Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
File: u7hl_W36q6dxJJt-uujr1SgKDJc.mft (raw, json)
Hash identifier: /f9dTbl/FiIFxl8jFyT7rZAlMR77J6H9S7djP89FoPc=
Subject key identifier: 45:0F:68:27:83:21:66:39:75:2A:FF:34:A7:E9:A1:3E:01:BD:1E:4D
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 019A7293E5EB9A857E084D21453B88D4B488
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
Manifest number: 126A
Signing time: Tue 11 Nov 2025 11:01:26 +0000
Manifest this update: Tue 11 Nov 2025 11:01:26 +0000
Manifest next update: Wed 12 Nov 2025 11:01:26 +0000
Files and hashes: 1: kr3FPTrUbvprQB5gOzb6Xm9In9I.roa (hash: hZOcB5l1wSRFBsah9a6wwCM7j6k84PdiP/Urp0eSJlg=)
2: u7hl_W36q6dxJJt-uujr1SgKDJc.crl (hash: vpA8+R0jQKqPc5esWo+65A5k6J4twq81bM12Ae5zV3o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:e5:eb:9a:85:7e:08:4d:21:45:3b:88:d4:b4:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Nov 11 11:01:26 2025 GMT
Not After : Nov 12 11:01:26 2025 GMT
Subject: CN=450f682783216639752aff34a7e9a13e01bd1e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8b:43:3f:ee:20:99:bf:fc:e6:59:4f:1f:a4:
94:72:a3:c5:f0:74:8d:bb:32:71:c4:4b:bd:f4:cb:
00:11:7f:d5:87:8f:1c:3b:43:16:64:dd:96:46:bd:
09:58:da:ec:1f:1b:ea:b8:69:48:3d:95:f2:c9:88:
ae:0e:1a:ee:37:f1:c0:ea:8b:10:40:aa:83:18:cb:
4e:5b:03:45:47:54:d8:ce:ee:f2:61:65:e8:d9:eb:
ac:b2:86:4b:c5:e6:58:31:29:bb:a7:31:fa:5f:b6:
fa:b2:18:34:a9:50:6c:58:46:78:eb:80:fe:35:1c:
24:b7:3b:3c:53:9c:25:81:24:90:26:8e:56:95:01:
e9:dc:33:27:61:6f:27:2b:1b:5a:60:70:ce:14:b1:
86:5d:87:4c:9f:12:8d:f7:6a:85:a2:42:9e:d0:f5:
bf:ee:27:68:f4:b4:5a:a9:d9:3a:2d:af:18:97:e3:
1a:c4:14:63:56:43:95:b7:28:5a:f6:19:f6:7e:32:
e8:d6:3d:0e:fa:d7:74:02:6f:a3:68:09:63:39:e0:
6a:a2:81:ff:1d:5b:8d:9b:ee:91:9e:76:54:59:97:
27:64:69:56:33:13:70:cd:9c:3d:d5:fc:52:a7:99:
76:1b:bc:ca:fe:fc:11:5e:ec:89:da:4b:56:2f:30:
21:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:0F:68:27:83:21:66:39:75:2A:FF:34:A7:E9:A1:3E:01:BD:1E:4D
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:f5:21:a4:78:df:21:de:5f:8d:d3:03:82:3f:e9:6d:d3:80:
2f:34:e9:0d:5a:f5:46:04:fb:25:82:db:ba:bf:5c:e6:5f:32:
36:49:5d:57:78:f5:6f:0d:31:91:ab:c8:67:31:10:30:dc:00:
77:d0:30:7a:fb:5b:f6:86:91:7b:e1:0b:48:87:7d:65:39:5e:
a7:d4:3c:b4:7e:1d:71:8d:2b:c4:b8:d6:58:db:ea:47:36:c4:
e6:0b:17:32:bb:ff:26:70:87:e6:2c:9e:9e:ac:ef:6b:79:df:
ff:c6:32:d4:62:db:9c:90:cb:d2:af:d6:89:39:e7:27:a5:eb:
7b:19:ec:81:02:78:bb:ff:e0:1c:8f:2b:3e:70:61:99:d9:ea:
f2:8c:bf:71:eb:10:c6:70:76:68:e9:ce:f9:95:5b:de:13:03:
74:01:82:4c:e1:1c:18:d4:5f:5b:b4:61:fe:f7:54:0c:e0:b0:
12:64:44:58:3c:91:8e:59:96:66:ef:bb:1f:a6:4b:3a:d6:9b:
45:9d:b2:cc:de:ca:c7:96:ca:a1:1d:49:f1:6f:9d:17:43:f5:
a0:7f:bb:19:5c:35:af:6c:c4:bf:1d:f5:10:ae:60:60:9b:3a:
8b:fb:48:5e:20:d4:5d:3c:7b:a9:e1:b7:33:1c:12:0c:f4:16:
5a:0d:9d:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+XrmoV+CE0hRTuI1LSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjUxMTExMTEwMTI2WhcNMjUxMTEyMTEwMTI2WjAzMTEwLwYDVQQD
Eyg0NTBmNjgyNzgzMjE2NjM5NzUyYWZmMzRhN2U5YTEzZTAxYmQxZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzotDP+4gmb/85llPH6SUcqPF8HSN
uzJxxEu99MsAEX/Vh48cO0MWZN2WRr0JWNrsHxvquGlIPZXyyYiuDhruN/HA6osQ
QKqDGMtOWwNFR1TYzu7yYWXo2eussoZLxeZYMSm7pzH6X7b6shg0qVBsWEZ464D+
NRwktzs8U5wlgSSQJo5WlQHp3DMnYW8nKxtaYHDOFLGGXYdMnxKN92qFokKe0PW/
7ido9LRaqdk6La8Yl+MaxBRjVkOVtyha9hn2fjLo1j0O+td0Am+jaAljOeBqooH/
HVuNm+6RnnZUWZcnZGlWMxNwzZw91fxSp5l2G7zK/vwRXuyJ2ktWLzAhewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUPaCeDIWY5dSr/NKfpoT4BvR5NMB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzItNWZjZmE0MjE5NzVj
LzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMfUhpHjf
Id5fjdMDgj/pbdOALzTpDVr1RgT7JYLbur9c5l8yNkldV3j1bw0xkavIZzEQMNwA
d9Awevtb9oaRe+ELSId9ZTlep9Q8tH4dcY0rxLjWWNvqRzbE5gsXMrv/JnCH5iye
nqzva3nf/8Yy1GLbnJDL0q/WiTnnJ6XrexnsgQJ4u//gHI8rPnBhmdnq8oy/cesQ
xnB2aOnO+ZVb3hMDdAGCTOEcGNRfW7Rh/vdUDOCwEmREWDyRjlmWZu+7H6ZLOtab
RZ2yzN7Kx5bKoR1J8W+dF0P1oH+7GVw1r2zEvx31EK5gYJs6i/tIXiDUXTx7qeG3
MxwSDPQWWg2djA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:40 2025 by rpki-client