Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
File: 3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json)
Hash identifier: AUWYCdDWx0Xyfa0ToIYns4AjSRvyDBqukVycOXqcVPc=
Subject key identifier: 47:F8:00:FC:A7:AD:9F:6D:1B:61:74:6B:B0:89:15:FC:08:73:38:8D
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial: 0199FB7CAB69CAEB15448D1019C491EC10CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
Manifest number: 1011
Signing time: Sun 19 Oct 2025 08:01:15 +0000
Manifest this update: Sun 19 Oct 2025 08:01:15 +0000
Manifest next update: Mon 20 Oct 2025 08:01:15 +0000
Files and hashes: 1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: +aQaYPyFLIioOO0w446//5mRsXJIerYOnPoCABPK0Mk=)
2: ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa (hash: YFHfAWvmuV1pyKRAlUfEUWxi+ZLKrTZD/d9TC0Av1JQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:ab:69:ca:eb:15:44:8d:10:19:c4:91:ec:10:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Validity
Not Before: Oct 19 08:01:15 2025 GMT
Not After : Oct 20 08:01:15 2025 GMT
Subject: CN=47f800fca7ad9f6d1b61746bb08915fc0873388d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:70:6a:2c:e7:01:28:d2:2a:d6:a7:d7:0e:8b:
5b:de:22:37:79:14:26:30:9d:2f:bf:d0:6c:17:4c:
d6:bc:46:0a:48:9c:9d:1c:30:f6:08:b7:93:e2:40:
c5:05:6b:1a:29:03:11:4a:53:70:14:ec:6d:fe:94:
d4:5d:ff:30:26:b7:d1:27:e3:52:2d:38:30:e1:ab:
f5:bf:4a:05:dc:c3:42:79:c3:68:f6:5e:1a:ba:b3:
05:fb:04:56:b6:ea:0c:36:93:2e:7f:22:de:0f:a2:
bf:82:0a:b3:89:39:8b:ff:1e:cc:ac:ca:db:da:f8:
45:b9:22:c8:6f:c1:13:f2:a6:b6:cd:e3:61:f5:f6:
ca:3e:67:b9:5b:70:13:fb:3e:6f:e9:5e:01:ef:73:
38:90:c3:ce:9e:87:43:a4:0e:12:d0:33:91:d6:e4:
fb:07:93:0d:1c:b6:c3:4e:ad:dd:69:01:31:82:cb:
aa:15:a1:32:60:20:2a:71:d0:1a:3c:c9:4d:42:1d:
bc:b2:60:b7:75:7f:47:f7:cc:1c:5d:b1:ce:13:7f:
e9:58:99:3a:85:3c:2c:93:bd:03:34:14:1e:3f:56:
e8:4e:74:f3:82:9b:d7:44:ed:51:94:2e:f4:d4:e9:
7f:1e:31:2d:cf:9d:09:ea:be:0f:dd:2c:8c:24:13:
12:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F8:00:FC:A7:AD:9F:6D:1B:61:74:6B:B0:89:15:FC:08:73:38:8D
X509v3 Authority Key Identifier:
keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:65:41:20:20:b7:75:60:e3:cd:e3:19:d9:51:3c:06:49:f7:
0f:38:c2:04:9d:3a:15:34:41:e9:ce:a6:e6:e4:46:15:bc:65:
cb:6c:74:b7:92:41:2a:03:49:cc:a7:53:e3:5c:ce:7d:8c:97:
bd:28:09:59:c5:43:1d:28:3e:95:19:83:a9:76:6c:f5:a0:7b:
b5:d0:d6:c9:c4:75:3f:98:6b:80:28:63:28:13:aa:82:04:28:
9d:a7:cd:81:f3:23:10:35:67:29:cf:c6:f4:fb:65:de:05:b0:
f2:b2:8d:8f:a5:bd:c2:f0:75:7b:3e:10:74:3b:9c:67:13:43:
31:07:82:c9:fa:b9:57:2a:d5:8d:1c:ec:3e:dd:ba:e5:aa:dd:
74:8b:6c:51:79:05:f2:06:38:03:c9:b3:c3:08:2f:aa:f9:ea:
73:91:30:e3:37:81:9d:bb:97:23:77:02:35:0a:ff:ef:0c:4b:
26:de:b6:93:4e:57:d1:b1:1d:15:c9:37:cb:4b:b9:5a:d5:23:
74:f7:4d:86:75:10:07:d9:dc:eb:fc:59:b6:87:4f:54:7a:6e:
d3:3e:6e:45:7f:b9:dc:3d:2d:68:c9:d8:99:b1:18:5f:bf:16:
34:d5:2b:33:93:b4:e4:8e:f0:4e:05:31:b7:92:b8:5a:50:73:
0a:c7:ca:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fKtpyusVRI0QGcSR7BDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw
MDJhMmEwHhcNMjUxMDE5MDgwMTE1WhcNMjUxMDIwMDgwMTE1WjAzMTEwLwYDVQQD
Eyg0N2Y4MDBmY2E3YWQ5ZjZkMWI2MTc0NmJiMDg5MTVmYzA4NzMzODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHBqLOcBKNIq1qfXDotb3iI3eRQm
MJ0vv9BsF0zWvEYKSJydHDD2CLeT4kDFBWsaKQMRSlNwFOxt/pTUXf8wJrfRJ+NS
LTgw4av1v0oF3MNCecNo9l4aurMF+wRWtuoMNpMufyLeD6K/ggqziTmL/x7MrMrb
2vhFuSLIb8ET8qa2zeNh9fbKPme5W3AT+z5v6V4B73M4kMPOnodDpA4S0DOR1uT7
B5MNHLbDTq3daQExgsuqFaEyYCAqcdAaPMlNQh28smC3dX9H98wcXbHOE3/pWJk6
hTwsk70DNBQeP1boTnTzgpvXRO1RlC701Ol/HjEtz50J6r4P3SyMJBMSOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEf4APynrZ9tG2F0a7CJFfwIcziNMB8GA1UdIwQY
MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt
ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1
LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEWVBICC3
dWDjzeMZ2VE8Bkn3DzjCBJ06FTRB6c6m5uRGFbxly2x0t5JBKgNJzKdT41zOfYyX
vSgJWcVDHSg+lRmDqXZs9aB7tdDWycR1P5hrgChjKBOqggQonafNgfMjEDVnKc/G
9Ptl3gWw8rKNj6W9wvB1ez4QdDucZxNDMQeCyfq5VyrVjRzsPt265arddItsUXkF
8gY4A8mzwwgvqvnqc5Ew4zeBnbuXI3cCNQr/7wxLJt62k05X0bEdFck3y0u5WtUj
dPdNhnUQB9nc6/xZtodPVHpu0z5uRX+53D0taMnYmbEYX78WNNUrM5O05I7wTgUx
t5K4WlBzCsfKFw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:33:49 2025 by rpki-client