4a:31:4a:a6:ec:f6:c6:a9:2d:d9:a5:
47:01:fe:9f:0b:55:ec:13:5c:7a:52:4c:e4:ea:d3:ae:ca:ca:
97:2f:ab:4d:85:fd:0e:6c:2b:36:56:92:34:72:4f:63:6f:7e:
e6:14:2d:53:9d:32:53:29:23:3a:5d:03:f1:f0:49:c8:1e:9e:
c1:17:8d:8e:8d:af:73:9f:a1:cc:3d:c6:b8:89:8d:0f:b8:46:
df:88:f8:b3:9e:ad:61:59:36:47:75:67:d4:12:97:ce:a0:58:
2f:da:f8:a4:ca:3a:a7:4c:80:d0:73:44:b2:b0:18:62:68:3f:
55:f6:d0:49:0b:33:55:2e:a0:c8:4b:ae:8a:99:93:4c:9e:3d:
1e:a1:64:19:c0:ad:7d:2c:1a:d2:6a:1a:7f:b6:a3:a3:dd:2b:
cc:c2:14:0c:87:d9:f6:9d:c1:df:bb:99:90:7e:5d:a2:5a:f9:
ce:b3:08:b7:6b:5d:ce:1b:c3:97:a9:70:de:d1:1d:bc:23:ee:
e9:b7:d6:73:1f:74:03:fd:6d:a1:ac:b2:69:17:9a:29:cd:07:
1e:bc:0f:9c:38:ca:4e:86:d3:62:51:75:8a:37:c6:d6:32:cf:
d3:54:48:72:85:e0:eb:d9:75:0c:35:2d:c6:fc:cb:fb:7c:a7:
62:93:07:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANQoQHeJ/rxljfMAMSsApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjkxNzY0NWQ5ZDIyMDQzNWY5MWM3ZTQ2YzgxMTBjZjg5
YWNiZTQwHhcNMjUxMDIwMDYwMTA3WhcNMjUxMDIxMDYwMTA3WjAzMTEwLwYDVQQD
Eyg5NWVmYjcxMzBlMzQ2YjA2OGZjZGMzNDI2M2QyM2NkY2ZiZjE1YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLxD43VzEc+LZYBm8/W4gdnuhj0G
489fcJQO+ojFm40h1A3cuuS0vqVkabyCW/AzbkDED6XUuOJsFq4KRb2vqFR3jZVi
5pC2IX0RmdYTs+WM5KsCzlSvmvZETsXTJJQ3Au4cqUWxbOSSGl4jSv2Di4bAkWay
ffrZa+nvGOrQ62gMYgAErq8PkpLUNa6Xo6SQ32tarVjAlgbxqAVUKuaAC7FQMkoy
f8FtJu8RwG7ykb6QtW8kxtA48QT0s+TBSZ3cHh/9p3JBj1v1etSgeHgwkt89kK+l
ki+ctiX5oicWPVeuTfH67/LD0H/HMgSgnexeIttIl9I8/y0TT+p7J8nCPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXvtxMONGsGj83DQmPSPNz78VouMB8GA1UdIwQY
MBaAFNxpF2RdnSIENfkcfkbIEQz4msvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2Et
NDI4YmU5MDA4ZmJhLzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2EtNDI4YmU5MDA4ZmJh
LzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH9MMLxjg
UkoxSqbs9sapLdmlRwH+nwtV7BNcelJM5OrTrsrKly+rTYX9DmwrNlaSNHJPY29+
5hQtU50yUykjOl0D8fBJyB6ewReNjo2vc5+hzD3GuImND7hG34j4s56tYVk2R3Vn
1BKXzqBYL9r4pMo6p0yA0HNEsrAYYmg/VfbQSQszVS6gyEuuipmTTJ49HqFkGcCt
fSwa0moaf7ajo90rzMIUDIfZ9p3B37uZkH5dolr5zrMIt2tdzhvDl6lw3tEdvCPu
6bfWcx90A/1toayyaReaKc0HHrwPnDjKTobTYlF1ijfG1jLP01RIcoXg69l1DDUt
xvzL+3ynYpMHCw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:45:55 2025 by rpki-client