Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
File: UFZxLM-od6u3YMt34nBBd0ywRzk.mft (raw, json)
Hash identifier: so31uNLdYqjJMwePp14P3S+/PW05at5mEfxla2+encI=
Subject key identifier: 50:FD:1E:23:38:48:16:39:1A:8A:6F:82:98:23:49:2C:9E:B5:1A:F2
Authority key identifier: 50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
Certificate issuer: /CN=5056712ccfa877abb760cb77e27041774cb04739
Certificate serial: 019923A05F6AF644F78587C29E423399C509
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
Manifest number: 1676
Signing time: Sun 07 Sep 2025 10:02:16 +0000
Manifest this update: Sun 07 Sep 2025 10:02:16 +0000
Manifest next update: Mon 08 Sep 2025 10:02:16 +0000
Files and hashes: 1: KkYiM3e0iOAnAg_yFBFSK_bjJl8.roa (hash: 5A5Vdre+g6oCjMH5zABiFnTSkWahsDuZjsJoxbwHMo0=)
2: UFZxLM-od6u3YMt34nBBd0ywRzk.crl (hash: 05TMw/JgU7smccF+ig0Aw0qwbPz1WRNPqnjwhH/ZMrM=)
3: _Q23PPlL8v2niGzmSooSDUdLWSk.roa (hash: 8JwVrSvS2kxaZsRD1vVjitt0fjw3hWWmjxqgx0yIUoc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:5f:6a:f6:44:f7:85:87:c2:9e:42:33:99:c5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5056712ccfa877abb760cb77e27041774cb04739
Validity
Not Before: Sep 7 10:02:16 2025 GMT
Not After : Sep 8 10:02:16 2025 GMT
Subject: CN=50fd1e23384816391a8a6f829823492c9eb51af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c8:f5:ca:2c:a6:47:9e:86:e9:0f:52:78:2c:
26:02:f2:68:51:cc:aa:53:19:b6:34:8a:d9:bc:3d:
0d:11:f6:3a:71:8d:f7:ed:1a:b9:fe:33:b7:43:a9:
9a:84:a9:b3:12:ab:a3:6d:32:35:ac:bc:7f:81:36:
c9:51:79:33:7b:6e:a2:3c:e5:35:16:aa:a6:38:89:
09:e4:82:df:11:5a:3b:09:98:92:07:7a:70:81:91:
c6:08:10:8c:33:d1:9e:12:f6:6f:00:71:6b:28:8b:
a4:e8:c9:6a:9a:2a:49:d2:10:31:c9:d3:38:4b:a8:
56:a3:5a:6b:eb:d2:df:13:24:78:33:1b:a2:f6:10:
b9:5b:35:ce:92:82:b2:65:dc:5b:cf:f9:2a:3b:a9:
1a:68:7b:ea:43:3a:2c:d5:62:d1:7e:be:95:4c:b7:
32:50:ed:9e:20:a7:4d:bb:03:05:48:6d:91:ca:8e:
8c:61:21:04:9c:3d:3f:28:60:da:b6:54:9d:b0:05:
07:e4:bc:be:2e:b9:1f:57:39:08:d8:7e:6e:40:ce:
ad:d2:28:72:45:bd:65:66:98:18:ed:45:1a:62:14:
a7:63:dc:7e:ae:b7:d3:45:80:e4:41:90:70:ad:a4:
ea:e4:1c:bf:73:dc:01:b3:72:44:fc:5b:df:41:34:
1f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FD:1E:23:38:48:16:39:1A:8A:6F:82:98:23:49:2C:9E:B5:1A:F2
X509v3 Authority Key Identifier:
keyid:50:56:71:2C:CF:A8:77:AB:B7:60:CB:77:E2:70:41:77:4C:B0:47:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFZxLM-od6u3YMt34nBBd0ywRzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8d798a-73d7-44ba-97db-f84b60521df5/1/UFZxLM-od6u3YMt34nBBd0ywRzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:27:cd:27:90:4c:2a:3c:c4:ba:dc:20:68:6d:10:76:50:ad:
6f:18:77:7c:35:49:d7:7b:94:26:cc:d1:be:01:08:cf:43:bc:
a7:b9:09:f3:75:cc:1b:c3:05:69:8f:c5:40:42:1c:3a:fd:cc:
a3:1c:a9:86:d5:31:29:c8:86:3b:d7:d1:00:3b:5a:0e:8f:00:
06:74:34:74:57:86:41:0c:dd:20:b8:66:eb:c9:b2:da:1f:f3:
16:33:a9:a9:98:18:0f:58:d2:7e:3e:0d:21:63:ed:c6:69:77:
f4:13:49:ee:3c:68:5d:af:0b:ad:b4:95:db:44:a3:dd:dd:2e:
68:2f:d3:ce:5a:48:e7:bd:18:68:1e:00:83:a4:5e:9d:7f:b8:
73:c4:ae:64:81:b3:67:a3:c0:0e:62:95:b8:03:7c:a7:7e:f0:
d4:86:6d:24:78:f8:c7:f0:50:f6:a5:9f:e1:c9:e2:e7:fd:06:
05:74:da:9a:b2:35:19:90:26:cd:61:e6:06:89:bc:c3:ae:40:
56:7e:8f:77:77:ee:91:0c:93:ba:31:de:e8:ad:c8:21:9d:c9:
7e:6e:51:d9:4f:06:87:cd:a5:11:66:40:50:18:23:d0:95:bb:
c9:1b:58:f4:6e:4f:f2:ef:56:93:95:5a:2a:12:96:33:31:e6:
8c:1b:cd:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoF9q9kT3hYfCnkIzmcUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTY3MTJjY2ZhODc3YWJiNzYwY2I3N2UyNzA0MTc3NGNi
MDQ3MzkwHhcNMjUwOTA3MTAwMjE2WhcNMjUwOTA4MTAwMjE2WjAzMTEwLwYDVQQD
Eyg1MGZkMWUyMzM4NDgxNjM5MWE4YTZmODI5ODIzNDkyYzllYjUxYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMj1yiymR56G6Q9SeCwmAvJoUcyq
Uxm2NIrZvD0NEfY6cY337Rq5/jO3Q6mahKmzEqujbTI1rLx/gTbJUXkze26iPOU1
FqqmOIkJ5ILfEVo7CZiSB3pwgZHGCBCMM9GeEvZvAHFrKIuk6MlqmipJ0hAxydM4
S6hWo1pr69LfEyR4Mxui9hC5WzXOkoKyZdxbz/kqO6kaaHvqQzos1WLRfr6VTLcy
UO2eIKdNuwMFSG2Ryo6MYSEEnD0/KGDatlSdsAUH5Ly+LrkfVzkI2H5uQM6t0ihy
Rb1lZpgY7UUaYhSnY9x+rrfTRYDkQZBwraTq5By/c9wBs3JE/FvfQTQfFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFD9HiM4SBY5GopvgpgjSSyetRryMB8GA1UdIwQY
MBaAFFBWcSzPqHert2DLd+JwQXdMsEc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGIt
Zjg0YjYwNTIxZGY1LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84ZDc5OGEtNzNkNy00NGJhLTk3ZGItZjg0YjYwNTIxZGY1
LzEvVUZaeExNLW9kNnUzWU10MzRuQkJkMHl3UnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAASfNJ5BM
KjzEutwgaG0QdlCtbxh3fDVJ13uUJszRvgEIz0O8p7kJ83XMG8MFaY/FQEIcOv3M
oxyphtUxKciGO9fRADtaDo8ABnQ0dFeGQQzdILhm68my2h/zFjOpqZgYD1jSfj4N
IWPtxml39BNJ7jxoXa8LrbSV20Sj3d0uaC/TzlpI570YaB4Ag6RenX+4c8SuZIGz
Z6PADmKVuAN8p37w1IZtJHj4x/BQ9qWf4cni5/0GBXTamrI1GZAmzWHmBom8w65A
Vn6Pd3fukQyTujHe6K3IIZ3Jfm5R2U8Gh82lEWZAUBgj0JW7yRtY9G5P8u9Wk5Va
KhKWMzHmjBvNog==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:49:32 2025 by rpki-client