Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
File: 3dya0lC4XNOZSUZbZoGy8d8U1qM.mft (raw, json)
Hash identifier: 895XxBqegDd/jLORBubpwG/sVAHaMhbLobVkcDeCDJ0=
Subject key identifier: C8:CD:EA:18:E5:D7:56:2A:C8:10:48:A5:D0:66:6B:52:FC:F8:72:A0
Authority key identifier: DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3
Certificate issuer: /CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3
Certificate serial: 019A006BE2BF35F223FBC7BEDDFF53212FE3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
Manifest number: 05CA
Signing time: Mon 20 Oct 2025 07:01:01 +0000
Manifest this update: Mon 20 Oct 2025 07:01:01 +0000
Manifest next update: Tue 21 Oct 2025 07:01:01 +0000
Files and hashes: 1: 3dya0lC4XNOZSUZbZoGy8d8U1qM.crl (hash: zMJl+t72X5sihgrIoAg6aI0ueV8LASd+8BwWYsGWnvE=)
2: dA9DZPAABtlejc0G0adjQxYBv5c.roa (hash: 3UVeFl3N3ODI+QVLphkmL5y9dyL4Gw+YagDr/4SW4gs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:6b:e2:bf:35:f2:23:fb:c7:be:dd:ff:53:21:2f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3
Validity
Not Before: Oct 20 07:01:01 2025 GMT
Not After : Oct 21 07:01:01 2025 GMT
Subject: CN=c8cdea18e5d7562ac81048a5d0666b52fcf872a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a0:27:dc:41:e8:b5:34:68:10:50:75:0d:fa:
dc:00:23:16:9b:69:45:f6:85:bd:ad:8c:92:e8:3b:
1b:44:47:b5:f5:12:23:41:b2:92:b2:fa:88:2f:25:
88:f5:46:dd:fc:9f:6e:75:e5:84:f3:e4:72:c3:5f:
9a:dd:f6:78:c2:52:ec:cb:49:58:d6:ae:e2:46:ba:
07:03:b5:75:34:09:d1:d6:43:41:24:15:c5:36:e6:
30:2c:df:e5:15:2b:e7:0f:0f:8f:80:e5:ba:4e:c8:
16:ff:cd:d2:7d:7b:4f:14:28:d7:68:4f:42:18:b2:
d6:d7:57:4b:61:e8:7e:ab:d4:31:07:1d:b3:23:43:
83:e1:6e:ee:61:03:a9:c3:35:08:be:1e:a8:df:87:
a8:7a:18:f7:0e:a5:0d:df:23:1f:2d:35:b6:6e:d7:
85:58:5c:64:74:ba:5e:6a:db:c5:1e:95:8e:bc:b1:
5e:1a:77:ea:df:f1:36:0b:6f:4b:ba:06:14:a5:72:
05:6c:58:cf:ae:96:5e:e3:10:a9:fa:08:79:e6:5e:
c5:f0:06:6e:c2:cc:90:87:0f:0b:84:21:17:dc:d9:
1a:75:2b:9f:1d:87:8b:95:e0:db:bf:31:3e:4a:97:
63:8b:82:37:56:7f:22:e2:be:7e:e5:69:6c:3c:c3:
ed:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CD:EA:18:E5:D7:56:2A:C8:10:48:A5:D0:66:6B:52:FC:F8:72:A0
X509v3 Authority Key Identifier:
keyid:DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:89:57:35:85:e0:9b:40:a5:6f:fc:af:6b:e3:c1:33:c3:1e:
13:ef:31:55:7f:84:53:e6:08:40:15:4b:f0:6f:7b:bb:da:9a:
70:84:03:5a:f9:93:c0:4d:41:6d:99:89:ec:a6:e0:48:1f:28:
ae:6c:4c:46:70:6c:9e:54:9c:69:4f:0d:e8:f9:1f:86:dd:8f:
0b:64:b5:c3:c0:91:73:8c:ca:a3:4b:e1:63:7a:b6:ba:10:04:
e5:3d:44:a1:af:37:cc:65:aa:8f:31:e8:64:23:b1:1b:8d:38:
16:79:ac:a8:25:49:22:65:7e:54:7a:1d:ff:99:8b:3e:97:76:
36:63:6c:b4:1a:12:07:6b:72:4a:cf:3a:00:6b:24:7c:11:ea:
38:43:ed:f7:8d:50:d1:35:40:04:20:48:f5:d8:fb:71:e5:6f:
e9:cc:13:29:06:3b:47:a6:c3:6c:71:d9:83:bb:4b:64:6b:73:
04:2c:5d:75:32:af:77:0c:d0:2e:d2:f6:67:f4:19:d2:e5:7e:
e5:9f:12:83:5d:d9:df:e1:0a:d6:e2:0e:8f:72:82:1b:8c:06:
08:f5:1f:04:2f:45:f7:b9:d2:25:ad:ea:57:6a:48:fe:82:fd:
fe:15:2b:20:92:46:e6:db:63:39:88:00:7e:c1:62:dc:c4:f2:
b4:10:ac:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa+K/NfIj+8e+3f9TIS/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZGM5YWQyNTBiODVjZDM5OTQ5NDY1YjY2ODFiMmYxZGYx
NGQ2YTMwHhcNMjUxMDIwMDcwMTAxWhcNMjUxMDIxMDcwMTAxWjAzMTEwLwYDVQQD
EyhjOGNkZWExOGU1ZDc1NjJhYzgxMDQ4YTVkMDY2NmI1MmZjZjg3MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqAn3EHotTRoEFB1DfrcACMWm2lF
9oW9rYyS6DsbREe19RIjQbKSsvqILyWI9Ubd/J9udeWE8+Ryw1+a3fZ4wlLsy0lY
1q7iRroHA7V1NAnR1kNBJBXFNuYwLN/lFSvnDw+PgOW6TsgW/83SfXtPFCjXaE9C
GLLW11dLYeh+q9QxBx2zI0OD4W7uYQOpwzUIvh6o34eoehj3DqUN3yMfLTW2bteF
WFxkdLpeatvFHpWOvLFeGnfq3/E2C29LugYUpXIFbFjPrpZe4xCp+gh55l7F8AZu
wsyQhw8LhCEX3NkadSufHYeLleDbvzE+Spdji4I3Vn8i4r5+5WlsPMPtxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjN6hjl11YqyBBIpdBma1L8+HKgMB8GA1UdIwQY
MBaAFN3cmtJQuFzTmUlGW2aBsvHfFNajMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTct
MGQ0MzE4Y2E4YzU1LzEvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTctMGQ0MzE4Y2E4YzU1
LzEvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4lXNYXg
m0Clb/yva+PBM8MeE+8xVX+EU+YIQBVL8G97u9qacIQDWvmTwE1BbZmJ7KbgSB8o
rmxMRnBsnlScaU8N6Pkfht2PC2S1w8CRc4zKo0vhY3q2uhAE5T1Eoa83zGWqjzHo
ZCOxG404FnmsqCVJImV+VHod/5mLPpd2NmNstBoSB2tySs86AGskfBHqOEPt941Q
0TVABCBI9dj7ceVv6cwTKQY7R6bDbHHZg7tLZGtzBCxddTKvdwzQLtL2Z/QZ0uV+
5Z8Sg13Z3+EK1uIOj3KCG4wGCPUfBC9F97nSJa3qV2pI/oL9/hUrIJJG5ttjOYgA
fsFi3MTytBCsfA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:48:14 2025 by rpki-client