Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
File: 3XGhKciwiZWUIZnqbRsigmU1DQs.mft (raw, json)
Hash identifier: SIpQo2oHU+flftDHDOnpMPYSuclBkwlSzqaOKYttYTo=
Subject key identifier: 32:2E:3D:7C:25:F9:7E:B7:55:C5:A3:E1:AF:76:32:11:A7:8B:44:02
Authority key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
Certificate issuer: /CN=dd71a129c8b08995942199ea6d1b228265350d0b
Certificate serial: 0199FC8F5938759DDED23FF09825860CC6C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
Manifest number: 16E1
Signing time: Sun 19 Oct 2025 13:01:16 +0000
Manifest this update: Sun 19 Oct 2025 13:01:16 +0000
Manifest next update: Mon 20 Oct 2025 13:01:16 +0000
Files and hashes: 1: 3XGhKciwiZWUIZnqbRsigmU1DQs.crl (hash: HXgW4VN762knYSnZTTuSNg785piksnDOGu/+mwAD9Xk=)
2: OwG4_h94ip7CzANECDf39dfwNGk.roa (hash: XIXqYD1CZdADAiBPHja+pimegzmDxikS2efUTrBV4t8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:59:38:75:9d:de:d2:3f:f0:98:25:86:0c:c6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd71a129c8b08995942199ea6d1b228265350d0b
Validity
Not Before: Oct 19 13:01:16 2025 GMT
Not After : Oct 20 13:01:16 2025 GMT
Subject: CN=322e3d7c25f97eb755c5a3e1af763211a78b4402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c8:96:e6:e5:7e:43:c5:9b:48:d3:a5:9d:39:
d1:c0:61:a5:19:6a:ed:09:7a:fc:cd:e6:c8:61:72:
db:64:6a:a1:e7:04:77:57:58:77:6c:0b:5b:2a:04:
95:54:15:8d:41:c0:eb:84:cd:15:9a:cc:d1:2c:38:
8d:a1:7a:ec:f2:a2:de:8f:97:64:87:fc:d8:5e:a8:
82:89:37:10:d3:b6:52:55:9a:03:d6:e9:60:9d:14:
7b:61:69:83:5e:4c:80:f9:19:22:fb:9c:dd:be:cc:
15:5a:0c:d0:d9:04:c8:ee:73:f5:54:7d:fb:72:a7:
6c:5c:8c:fa:c8:19:91:14:d3:cd:00:78:c4:5f:2c:
e5:d8:d8:89:ff:ba:de:0b:39:9d:0f:07:0e:72:14:
be:8e:13:4f:80:1a:ce:63:be:c0:d4:e5:9d:06:cd:
18:f0:8b:7e:55:4a:02:4d:59:2a:c5:97:6b:97:34:
a0:35:3b:a1:5f:9b:ef:b4:dc:3b:7e:1e:93:d1:fd:
9a:24:77:20:15:12:25:76:95:a5:eb:eb:a8:78:81:
ab:4e:5f:70:f4:04:d3:0a:ef:1b:94:01:4f:00:30:
75:74:28:39:89:53:93:55:04:f2:e4:ee:e1:e1:23:
c8:c2:df:ca:8c:50:4b:ed:b7:eb:a1:f3:41:19:40:
12:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:2E:3D:7C:25:F9:7E:B7:55:C5:A3:E1:AF:76:32:11:A7:8B:44:02
X509v3 Authority Key Identifier:
keyid:DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:de:d3:7f:4b:01:77:09:11:43:e5:66:5b:50:9e:b5:a8:95:
9d:94:3b:1a:c7:67:f4:d2:85:26:13:a3:21:ea:4b:d0:d1:2b:
e1:02:03:28:cb:ae:96:e4:cf:89:15:97:90:4a:fb:d7:c1:f4:
5e:51:d7:65:37:d8:91:0d:ac:a5:f8:52:b3:cd:00:e5:03:9d:
98:fb:21:fb:34:a2:10:ff:d7:ec:fe:76:a2:7b:f1:99:45:28:
c6:da:0a:5f:91:fc:62:2d:9d:46:d3:40:43:64:85:a4:7c:c2:
8e:48:14:39:6e:d2:19:49:63:8e:8b:2e:49:f6:cb:b5:33:a4:
ba:9b:b4:43:c4:3e:bf:83:6a:4e:68:f4:e1:47:56:4b:4f:18:
2f:03:d8:a9:cf:84:2e:3f:7e:9b:44:36:2b:1c:4f:46:3b:0c:
f9:c2:12:bf:c3:54:a9:ac:97:cf:10:87:09:5e:bc:44:1d:2d:
b5:f3:86:ee:24:4b:9c:3f:75:ad:44:ad:ac:50:d8:0a:40:8c:
02:35:9f:c6:04:3e:88:c4:d0:92:83:46:42:73:56:27:94:c1:
5f:53:7a:26:e5:4f:ad:26:5e:b8:87:29:97:3b:32:c0:31:21:
0e:31:21:dd:41:ba:28:23:89:5e:2d:67:ac:2e:67:9e:1c:16:
89:a6:9a:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j1k4dZ3e0j/wmCWGDMbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzFhMTI5YzhiMDg5OTU5NDIxOTllYTZkMWIyMjgyNjUz
NTBkMGIwHhcNMjUxMDE5MTMwMTE2WhcNMjUxMDIwMTMwMTE2WjAzMTEwLwYDVQQD
EygzMjJlM2Q3YzI1Zjk3ZWI3NTVjNWEzZTFhZjc2MzIxMWE3OGI0NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MiW5uV+Q8WbSNOlnTnRwGGlGWrt
CXr8zebIYXLbZGqh5wR3V1h3bAtbKgSVVBWNQcDrhM0VmszRLDiNoXrs8qLej5dk
h/zYXqiCiTcQ07ZSVZoD1ulgnRR7YWmDXkyA+Rki+5zdvswVWgzQ2QTI7nP1VH37
cqdsXIz6yBmRFNPNAHjEXyzl2NiJ/7reCzmdDwcOchS+jhNPgBrOY77A1OWdBs0Y
8It+VUoCTVkqxZdrlzSgNTuhX5vvtNw7fh6T0f2aJHcgFRIldpWl6+uoeIGrTl9w
9ATTCu8blAFPADB1dCg5iVOTVQTy5O7h4SPIwt/KjFBL7bfrofNBGUASFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIuPXwl+X63VcWj4a92MhGni0QCMB8GA1UdIwQY
MBaAFN1xoSnIsImVlCGZ6m0bIoJlNQ0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYt
YzBkOGM4NjY4OTNmLzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYtYzBkOGM4NjY4OTNm
LzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMt7Tf0sB
dwkRQ+VmW1CetaiVnZQ7Gsdn9NKFJhOjIepL0NEr4QIDKMuuluTPiRWXkEr718H0
XlHXZTfYkQ2spfhSs80A5QOdmPsh+zSiEP/X7P52onvxmUUoxtoKX5H8Yi2dRtNA
Q2SFpHzCjkgUOW7SGUljjosuSfbLtTOkupu0Q8Q+v4NqTmj04UdWS08YLwPYqc+E
Lj9+m0Q2KxxPRjsM+cISv8NUqayXzxCHCV68RB0ttfOG7iRLnD91rUStrFDYCkCM
AjWfxgQ+iMTQkoNGQnNWJ5TBX1N6JuVPrSZeuIcplzsywDEhDjEh3UG6KCOJXi1n
rC5nnhwWiaaaSA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:53:57 2025 by rpki-client