Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.mft
File: U170D69INDOz4zaY5NHulfPJS-w.mft (raw, json)
Hash identifier: FGOH4eSfNkzsxPwx3RQ1ugKkddQ2+MStkpHVkFiGU+4=
Subject key identifier: DB:F1:30:AF:26:6D:F8:19:F2:99:51:AF:E9:74:EF:AB:77:B3:CF:04
Authority key identifier: 53:5E:F4:0F:AF:48:34:33:B3:E3:36:98:E4:D1:EE:95:F3:C9:4B:EC
Certificate issuer: /CN=535ef40faf483433b3e33698e4d1ee95f3c94bec
Certificate serial: 019A71B92E0168095CDD53F4F97D46DEA873
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U170D69INDOz4zaY5NHulfPJS-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 07:02:32 +0000
Manifest this update: Tue 11 Nov 2025 07:02:32 +0000
Manifest next update: Wed 12 Nov 2025 07:02:32 +0000
Files and hashes: 1: U170D69INDOz4zaY5NHulfPJS-w.crl (hash: 0LbdolcyJnOhho9mxsLtNN1WbUPAJfYvP454sr5l+Ps=)
2: a9R4a72Ce3HtrFyUZj2Jrpn9DLE.roa (hash: lEQCssDpqykyZtTNm3b2/t+M2Xlx2R2hbaDbanTEKE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/U170D69INDOz4zaY5NHulfPJS-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:2e:01:68:09:5c:dd:53:f4:f9:7d:46:de:a8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535ef40faf483433b3e33698e4d1ee95f3c94bec
Validity
Not Before: Nov 11 07:02:32 2025 GMT
Not After : Nov 12 07:02:32 2025 GMT
Subject: CN=dbf130af266df819f29951afe974efab77b3cf04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:36:54:d3:1d:dc:88:a9:ea:73:8f:27:69:
2e:19:ea:10:ef:9b:f0:7f:80:b1:6e:7b:e3:82:3e:
c4:0b:66:7f:79:fd:97:60:db:db:60:a7:6f:9e:01:
e5:19:94:3f:60:26:0e:3d:62:32:32:14:1c:f9:58:
fb:af:e3:a7:0f:e8:0e:fd:a5:e9:1c:54:56:92:3a:
34:e1:a8:72:de:a2:67:8a:12:0b:54:1d:bf:0d:76:
e9:da:32:fb:4d:67:b5:f4:42:04:1d:42:24:56:22:
ef:af:3a:b7:d9:e1:0d:88:1b:64:f8:ae:8f:8c:9e:
b3:98:84:88:a8:8f:8e:3d:e5:9e:ca:11:75:7d:b4:
89:cb:f0:2f:e6:54:5b:30:26:bf:97:19:0f:89:82:
23:aa:5b:d9:5c:2f:d2:24:80:10:c1:a9:9b:74:42:
e9:37:43:5a:98:e6:5e:8f:4b:7c:e1:74:37:62:99:
7a:2e:1a:f6:61:da:b9:69:25:c3:2b:e7:4d:86:17:
a3:53:ef:89:7a:d7:4f:36:7a:e3:3f:08:e8:56:73:
07:33:55:d7:56:cf:04:bb:6f:a2:5a:a3:93:22:bf:
43:37:cb:6f:2d:ce:d1:47:a6:d0:3b:e6:4f:64:f0:
56:c9:9a:e3:32:6e:cf:32:6e:62:89:21:b7:ff:8c:
72:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F1:30:AF:26:6D:F8:19:F2:99:51:AF:E9:74:EF:AB:77:B3:CF:04
X509v3 Authority Key Identifier:
keyid:53:5E:F4:0F:AF:48:34:33:B3:E3:36:98:E4:D1:EE:95:F3:C9:4B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U170D69INDOz4zaY5NHulfPJS-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:b3:9a:c6:b8:2c:41:d3:05:f4:39:b4:90:b4:6f:f0:ff:58:
3b:2f:22:bc:a4:86:00:b9:e6:d1:53:0f:22:8e:f6:d5:3e:10:
94:7f:3e:22:f4:04:03:b1:84:75:b5:30:6c:7f:ad:14:45:26:
06:a1:6a:cd:5e:ca:47:e2:cc:e6:9f:6f:df:e5:09:e3:30:1f:
85:37:72:81:9c:a2:45:52:9d:f5:04:3a:43:22:b1:a5:4a:0f:
cd:1e:26:ae:c3:1d:67:4f:df:32:f8:9e:46:22:14:00:ac:59:
53:69:bc:50:0c:b7:46:12:a0:5c:be:ca:07:f9:9c:1c:5f:aa:
10:95:06:fe:53:c2:18:ad:a6:65:76:d6:41:71:91:2d:c5:1d:
3c:17:1b:99:7f:b9:d6:bc:d9:f5:d0:52:1e:92:e0:ef:2a:ec:
72:e2:1a:36:b8:25:4e:ac:10:97:b9:b7:03:23:58:e7:25:0e:
cb:0f:61:6e:c3:c1:5c:f9:12:aa:c0:c7:0d:86:77:e8:3d:ee:
e1:a7:04:22:9c:23:93:d7:94:5e:c0:c7:05:8c:28:22:80:5c:
b8:38:2a:88:cf:df:23:10:c9:d9:b0:0b:15:fd:05:55:0c:b4:
dd:dd:c5:c7:67:d4:61:34:59:97:85:5c:e2:4e:42:03:d2:c8:
47:c3:56:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuS4BaAlc3VP0+X1G3qhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWVmNDBmYWY0ODM0MzNiM2UzMzY5OGU0ZDFlZTk1ZjNj
OTRiZWMwHhcNMjUxMTExMDcwMjMyWhcNMjUxMTEyMDcwMjMyWjAzMTEwLwYDVQQD
EyhkYmYxMzBhZjI2NmRmODE5ZjI5OTUxYWZlOTc0ZWZhYjc3YjNjZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdg2VNMd3Iip6nOPJ2kuGeoQ75vw
f4Cxbnvjgj7EC2Z/ef2XYNvbYKdvngHlGZQ/YCYOPWIyMhQc+Vj7r+OnD+gO/aXp
HFRWkjo04ahy3qJnihILVB2/DXbp2jL7TWe19EIEHUIkViLvrzq32eENiBtk+K6P
jJ6zmISIqI+OPeWeyhF1fbSJy/Av5lRbMCa/lxkPiYIjqlvZXC/SJIAQwambdELp
N0NamOZej0t84XQ3Ypl6Lhr2Ydq5aSXDK+dNhhejU++JetdPNnrjPwjoVnMHM1XX
Vs8Eu2+iWqOTIr9DN8tvLc7RR6bQO+ZPZPBWyZrjMm7PMm5iiSG3/4xyaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvxMK8mbfgZ8plRr+l076t3s88EMB8GA1UdIwQY
MBaAFFNe9A+vSDQzs+M2mOTR7pXzyUvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTE3MEQ2OUlORE96NHphWTVOSHVsZlBKUy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy83N2E5ZjEtZjFmYi00ODVmLTkyM2Yt
N2MzNzg5NDA1YmQ2LzEvVTE3MEQ2OUlORE96NHphWTVOSHVsZlBKUy13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy83N2E5ZjEtZjFmYi00ODVmLTkyM2YtN2MzNzg5NDA1YmQ2
LzEvVTE3MEQ2OUlORE96NHphWTVOSHVsZlBKUy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUrOaxrgs
QdMF9Dm0kLRv8P9YOy8ivKSGALnm0VMPIo721T4QlH8+IvQEA7GEdbUwbH+tFEUm
BqFqzV7KR+LM5p9v3+UJ4zAfhTdygZyiRVKd9QQ6QyKxpUoPzR4mrsMdZ0/fMvie
RiIUAKxZU2m8UAy3RhKgXL7KB/mcHF+qEJUG/lPCGK2mZXbWQXGRLcUdPBcbmX+5
1rzZ9dBSHpLg7yrscuIaNrglTqwQl7m3AyNY5yUOyw9hbsPBXPkSqsDHDYZ36D3u
4acEIpwjk9eUXsDHBYwoIoBcuDgqiM/fIxDJ2bALFf0FVQy03d3Fx2fUYTRZl4Vc
4k5CA9LIR8NW+w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:39 2025 by rpki-client