Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.mft
File: uHt2aWhxYpblu6C86DhWrnFluLg.mft (raw, json)
Hash identifier: X7IluiyMgAVMHjt20jnVT0ZtkitSUYtjZxYPpgv5nnA=
Subject key identifier: 55:8B:2B:A2:DA:68:39:43:19:A9:4F:49:0B:13:B8:44:4A:3D:F9:DD
Authority key identifier: B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
Certificate issuer: /CN=b87b766968716296e5bba0bce83856ae7165b8b8
Certificate serial: 019A38A3D3CB151055E6D7B169D5C29BE21A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.mft
Manifest number: 1707
Signing time: Fri 31 Oct 2025 05:00:51 +0000
Manifest this update: Fri 31 Oct 2025 05:00:51 +0000
Manifest next update: Sat 01 Nov 2025 05:00:51 +0000
Files and hashes: 1: EMnxCwOEWhhPugjrcZ3jtYAbiJc.roa (hash: ioXKgGTre/pDJJ5LrVdx9gIh66mx4jxeELCjJSUVqnM=)
2: ft2mxf9aaNoul-AnIThMbBr-lps.roa (hash: xnKzHyjITrVDUs70AuSd+gwg5cbW8huGbxIys16mcfk=)
3: uHt2aWhxYpblu6C86DhWrnFluLg.crl (hash: /HOpZmY9vdOePsH0pFn7i+klkQ8I253cMuGCldQAWUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:38:a3:d3:cb:15:10:55:e6:d7:b1:69:d5:c2:9b:e2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b87b766968716296e5bba0bce83856ae7165b8b8
Validity
Not Before: Oct 31 05:00:51 2025 GMT
Not After : Nov 1 05:00:51 2025 GMT
Subject: CN=558b2ba2da68394319a94f490b13b8444a3df9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:78:ce:a8:d4:0b:6e:5c:7e:72:b4:d8:00:99:
e8:2e:2d:49:3e:38:38:a1:90:12:0c:58:5f:4f:26:
ab:32:15:ee:a6:37:cf:da:49:b2:7e:be:97:5f:d4:
b7:e4:d1:c8:d7:f4:68:25:8f:8f:cf:a7:bd:28:36:
d0:d2:cd:8c:ab:1e:df:57:d9:6b:f1:0b:3c:e0:30:
0b:e9:bd:90:94:5a:d8:4a:2d:d4:44:21:ce:e0:c3:
6d:77:79:1f:06:2e:3d:2d:ea:eb:77:a8:92:d2:57:
6e:a6:31:f2:90:d2:f3:a0:cc:23:20:cb:24:12:18:
50:9e:50:d4:7f:ea:3f:39:16:14:d2:6e:49:6d:bd:
41:bf:9c:a5:9c:d3:3c:d9:20:3b:a5:80:45:0f:34:
0f:db:1c:b7:cc:fd:4d:4d:5b:4c:af:f8:42:b0:c0:
70:cc:18:ed:de:40:c9:50:62:dc:ed:aa:fb:3d:f3:
72:2b:c1:94:56:01:b6:1d:7f:7c:b2:ce:c5:2c:d4:
21:11:e6:fc:16:00:c3:25:d5:e3:95:0b:a0:d7:e4:
e1:b0:04:41:1d:97:73:cd:79:cd:c3:b4:39:55:98:
96:2d:02:82:cd:7e:c0:1a:af:8b:30:66:a9:4c:ef:
c3:3a:64:e7:c6:a4:d3:1a:d3:a1:13:52:cb:be:c0:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:8B:2B:A2:DA:68:39:43:19:A9:4F:49:0B:13:B8:44:4A:3D:F9:DD
X509v3 Authority Key Identifier:
keyid:B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:c7:da:dd:5a:27:9b:c5:a1:c2:b0:78:fe:d4:02:bc:53:f1:
c7:ae:0d:e5:31:31:d7:af:40:97:6a:83:30:53:e0:50:4f:c3:
78:88:00:56:04:70:64:6e:67:2c:ae:bf:5b:c3:cc:1e:89:23:
6b:6e:00:e7:37:b3:54:be:29:40:b0:b8:f3:2e:07:4f:13:27:
99:56:ae:e5:c9:f1:71:a0:51:2e:5e:a4:f3:43:29:2f:1a:ba:
bf:ae:2b:24:12:c5:90:42:33:b0:fc:12:08:c3:83:dd:15:3f:
89:45:f4:a1:bf:93:f5:12:39:e8:04:58:ff:bc:ea:15:76:60:
ea:21:da:30:1d:91:40:69:30:42:58:2a:8e:34:36:d5:38:87:
b1:66:2c:09:e2:66:8f:dd:c4:d4:21:ce:d0:d2:1b:48:15:12:
ed:fd:22:31:54:6b:65:99:7b:6b:6a:b8:31:5e:4c:ed:9b:72:
cc:ed:a0:dc:77:64:32:16:52:dd:0b:41:8c:5a:1f:46:cc:f5:
e5:79:f6:47:e5:10:cb:ab:8f:a0:d6:77:6d:9f:b8:e3:da:5e:
a4:0b:67:da:3f:a5:28:b4:fc:31:49:8e:30:16:7c:5f:8b:bc:
df:10:e8:22:a2:b6:0c:ba:b3:c3:de:73:72:d0:3f:0c:90:2d:
85:ce:c1:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZo4o9PLFRBV5texadXCm+IaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2I3NjY5Njg3MTYyOTZlNWJiYTBiY2U4Mzg1NmFlNzE2
NWI4YjgwHhcNMjUxMDMxMDUwMDUxWhcNMjUxMTAxMDUwMDUxWjAzMTEwLwYDVQQD
Eyg1NThiMmJhMmRhNjgzOTQzMTlhOTRmNDkwYjEzYjg0NDRhM2RmOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinjOqNQLblx+crTYAJnoLi1JPjg4
oZASDFhfTyarMhXupjfP2kmyfr6XX9S35NHI1/RoJY+Pz6e9KDbQ0s2Mqx7fV9lr
8Qs84DAL6b2QlFrYSi3URCHO4MNtd3kfBi49Lerrd6iS0ldupjHykNLzoMwjIMsk
EhhQnlDUf+o/ORYU0m5Jbb1Bv5ylnNM82SA7pYBFDzQP2xy3zP1NTVtMr/hCsMBw
zBjt3kDJUGLc7ar7PfNyK8GUVgG2HX98ss7FLNQhEeb8FgDDJdXjlQug1+ThsARB
HZdzzXnNw7Q5VZiWLQKCzX7AGq+LMGapTO/DOmTnxqTTGtOhE1LLvsC3IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWLK6LaaDlDGalPSQsTuERKPfndMB8GA1UdIwQY
MBaAFLh7dmlocWKW5bugvOg4Vq5xZbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMt
M2Q2MTJmMzI0OTk2LzEvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMtM2Q2MTJmMzI0OTk2
LzEvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAecfa3Von
m8WhwrB4/tQCvFPxx64N5TEx169Al2qDMFPgUE/DeIgAVgRwZG5nLK6/W8PMHokj
a24A5zezVL4pQLC48y4HTxMnmVau5cnxcaBRLl6k80MpLxq6v64rJBLFkEIzsPwS
CMOD3RU/iUX0ob+T9RI56ARY/7zqFXZg6iHaMB2RQGkwQlgqjjQ21TiHsWYsCeJm
j93E1CHO0NIbSBUS7f0iMVRrZZl7a2q4MV5M7ZtyzO2g3HdkMhZS3QtBjFofRsz1
5Xn2R+UQy6uPoNZ3bZ+449pepAtn2j+lKLT8MUmOMBZ8X4u83xDoIqK2DLqzw95z
ctA/DJAthc7BzQ==
-----END CERTIFICATE-----
Generated at Fri Oct 31 08:03:53 2025 by rpki-client