Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier: O/0GVsgPPcOJTmhcfHFbyWdRkqrC9pd3LC4DHLv7dT4=
Subject key identifier: 37:E9:85:FE:AD:3B:FB:F7:0E:B3:86:EC:AF:E2:42:77:77:78:D4:51
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial: 019A71EEED4C7029F4F9BA2F0AF1944C58C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number: 13A8
Signing time: Tue 11 Nov 2025 08:01:14 +0000
Manifest this update: Tue 11 Nov 2025 08:01:14 +0000
Manifest next update: Wed 12 Nov 2025 08:01:14 +0000
Files and hashes: 1: SIndVbkKUXy4BUQozeoniwpZDAY.roa (hash: w+S8wcJNHWfC84514ZDYZ2EFFwmdH9ulSWKDE7QHbmQ=)
2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: LOyz0VekF6aYgnsouLJ82O6F+MxS2QAqyFDHBp8qESI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ed:4c:70:29:f4:f9:ba:2f:0a:f1:94:4c:58:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Validity
Not Before: Nov 11 08:01:14 2025 GMT
Not After : Nov 12 08:01:14 2025 GMT
Subject: CN=37e985fead3bfbf70eb386ecafe242777778d451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2a:86:d3:56:12:98:3a:d8:40:f3:79:3b:98:
f0:5c:e8:a5:9a:b9:9b:63:1f:7a:75:d1:fa:c2:3c:
8b:46:1e:2a:55:d8:38:41:f7:21:1c:88:76:ca:2e:
3b:af:1c:4f:77:3a:49:1d:db:46:12:fe:57:65:d9:
16:0d:53:20:1a:77:e3:a1:66:21:18:f7:a7:9b:eb:
d9:c2:8b:e2:8e:c8:1d:da:19:b8:08:87:8f:44:de:
cd:8c:a2:36:f0:1a:08:2b:90:a1:59:25:d4:a0:0e:
77:31:c0:a0:a3:95:37:95:13:c6:cf:4d:62:6b:63:
95:8a:be:39:68:c5:79:c4:68:e7:94:80:1c:8f:2e:
66:f3:ce:ed:ed:0b:8b:4b:df:65:5b:3e:b2:1a:6a:
4c:dc:ee:a9:b8:e7:62:6f:f7:37:db:de:10:0c:89:
36:67:64:77:5f:0b:9d:04:9a:c5:16:f2:53:0e:0d:
7e:a8:f9:32:e7:43:20:b0:c6:8f:03:83:65:c7:54:
1c:ed:0a:e5:1b:cb:6d:30:cb:9a:ef:74:96:f3:1f:
64:34:c6:98:44:e6:85:b4:1e:de:33:96:66:b6:cb:
f7:e7:51:c6:59:cf:42:29:b4:ab:a0:c6:82:4d:74:
47:03:dd:b4:9e:8d:63:09:2a:bd:4f:5a:7d:04:ba:
97:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E9:85:FE:AD:3B:FB:F7:0E:B3:86:EC:AF:E2:42:77:77:78:D4:51
X509v3 Authority Key Identifier:
keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:2e:47:85:2b:79:f5:ce:68:35:0b:72:fe:00:36:a9:9c:4b:
46:42:3b:0b:98:0f:5f:c6:e1:40:d0:87:fe:bd:a9:67:1f:2d:
8e:3b:7f:b7:70:70:00:2f:67:fc:c3:9c:37:41:8c:f6:d7:d8:
09:9d:3f:14:a1:fa:9b:e6:45:3e:84:44:2c:98:7a:61:cd:88:
35:65:53:9a:90:cd:4b:7e:9c:2b:7f:55:25:a9:b3:b8:1e:ba:
88:46:08:59:88:db:0e:51:e6:cc:ad:72:f9:67:92:b3:b8:ec:
c5:5e:68:55:15:13:f0:e5:14:52:54:bf:fe:3c:e0:c4:aa:48:
af:66:96:c8:4e:db:a4:47:40:f5:95:66:fb:53:13:c1:ff:7f:
d1:c7:92:79:dc:2b:79:aa:3a:38:43:30:e1:49:a0:76:59:65:
52:8e:34:59:87:12:ac:a9:29:e6:09:9b:84:19:dc:31:84:95:
dd:df:28:2d:24:6b:df:ba:77:8c:99:fe:4f:0e:35:e4:5b:55:
83:14:78:a7:ac:c2:06:31:06:ab:6f:28:f9:5b:f5:43:ab:f4:
5a:c1:d0:09:d1:6c:30:7b:f1:b0:7b:81:50:62:a1:a2:5e:1b:
3f:ec:61:c9:16:86:cf:d6:21:6d:cb:74:e0:2c:c9:dc:c3:03:
e1:f9:81:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7u1McCn0+bovCvGUTFjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjUxMTExMDgwMTE0WhcNMjUxMTEyMDgwMTE0WjAzMTEwLwYDVQQD
EygzN2U5ODVmZWFkM2JmYmY3MGViMzg2ZWNhZmUyNDI3Nzc3NzhkNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyqG01YSmDrYQPN5O5jwXOilmrmb
Yx96ddH6wjyLRh4qVdg4QfchHIh2yi47rxxPdzpJHdtGEv5XZdkWDVMgGnfjoWYh
GPenm+vZwovijsgd2hm4CIePRN7NjKI28BoIK5ChWSXUoA53McCgo5U3lRPGz01i
a2OVir45aMV5xGjnlIAcjy5m887t7QuLS99lWz6yGmpM3O6puOdib/c3294QDIk2
Z2R3XwudBJrFFvJTDg1+qPky50MgsMaPA4Nlx1Qc7QrlG8ttMMua73SW8x9kNMaY
ROaFtB7eM5Zmtsv351HGWc9CKbSroMaCTXRHA920no1jCSq9T1p9BLqX1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfphf6tO/v3DrOG7K/iQnd3eNRRMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABi5HhSt5
9c5oNQty/gA2qZxLRkI7C5gPX8bhQNCH/r2pZx8tjjt/t3BwAC9n/MOcN0GM9tfY
CZ0/FKH6m+ZFPoRELJh6Yc2INWVTmpDNS36cK39VJamzuB66iEYIWYjbDlHmzK1y
+WeSs7jsxV5oVRUT8OUUUlS//jzgxKpIr2aWyE7bpEdA9ZVm+1MTwf9/0ceSedwr
eao6OEMw4UmgdlllUo40WYcSrKkp5gmbhBncMYSV3d8oLSRr37p3jJn+Tw415FtV
gxR4p6zCBjEGq28o+Vv1Q6v0WsHQCdFsMHvxsHuBUGKhol4bP+xhyRaGz9Yhbct0
4CzJ3MMD4fmBsQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:47 2025 by rpki-client