Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.mft
File: USt7qR3DDrtBPNBVvUMpLi0UAY8.mft (raw, json)
Hash identifier: QEGQd5W55gQKm34S64dZUsTEunwIDUpXnvGWPwr7bLI=
Subject key identifier: 29:44:4C:13:E5:D9:B2:7B:9A:1B:4E:34:6C:B3:CC:D9:4D:EE:07:95
Authority key identifier: 51:2B:7B:A9:1D:C3:0E:BB:41:3C:D0:55:BD:43:29:2E:2D:14:01:8F
Certificate issuer: /CN=512b7ba91dc30ebb413cd055bd43292e2d14018f
Certificate serial: 019A71EE99CD96267ECEB21CA74D6B6FC10E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.mft
Manifest number: 06A2
Signing time: Tue 11 Nov 2025 08:00:53 +0000
Manifest this update: Tue 11 Nov 2025 08:00:53 +0000
Manifest next update: Wed 12 Nov 2025 08:00:53 +0000
Files and hashes: 1: USt7qR3DDrtBPNBVvUMpLi0UAY8.crl (hash: xc09WNZcfSUAyBmokH61komEVQvwX88R4xcwef7AyQY=)
2: vloVVT9ufVGR6rj5SefMS3qmK1c.roa (hash: /V+TKP3WFA5NtQkzEdfMB+4hHPZcd6oAqeonzaeqn0o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:99:cd:96:26:7e:ce:b2:1c:a7:4d:6b:6f:c1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=512b7ba91dc30ebb413cd055bd43292e2d14018f
Validity
Not Before: Nov 11 08:00:53 2025 GMT
Not After : Nov 12 08:00:53 2025 GMT
Subject: CN=29444c13e5d9b27b9a1b4e346cb3ccd94dee0795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:be:4d:0c:57:a1:d2:43:fb:84:9e:ae:e3:f8:
82:eb:cf:9b:0f:b3:ee:3c:13:11:c8:a7:bf:22:60:
22:00:16:6d:7c:46:2d:b1:8c:10:22:44:39:0c:43:
b6:cc:cb:eb:fa:55:70:84:31:3a:31:d2:a7:05:e0:
d9:85:af:65:2d:de:0a:a6:f0:b2:af:e2:e5:7b:2f:
26:f4:e4:bc:f9:20:4a:72:c2:02:d0:39:93:32:fd:
af:28:86:1f:80:36:f6:2f:67:57:26:42:f8:0d:70:
dd:0b:63:01:a0:fc:ba:7d:34:73:39:11:e9:12:69:
6f:81:52:32:3e:a7:8f:6e:8d:09:39:1a:30:87:48:
3c:ef:0b:c1:ce:80:46:8c:b4:59:b1:8f:4d:ec:21:
d7:df:e4:1e:3e:98:a0:21:ff:20:51:23:59:16:fa:
c6:2a:94:01:7f:f5:8e:54:23:33:a8:b2:15:92:d4:
f2:fb:e2:f5:10:0b:2b:d7:3c:d4:33:a7:08:f9:91:
f9:bc:c7:e4:26:93:2f:59:e0:97:83:66:c9:3d:42:
59:87:61:d6:11:c4:28:40:71:84:4b:f7:7f:ac:5d:
47:ae:d3:c6:ea:4e:e9:37:1e:fa:9f:2b:3a:5e:6d:
80:d5:85:b5:bb:75:a5:ea:a2:97:ad:64:e6:12:76:
28:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:44:4C:13:E5:D9:B2:7B:9A:1B:4E:34:6C:B3:CC:D9:4D:EE:07:95
X509v3 Authority Key Identifier:
keyid:51:2B:7B:A9:1D:C3:0E:BB:41:3C:D0:55:BD:43:29:2E:2D:14:01:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:12:54:94:3c:cd:5f:e3:af:dc:d2:6b:bf:38:14:00:66:3b:
2f:2d:b2:8e:79:6a:53:48:44:5d:01:64:02:19:04:f4:32:80:
e0:ee:82:d0:cc:14:aa:ce:83:bc:11:88:a1:6b:e7:98:d5:dc:
26:85:46:0d:5c:44:20:4e:82:57:c7:bd:4b:22:b8:ba:2f:34:
08:26:8a:a7:74:5b:39:96:83:ff:8a:ad:a7:f5:ec:11:28:f0:
c3:86:ed:d2:1c:81:e9:d1:08:1b:74:42:98:62:29:ab:42:91:
7e:07:8e:62:d3:05:69:ce:f0:f5:22:5d:0a:ef:2e:66:bb:72:
fc:33:c0:42:77:fc:0c:c6:a5:d5:35:97:46:91:f2:2e:4b:6c:
15:b0:8b:74:7d:af:ab:bf:84:7a:5c:b8:0c:25:25:8b:6c:75:
e4:b7:23:9a:0f:2f:06:8a:09:94:fc:a8:da:71:d9:ff:62:6e:
2c:fb:0c:a5:a3:f7:e9:c8:6b:1d:89:75:9b:8e:61:0e:45:70:
2a:8d:9d:94:02:80:b1:69:70:60:1d:93:5d:96:58:35:79:62:
2a:14:31:95:df:b5:3b:ff:a7:bc:bd:04:8d:06:98:7c:47:00:
f6:f6:55:f3:5b:de:79:44:ca:d0:b2:62:68:1c:5f:43:44:83:
a2:b9:0a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pnNliZ+zrIcp01rb8EOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmI3YmE5MWRjMzBlYmI0MTNjZDA1NWJkNDMyOTJlMmQx
NDAxOGYwHhcNMjUxMTExMDgwMDUzWhcNMjUxMTEyMDgwMDUzWjAzMTEwLwYDVQQD
EygyOTQ0NGMxM2U1ZDliMjdiOWExYjRlMzQ2Y2IzY2NkOTRkZWUwNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzr5NDFeh0kP7hJ6u4/iC68+bD7Pu
PBMRyKe/ImAiABZtfEYtsYwQIkQ5DEO2zMvr+lVwhDE6MdKnBeDZha9lLd4KpvCy
r+Lley8m9OS8+SBKcsIC0DmTMv2vKIYfgDb2L2dXJkL4DXDdC2MBoPy6fTRzORHp
EmlvgVIyPqePbo0JORowh0g87wvBzoBGjLRZsY9N7CHX3+QePpigIf8gUSNZFvrG
KpQBf/WOVCMzqLIVktTy++L1EAsr1zzUM6cI+ZH5vMfkJpMvWeCXg2bJPUJZh2HW
EcQoQHGES/d/rF1HrtPG6k7pNx76nys6Xm2A1YW1u3Wl6qKXrWTmEnYouQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClETBPl2bJ7mhtONGyzzNlN7geVMB8GA1UdIwQY
MBaAFFEre6kdww67QTzQVb1DKS4tFAGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN0N3FSM0REcnRCUE5CVnZVTXBMaTBVQVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82M2ZlOWUtNjBhMC00ZjgwLThjMDEt
MTY3Mzc0OWJjZWVjLzEvVVN0N3FSM0REcnRCUE5CVnZVTXBMaTBVQVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82M2ZlOWUtNjBhMC00ZjgwLThjMDEtMTY3Mzc0OWJjZWVj
LzEvVVN0N3FSM0REcnRCUE5CVnZVTXBMaTBVQVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxJUlDzN
X+Ov3NJrvzgUAGY7Ly2yjnlqU0hEXQFkAhkE9DKA4O6C0MwUqs6DvBGIoWvnmNXc
JoVGDVxEIE6CV8e9SyK4ui80CCaKp3RbOZaD/4qtp/XsESjww4bt0hyB6dEIG3RC
mGIpq0KRfgeOYtMFac7w9SJdCu8uZrty/DPAQnf8DMal1TWXRpHyLktsFbCLdH2v
q7+Eely4DCUli2x15Lcjmg8vBooJlPyo2nHZ/2JuLPsMpaP36chrHYl1m45hDkVw
Ko2dlAKAsWlwYB2TXZZYNXliKhQxld+1O/+nvL0EjQaYfEcA9vZV81veeUTK0LJi
aBxfQ0SDorkK5g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:28:09 2025 by rpki-client