Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
File: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft (raw, json)
Hash identifier: fyYfimXD15wCh7v9zVZwd9eZnhLmX1cSPJneHK7J/1w=
Subject key identifier: 2D:88:52:A3:DA:5E:6A:A7:3E:59:56:0F:99:18:D8:33:E4:DC:7D:98
Authority key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Certificate issuer: /CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Certificate serial: 0198D4E017A7901C4BB7A1BAD357456F955E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
Manifest number: 0E2A
Signing time: Sat 23 Aug 2025 03:01:52 +0000
Manifest this update: Sat 23 Aug 2025 03:01:52 +0000
Manifest next update: Sun 24 Aug 2025 03:01:52 +0000
Files and hashes: 1: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl (hash: 75k7fdF6QK2yN9SwTUOuKwpEzyAZOQuvpOoChDfztXA=)
2: C9mugrtzW_-CpWlbrAzn7HLndJs.roa (hash: us/IF6tfe4s5IdJAAyc5z0B0e23waKBVaik+zvz/TyQ=)
3: yll503ISaq2wNzfEAk_Qb_MtGbg.roa (hash: LYtS+Gvc0u0aK5E+MP2oP4ZNnIbSc6rSwiTMseFfpYs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:e0:17:a7:90:1c:4b:b7:a1:ba:d3:57:45:6f:95:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Validity
Not Before: Aug 23 03:01:52 2025 GMT
Not After : Aug 24 03:01:52 2025 GMT
Subject: CN=2d8852a3da5e6aa73e59560f9918d833e4dc7d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7c:c7:80:f8:ba:69:4c:42:ca:d9:bf:89:e9:
03:2a:df:8b:af:93:2d:c8:5a:00:ee:ca:a8:df:6d:
eb:e5:3a:35:62:0a:ad:fb:b0:6e:97:8f:68:5d:50:
13:f1:78:d3:06:d7:82:13:c1:f4:a1:03:ee:f3:b9:
8c:59:10:6e:12:61:81:55:bf:72:f5:23:89:ba:f6:
c7:a5:3a:16:f4:7b:ba:40:c9:46:90:96:29:f2:6b:
1d:72:f2:5e:4e:62:eb:11:51:7a:ee:0f:b5:be:6d:
7c:c6:75:33:c0:bf:03:77:7b:b8:88:13:bc:0d:88:
52:be:1e:14:aa:3c:df:a5:b8:a1:d7:2f:ef:15:21:
33:11:36:bf:0a:80:15:0f:bd:93:ec:3d:00:68:1f:
6d:b2:27:04:92:12:f3:0a:a4:aa:f4:7e:5e:25:07:
fe:e1:c5:b7:9d:f2:74:e0:c4:3d:01:68:70:70:8e:
60:c9:c5:88:d8:1f:5c:2a:64:39:ea:78:49:87:b8:
49:0c:7c:12:47:c0:e6:ff:df:ee:88:0d:a4:6b:e3:
d6:7d:4b:81:81:ef:70:69:5f:cd:6c:d5:6c:0d:6e:
c2:4a:39:8d:ed:db:e2:83:38:5b:5c:d9:45:f6:56:
56:d8:90:cc:a8:fe:d6:d6:60:aa:ae:80:ca:b2:18:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:88:52:A3:DA:5E:6A:A7:3E:59:56:0F:99:18:D8:33:E4:DC:7D:98
X509v3 Authority Key Identifier:
keyid:DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:55:ba:6d:71:b7:62:3e:2a:8a:93:cd:64:8e:10:93:36:ec:
ae:bf:be:c9:00:c3:51:0c:2e:6e:84:b4:3c:25:84:38:b5:7c:
de:03:32:ca:25:77:d8:98:01:bc:c6:5a:26:e7:15:b5:f4:bd:
0d:a7:9a:d2:24:2c:6c:53:1a:65:f9:14:35:00:98:af:81:f4:
88:a7:c6:8e:26:90:a9:19:47:43:ee:8c:91:d0:43:7b:b6:ee:
76:e2:c5:0f:ab:d5:40:38:95:3d:08:a6:bd:5d:27:52:28:fb:
aa:30:cd:7e:52:08:55:8d:a8:98:3d:66:13:5b:39:27:85:bb:
b0:3e:13:aa:87:15:cc:8f:b8:89:b5:af:ab:3e:44:64:af:78:
ec:4f:a0:4b:2c:a3:37:90:c9:57:8e:2a:58:b7:e5:b3:4d:8f:
9a:9a:51:48:e3:de:5d:ee:cb:61:5d:87:97:38:58:53:9e:6e:
6e:61:cd:a6:8e:6c:f5:a5:38:2e:f7:9e:de:34:ba:64:86:66:
3e:be:e5:64:16:98:0d:1f:07:9b:99:60:4b:0b:cf:99:1f:14:
0a:82:e9:32:2d:f3:e2:6c:d4:1e:81:80:d4:c1:f9:9a:de:74:
10:53:36:c1:f0:e1:81:5a:0b:16:94:78:98:c3:d0:31:72:ba:
5b:68:24:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4BenkBxLt6G601dFb5VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjkxNzY0NWQ5ZDIyMDQzNWY5MWM3ZTQ2YzgxMTBjZjg5
YWNiZTQwHhcNMjUwODIzMDMwMTUyWhcNMjUwODI0MDMwMTUyWjAzMTEwLwYDVQQD
EygyZDg4NTJhM2RhNWU2YWE3M2U1OTU2MGY5OTE4ZDgzM2U0ZGM3ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3zHgPi6aUxCytm/iekDKt+Lr5Mt
yFoA7sqo323r5To1Ygqt+7Bul49oXVAT8XjTBteCE8H0oQPu87mMWRBuEmGBVb9y
9SOJuvbHpToW9Hu6QMlGkJYp8msdcvJeTmLrEVF67g+1vm18xnUzwL8Dd3u4iBO8
DYhSvh4Uqjzfpbih1y/vFSEzETa/CoAVD72T7D0AaB9tsicEkhLzCqSq9H5eJQf+
4cW3nfJ04MQ9AWhwcI5gycWI2B9cKmQ56nhJh7hJDHwSR8Dm/9/uiA2ka+PWfUuB
ge9waV/NbNVsDW7CSjmN7dvigzhbXNlF9lZW2JDMqP7W1mCqroDKshjnwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2IUqPaXmqnPllWD5kY2DPk3H2YMB8GA1UdIwQY
MBaAFNxpF2RdnSIENfkcfkbIEQz4msvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2Et
NDI4YmU5MDA4ZmJhLzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTQ0YTctZDU1Ni00NzAxLTk1N2EtNDI4YmU5MDA4ZmJh
LzEvM0drWFpGMmRJZ1ExLVJ4LVJzZ1JEUGlheS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhFW6bXG3
Yj4qipPNZI4Qkzbsrr++yQDDUQwuboS0PCWEOLV83gMyyiV32JgBvMZaJucVtfS9
Daea0iQsbFMaZfkUNQCYr4H0iKfGjiaQqRlHQ+6MkdBDe7buduLFD6vVQDiVPQim
vV0nUij7qjDNflIIVY2omD1mE1s5J4W7sD4TqocVzI+4ibWvqz5EZK947E+gSyyj
N5DJV44qWLfls02PmppRSOPeXe7LYV2HlzhYU55ubmHNpo5s9aU4Lvee3jS6ZIZm
Pr7lZBaYDR8Hm5lgSwvPmR8UCoLpMi3z4mzUHoGA1MH5mt50EFM2wfDhgVoLFpR4
mMPQMXK6W2gk5w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:48:53 2025 by rpki-client