Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
File: urwezBf2YNW9ieFhZ7nVAxv2oMs.mft (raw, json)
Hash identifier: DkMtCYEGkOMpCDOGO2a/0mGpsFia3YdCul7tJwkHJWc=
Subject key identifier: 00:F5:25:2A:98:DA:C5:89:28:9A:92:93:E3:86:0E:DD:1C:79:B8:96
Authority key identifier: BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
Certificate issuer: /CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Certificate serial: 019A72CA48F0FFFF1668AF7CB9896D10162A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
Manifest number: 0A86
Signing time: Tue 11 Nov 2025 12:00:50 +0000
Manifest this update: Tue 11 Nov 2025 12:00:50 +0000
Manifest next update: Wed 12 Nov 2025 12:00:50 +0000
Files and hashes: 1: 2mA9oJ3ejOWgdJjYgfXkHnMZSOY.roa (hash: rFBnJEg4/3ovWS1Mn/GxMWwNkECurmsywX62nk463FU=)
2: urwezBf2YNW9ieFhZ7nVAxv2oMs.crl (hash: 7Udk8N1EIoTnUMddv4KFIvVOY4Iw8O37BvUoc9mJtsU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:48:f0:ff:ff:16:68:af:7c:b9:89:6d:10:16:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Validity
Not Before: Nov 11 12:00:50 2025 GMT
Not After : Nov 12 12:00:50 2025 GMT
Subject: CN=00f5252a98dac589289a9293e3860edd1c79b896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:01:f9:21:e7:2c:d8:a5:36:93:17:41:1b:9b:
ab:12:0f:8c:81:b5:76:15:b2:32:5f:dd:99:81:e3:
80:23:48:54:8d:ac:f2:ea:d6:d0:5c:22:b6:ac:f4:
40:18:0b:9e:6a:db:bf:9f:06:09:ae:d7:84:9b:69:
4c:6d:33:0f:9e:2b:47:88:b0:43:8e:26:70:a3:5f:
b2:ee:5a:6a:8a:0e:db:5a:e1:36:7d:59:a7:a9:cf:
db:88:9b:6e:c1:2c:b6:4b:00:11:cc:85:e5:f1:67:
a7:5d:fc:9e:1e:a6:d6:25:e0:25:1f:f3:bc:d7:1f:
35:20:b7:8f:d8:6f:b6:1d:7f:2e:af:55:a6:80:46:
4d:f5:23:2b:72:fe:61:86:a8:28:d3:54:3e:d6:60:
a0:f3:71:d5:8b:2c:37:42:6f:27:50:8d:31:83:0a:
1b:78:cb:af:57:72:37:e3:02:8a:b4:3d:bf:f3:11:
4d:3d:d1:77:e2:7d:b9:95:65:bc:aa:7a:62:96:fe:
c6:9c:da:8a:11:dd:41:71:e3:a7:f0:5e:62:f4:ec:
70:b7:76:4f:ae:2e:4f:bf:3b:83:e4:9d:5c:d3:13:
aa:74:4e:f1:25:30:58:f8:5e:3c:1e:32:76:52:74:
28:f2:c1:05:6f:a0:25:13:53:1c:1c:55:85:3f:53:
ea:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F5:25:2A:98:DA:C5:89:28:9A:92:93:E3:86:0E:DD:1C:79:B8:96
X509v3 Authority Key Identifier:
keyid:BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:30:79:1e:bb:52:d0:e4:c1:eb:1e:68:b3:6f:a8:40:8f:19:
e8:48:d5:12:a8:0b:c7:8a:05:99:5c:b5:7d:f5:b9:8a:98:09:
ec:bb:bc:c6:39:0a:ef:19:30:84:5b:b8:17:71:0b:3a:0c:d8:
0f:96:04:52:8f:cc:0f:75:5d:95:98:7e:91:73:ac:c6:6b:f4:
99:3a:8c:c3:03:eb:32:bc:2b:93:08:b0:9b:bb:62:a9:d6:98:
dc:1b:69:e3:2a:97:95:70:58:ec:af:76:32:b7:b3:a7:50:b5:
7c:e0:99:21:4a:e0:40:ff:5b:08:c3:7b:30:ea:61:de:f3:28:
aa:75:bd:9c:b9:0e:9e:2d:64:52:e6:10:c0:a1:de:1c:00:08:
b5:57:3e:b7:97:10:94:7c:f8:2d:46:f6:69:68:3d:7c:93:24:
88:79:c8:33:63:47:c7:d1:c8:99:01:b2:cb:48:84:cd:46:22:
22:5b:6c:71:c6:55:7b:f1:0c:13:41:05:40:5d:ce:a9:dd:11:
0e:36:53:5c:5d:1c:b8:95:10:e0:2d:94:be:22:43:4b:d6:b1:
e4:a1:d2:33:d0:23:a8:a0:e9:1f:32:84:7d:99:0f:88:21:fa:
54:17:9e:cb:ec:69:79:cf:f8:96:8f:62:f6:5e:2e:4d:74:fc:
4b:11:62:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykjw//8WaK98uYltEBYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYmMxZWNjMTdmNjYwZDViZDg5ZTE2MTY3YjlkNTAzMWJm
NmEwY2IwHhcNMjUxMTExMTIwMDUwWhcNMjUxMTEyMTIwMDUwWjAzMTEwLwYDVQQD
EygwMGY1MjUyYTk4ZGFjNTg5Mjg5YTkyOTNlMzg2MGVkZDFjNzliODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gH5Iecs2KU2kxdBG5urEg+MgbV2
FbIyX92ZgeOAI0hUjazy6tbQXCK2rPRAGAueatu/nwYJrteEm2lMbTMPnitHiLBD
jiZwo1+y7lpqig7bWuE2fVmnqc/biJtuwSy2SwARzIXl8WenXfyeHqbWJeAlH/O8
1x81ILeP2G+2HX8ur1WmgEZN9SMrcv5hhqgo01Q+1mCg83HViyw3Qm8nUI0xgwob
eMuvV3I34wKKtD2/8xFNPdF34n25lWW8qnpilv7GnNqKEd1BceOn8F5i9Oxwt3ZP
ri5PvzuD5J1c0xOqdE7xJTBY+F48HjJ2UnQo8sEFb6AlE1McHFWFP1Pq8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAD1JSqY2sWJKJqSk+OGDt0cebiWMB8GA1UdIwQY
MBaAFLq8HswX9mDVvYnhYWe51QMb9qDLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWIt
MTc5MTE1OTRhZTUxLzEvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWItMTc5MTE1OTRhZTUx
LzEvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHTB5HrtS
0OTB6x5os2+oQI8Z6EjVEqgLx4oFmVy1ffW5ipgJ7Lu8xjkK7xkwhFu4F3ELOgzY
D5YEUo/MD3VdlZh+kXOsxmv0mTqMwwPrMrwrkwiwm7tiqdaY3Btp4yqXlXBY7K92
Mrezp1C1fOCZIUrgQP9bCMN7MOph3vMoqnW9nLkOni1kUuYQwKHeHAAItVc+t5cQ
lHz4LUb2aWg9fJMkiHnIM2NHx9HImQGyy0iEzUYiIltsccZVe/EME0EFQF3Oqd0R
DjZTXF0cuJUQ4C2UviJDS9ax5KHSM9AjqKDpHzKEfZkPiCH6VBeey+xpec/4lo9i
9l4uTXT8SxFiOw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:19 2025 by rpki-client