Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
File: UnFDjiPOkl5mwlmYEiG1toOi8I8.mft (raw, json)
Hash identifier: JhK/WVUUNQTwcPXzpgWfh/cCVyRPBjYfJ6cLwLb0wtc=
Subject key identifier: 65:BC:09:32:B8:22:DF:F8:DD:7B:A6:1F:F5:60:D2:26:1D:F2:C5:DC
Authority key identifier: 52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F
Certificate issuer: /CN=5271438e23ce925e66c259981221b5b683a2f08f
Certificate serial: 019A71B84F9E3D5FDD04A53184320F2FE51F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
Manifest number: 0C83
Signing time: Tue 11 Nov 2025 07:01:35 +0000
Manifest this update: Tue 11 Nov 2025 07:01:35 +0000
Manifest next update: Wed 12 Nov 2025 07:01:35 +0000
Files and hashes: 1: UnFDjiPOkl5mwlmYEiG1toOi8I8.crl (hash: PApv0MogvIFSYBGD11yUtNmC9a+MTdNCvGxJuUMAGPg=)
2: b23Ppzc40t1gh2jcC0tEEtTjq-Y.roa (hash: PLO31FJDvhLM1rCGRuVKcX7pZ7U9Xsy2KrFDiy0XrKY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:4f:9e:3d:5f:dd:04:a5:31:84:32:0f:2f:e5:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5271438e23ce925e66c259981221b5b683a2f08f
Validity
Not Before: Nov 11 07:01:35 2025 GMT
Not After : Nov 12 07:01:35 2025 GMT
Subject: CN=65bc0932b822dff8dd7ba61ff560d2261df2c5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:04:fb:52:ff:17:ea:e3:db:57:03:cb:55:2b:
de:ce:ad:bb:8c:af:73:90:e2:87:25:13:96:c3:63:
21:78:e8:44:f6:a8:f3:2e:ce:5f:d5:e4:7c:7d:9d:
19:55:7d:c5:1e:41:aa:49:a9:01:a7:7c:df:ae:69:
95:ed:b8:db:65:15:f8:ae:34:71:ab:bf:f8:f8:69:
41:9f:c9:cd:5e:21:88:0f:b8:de:f0:f0:2b:b5:2c:
66:e5:c2:3b:20:26:e8:05:02:2d:b0:dc:9a:d6:e9:
f3:b2:f4:fa:79:16:ed:87:9d:3d:c4:05:60:08:0b:
8b:a1:27:c2:fe:cf:88:6d:42:4a:b7:6a:16:f1:36:
d3:f2:ce:5c:3a:ed:81:81:7a:a2:7b:39:e6:f5:9c:
25:d0:2a:58:94:c4:1d:81:ee:51:1d:86:74:7d:b2:
bd:69:91:5a:4f:f8:6c:b3:1b:9e:93:71:df:99:61:
43:41:44:31:be:01:29:7d:33:48:be:68:31:6e:c1:
25:c4:c3:74:bc:56:cd:8d:37:1a:69:cf:05:ef:ae:
0c:c3:2d:0a:ca:be:f5:47:a0:d9:ec:e2:7d:62:9a:
16:9f:0c:87:3b:1c:e2:db:06:81:19:01:e2:90:ac:
8e:83:ca:5e:95:9c:1c:e9:75:d1:a7:30:ae:cd:c0:
8a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BC:09:32:B8:22:DF:F8:DD:7B:A6:1F:F5:60:D2:26:1D:F2:C5:DC
X509v3 Authority Key Identifier:
keyid:52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:63:d3:58:c6:bc:b2:ae:72:6f:04:3e:36:7f:2a:61:dc:b1:
c1:52:a5:00:8c:54:7e:1c:fe:d6:66:20:ad:05:27:32:d2:78:
5a:10:61:3c:fa:65:30:3d:25:3c:c6:8b:08:a9:6a:67:7d:a1:
93:63:f1:fa:b1:ad:84:c3:8d:9c:70:4a:26:22:c7:80:4c:9a:
0e:19:65:80:8c:41:51:1b:79:db:10:a6:34:19:d3:23:5e:6e:
22:ae:ec:4e:be:ba:63:fb:de:74:ca:93:6a:88:c9:87:4a:09:
1d:b0:1f:fb:94:75:28:d9:39:d1:b8:d5:79:4a:2f:b7:88:68:
37:81:16:9b:4f:e7:14:06:fa:dd:3e:ef:d1:e2:a2:3b:0a:73:
aa:04:9d:a0:2d:08:c1:a1:60:aa:f8:9c:a8:c4:b0:50:3d:28:
ea:10:a6:a6:ab:d4:59:d0:6d:4e:5f:b3:36:3b:ce:f9:18:a4:
12:3c:2b:b2:84:88:43:01:37:c2:96:4b:0d:4a:89:ac:85:60:
44:21:2a:a0:22:03:3c:29:ad:65:f8:f4:a0:95:48:33:bd:b3:
38:00:ba:a4:e3:1f:f5:57:26:59:39:54:a0:86:17:24:b1:9a:
cb:fc:da:cb:eb:75:ec:d2:6d:35:de:db:23:c7:10:72:6a:48:
80:99:dd:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuE+ePV/dBKUxhDIPL+UfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzE0MzhlMjNjZTkyNWU2NmMyNTk5ODEyMjFiNWI2ODNh
MmYwOGYwHhcNMjUxMTExMDcwMTM1WhcNMjUxMTEyMDcwMTM1WjAzMTEwLwYDVQQD
Eyg2NWJjMDkzMmI4MjJkZmY4ZGQ3YmE2MWZmNTYwZDIyNjFkZjJjNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wT7Uv8X6uPbVwPLVSvezq27jK9z
kOKHJROWw2MheOhE9qjzLs5f1eR8fZ0ZVX3FHkGqSakBp3zfrmmV7bjbZRX4rjRx
q7/4+GlBn8nNXiGID7je8PArtSxm5cI7ICboBQItsNya1unzsvT6eRbth509xAVg
CAuLoSfC/s+IbUJKt2oW8TbT8s5cOu2BgXqieznm9Zwl0CpYlMQdge5RHYZ0fbK9
aZFaT/hssxuek3HfmWFDQUQxvgEpfTNIvmgxbsElxMN0vFbNjTcaac8F764Mwy0K
yr71R6DZ7OJ9YpoWnwyHOxzi2waBGQHikKyOg8pelZwc6XXRpzCuzcCKQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGW8CTK4It/43XumH/Vg0iYd8sXcMB8GA1UdIwQY
MBaAFFJxQ44jzpJeZsJZmBIhtbaDovCPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMt
OWFkMDM1NDc0MTE0LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMtOWFkMDM1NDc0MTE0
LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApWPTWMa8
sq5ybwQ+Nn8qYdyxwVKlAIxUfhz+1mYgrQUnMtJ4WhBhPPplMD0lPMaLCKlqZ32h
k2Px+rGthMONnHBKJiLHgEyaDhllgIxBURt52xCmNBnTI15uIq7sTr66Y/vedMqT
aojJh0oJHbAf+5R1KNk50bjVeUovt4hoN4EWm0/nFAb63T7v0eKiOwpzqgSdoC0I
waFgqvicqMSwUD0o6hCmpqvUWdBtTl+zNjvO+RikEjwrsoSIQwE3wpZLDUqJrIVg
RCEqoCIDPCmtZfj0oJVIM72zOAC6pOMf9VcmWTlUoIYXJLGay/zay+t17NJtNd7b
I8cQcmpIgJndJg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:07 2025 by rpki-client