Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
File: UFZxLM-od6u3YMt34nBBd0ywRzk.mft (raw, json)
Hash identifier: vOTu2TX02rcElOMNoFgIsswqwhBVNnBYIOHPBTh1QZ8=
Subject key identifier: DA:C6:19:89:36:3C:7E:96:D7:92:4B:98:06:91:02:26:BE:C2:88:6A
Authority key identifier: 50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
Certificate issuer: /CN=5056712ccfa877abb760cb77e27041774cb04739
Certificate serial: 019A71B7CA1E9371333628395B889CE96D1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 07:01:01 +0000
Manifest this update: Tue 11 Nov 2025 07:01:01 +0000
Manifest next update: Wed 12 Nov 2025 07:01:01 +0000
Files and hashes: 1: KkYiM3e0iOAnAg_yFBFSK_bjJl8.roa (hash: 5A5Vdre+g6oCjMH5zABiFnTSkWahsDuZjsJoxbwHMo0=)
2: UFZxLM-od6u3YMt34nBBd0ywRzk.crl (hash: C5GabtZ+G9Ky1+UTJNXQ9BOdwZCbpjaw7J+uQ6cQ7w4=)
3: _Q23PPlL8v2niGzmSooSDUdLWSk.roa (hash: 8JwVrSvS2kxaZsRD1vVjitt0fjw3hWWmjxqgx0yIUoc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ca:1e:93:71:33:36:28:39:5b:88:9c:e9:6d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5056712ccfa877abb760cb77e27041774cb04739
Validity
Not Before: Nov 11 07:01:01 2025 GMT
Not After : Nov 12 07:01:01 2025 GMT
Subject: CN=dac61989363c7e96d7924b9806910226bec2886a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:bb:81:1e:13:40:48:29:b1:4d:d9:78:2a:
6c:c6:4d:8a:87:b9:9b:2d:53:be:c5:b8:98:40:c9:
97:d5:6f:df:b5:e4:77:b9:21:06:53:e5:32:3a:ea:
36:04:35:3b:7e:da:0a:2d:64:61:67:db:45:e0:47:
3e:6e:ed:21:55:bc:83:5b:ef:b6:3c:0f:27:35:7b:
af:8d:b6:49:ec:ea:f3:e8:5c:b8:76:12:a1:fe:a2:
7a:f5:29:f4:fd:62:79:1c:38:f6:5d:15:96:1c:06:
5b:b5:37:6d:e7:d8:dc:2d:66:cf:fb:57:94:28:88:
02:88:aa:74:3a:5c:02:59:da:2d:34:9c:8b:0e:ac:
3c:a8:2e:14:4c:7d:61:70:e0:06:1d:c7:bd:f5:fc:
53:d3:b5:d8:fe:49:1f:13:3e:4d:79:5a:4e:09:de:
b8:17:14:3e:11:2b:70:fa:59:d6:f2:10:20:9f:6c:
37:23:72:9d:36:e9:9b:8b:4c:a9:a0:73:d9:f3:48:
c4:e6:be:ce:f1:af:fa:7d:9f:20:bd:b0:f4:bd:fd:
6f:ff:e3:b5:da:ec:70:a8:72:98:ae:97:77:9a:85:
1e:6a:f7:c9:96:f1:2e:83:6f:1f:a7:d6:b0:a3:77:
e0:25:bd:bd:12:38:2d:b0:5f:7c:ba:6e:00:c6:aa:
c0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C6:19:89:36:3C:7E:96:D7:92:4B:98:06:91:02:26:BE:C2:88:6A
X509v3 Authority Key Identifier:
keyid:50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:6d:5f:03:92:87:8f:6e:2e:d0:84:ef:81:df:3f:62:9f:56:
00:a9:be:97:1e:68:32:0c:00:a6:7e:aa:c1:02:40:f6:60:af:
59:2d:39:50:83:1d:54:6b:62:c1:93:9d:d1:8c:0e:b7:0f:88:
57:90:d6:d0:d6:99:a2:ae:38:94:f1:ab:69:a1:fb:c2:ed:2a:
2c:8c:d4:9a:a7:03:3b:4c:c9:bc:16:cd:66:63:d1:4c:d7:1c:
24:c9:f8:a1:90:d9:16:ec:bd:db:d2:f1:84:ba:a6:35:4f:1f:
04:ee:ee:8a:6a:20:ce:ca:5a:83:81:f6:58:a2:2a:2e:18:4c:
99:d5:ff:c6:73:61:18:4d:39:55:3c:d4:e1:92:f4:73:28:8d:
46:bc:64:c7:d6:4c:ad:89:e5:82:10:53:5e:22:e0:e7:db:39:
3a:f5:25:47:aa:1d:7a:0f:ba:a3:34:ba:b7:29:05:8d:e0:0b:
97:89:fe:64:e5:ff:06:78:7a:2c:2e:97:28:35:1f:07:6d:90:
03:91:ff:50:b4:5f:55:1c:ea:98:89:7f:7b:16:48:79:d8:cf:
7b:40:f1:66:84:17:a1:52:5d:29:c6:eb:f0:80:ea:d2:40:7a:
25:8a:cc:a6:e6:69:70:25:ce:f2:25:06:22:42:96:83:16:57:
2a:1f:1b:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8oek3EzNig5W4ic6W0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTY3MTJjY2ZhODc3YWJiNzYwY2I3N2UyNzA0MTc3NGNi
MDQ3MzkwHhcNMjUxMTExMDcwMTAxWhcNMjUxMTEyMDcwMTAxWjAzMTEwLwYDVQQD
EyhkYWM2MTk4OTM2M2M3ZTk2ZDc5MjRiOTgwNjkxMDIyNmJlYzI4ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCO7gR4TQEgpsU3ZeCpsxk2Kh7mb
LVO+xbiYQMmX1W/fteR3uSEGU+UyOuo2BDU7ftoKLWRhZ9tF4Ec+bu0hVbyDW++2
PA8nNXuvjbZJ7Orz6Fy4dhKh/qJ69Sn0/WJ5HDj2XRWWHAZbtTdt59jcLWbP+1eU
KIgCiKp0OlwCWdotNJyLDqw8qC4UTH1hcOAGHce99fxT07XY/kkfEz5NeVpOCd64
FxQ+EStw+lnW8hAgn2w3I3KdNumbi0ypoHPZ80jE5r7O8a/6fZ8gvbD0vf1v/+O1
2uxwqHKYrpd3moUeavfJlvEug28fp9awo3fgJb29EjgtsF98um4AxqrAfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrGGYk2PH6W15JLmAaRAia+wohqMB8GA1UdIwQY
MBaAFFBWcSzPqHert2DLd+JwQXdMsEc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGIt
Zjg0YjYwNTIxZGY1LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGItZjg0YjYwNTIxZGY1
LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtm1fA5KH
j24u0ITvgd8/Yp9WAKm+lx5oMgwApn6qwQJA9mCvWS05UIMdVGtiwZOd0YwOtw+I
V5DW0NaZoq44lPGraaH7wu0qLIzUmqcDO0zJvBbNZmPRTNccJMn4oZDZFuy929Lx
hLqmNU8fBO7uimogzspag4H2WKIqLhhMmdX/xnNhGE05VTzU4ZL0cyiNRrxkx9ZM
rYnlghBTXiLg59s5OvUlR6odeg+6ozS6tykFjeALl4n+ZOX/Bnh6LC6XKDUfB22Q
A5H/ULRfVRzqmIl/exZIedjPe0DxZoQXoVJdKcbr8IDq0kB6JYrMpuZpcCXO8iUG
IkKWgxZXKh8bOQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:12:56 2025 by rpki-client