Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
File: U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft (raw, json)
Hash identifier: wzmb+OtS6/nneop/GHwSjhhrCb0TeNUFreKPEgOMMwY=
Subject key identifier: 8A:7B:89:8B:0D:0A:F3:7B:BD:7B:D3:DA:5E:06:C6:C2:2C:3D:08:C3
Authority key identifier: 53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
Certificate issuer: /CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Certificate serial: 019A72257A57C34DA3FB22B182780FAD71DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 09:00:49 +0000
Manifest this update: Tue 11 Nov 2025 09:00:49 +0000
Manifest next update: Wed 12 Nov 2025 09:00:49 +0000
Files and hashes: 1: U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl (hash: h7UcxidSnVNkcy8iYSblbWvASrP/a2HuJSP9qcK2FvA=)
2: fhzBsi8rU0jUB3-KHFWy_MPxr3s.roa (hash: +sQEtymDtkukDBlTZusUXGi5sWkBAEA4spvgFTkKSlo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:7a:57:c3:4d:a3:fb:22:b1:82:78:0f:ad:71:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Validity
Not Before: Nov 11 09:00:49 2025 GMT
Not After : Nov 12 09:00:49 2025 GMT
Subject: CN=8a7b898b0d0af37bbd7bd3da5e06c6c22c3d08c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:32:3a:57:f6:04:9b:88:2b:bd:5b:18:b5:4f:
2a:2e:4b:b3:f3:67:ff:0c:cf:4c:f2:d1:79:40:f6:
d3:29:b6:0a:e1:3a:2d:c4:8b:38:f8:df:e0:63:ff:
f7:a2:80:31:e5:fd:44:dd:6a:11:e6:22:49:6e:a2:
e6:fd:5f:4c:91:8b:eb:d7:7f:86:2b:29:c5:0e:94:
3e:f8:82:1e:07:4b:12:a7:2e:21:0c:40:8f:d0:54:
7e:a0:68:e1:ec:a6:39:53:97:69:f7:85:a1:c2:b6:
c7:b6:8b:9f:6c:67:58:ff:b5:8c:cd:61:ad:3f:27:
53:ff:f6:60:ae:ad:c5:6e:87:0b:65:3a:da:08:b0:
96:24:75:a2:2f:29:a4:ac:ce:9b:7a:fa:cf:0d:a1:
d8:67:e9:79:0f:60:38:dc:ae:16:39:a3:ff:af:32:
d8:de:0a:dc:75:50:cd:88:30:ea:25:4d:9c:76:53:
a6:6e:e8:e3:5e:b7:ed:f4:80:da:b7:18:e2:2c:11:
8f:33:1e:06:b8:45:92:23:d0:2b:4f:0b:b6:cb:c5:
2d:e7:63:2f:2f:3e:eb:4b:ff:55:82:9d:d9:e3:89:
a7:a7:64:60:e0:2f:23:be:fa:f8:b4:0a:8c:2f:7a:
85:13:d0:9b:40:eb:55:c0:4c:3a:15:69:64:fd:07:
a5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7B:89:8B:0D:0A:F3:7B:BD:7B:D3:DA:5E:06:C6:C2:2C:3D:08:C3
X509v3 Authority Key Identifier:
keyid:53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:9f:1a:2b:81:3e:5e:f7:1f:c3:46:ee:18:92:59:b4:9f:82:
f5:c6:a4:27:c3:7f:2c:31:c3:b3:20:02:6f:37:a4:58:e9:3e:
fc:d2:32:0a:df:1c:0c:81:78:e7:dc:2f:17:95:3f:b1:b4:8c:
4b:fd:fc:85:2d:ed:ef:8b:3d:0d:24:36:d5:69:77:1c:d3:cd:
df:18:97:c8:e8:b3:22:8b:32:7a:e4:ba:41:be:6d:02:68:a4:
49:fd:bc:83:66:f8:87:a8:ab:81:0a:e9:7c:43:27:ff:4f:fb:
5a:0d:8c:ad:bd:27:e6:e4:4d:53:64:79:9c:7a:02:f0:19:51:
d9:a1:d2:aa:58:cc:ec:81:f7:9a:72:ae:55:65:cd:ed:fd:01:
ec:04:dd:20:61:40:ca:c2:99:58:8f:ac:15:4e:01:b4:ad:a0:
4b:d8:53:66:31:7e:82:70:bc:8c:7d:fd:62:17:8b:94:97:26:
5b:58:75:fc:01:5d:1b:92:57:73:7e:2b:cc:19:89:6f:7a:e1:
6a:fd:b8:26:bb:7f:4c:85:09:33:2c:03:e5:3e:23:75:88:3e:
2c:d1:80:2f:87:2f:cf:39:03:e2:18:97:88:f0:be:fa:57:d9:
2d:f6:ff:e8:c0:63:ba:b6:a3:58:ad:8c:db:a6:f8:c2:8e:9f:
af:ae:2b:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXpXw02j+yKxgngPrXHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTNhOWE4NWZhMTFmYzRiZjE1NmZhYjRkOGQ4NGEwOGU1
ZDY2ZjkwHhcNMjUxMTExMDkwMDQ5WhcNMjUxMTEyMDkwMDQ5WjAzMTEwLwYDVQQD
Eyg4YTdiODk4YjBkMGFmMzdiYmQ3YmQzZGE1ZTA2YzZjMjJjM2QwOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjI6V/YEm4grvVsYtU8qLkuz82f/
DM9M8tF5QPbTKbYK4TotxIs4+N/gY//3ooAx5f1E3WoR5iJJbqLm/V9MkYvr13+G
KynFDpQ++IIeB0sSpy4hDECP0FR+oGjh7KY5U5dp94WhwrbHtoufbGdY/7WMzWGt
PydT//Zgrq3FbocLZTraCLCWJHWiLymkrM6bevrPDaHYZ+l5D2A43K4WOaP/rzLY
3grcdVDNiDDqJU2cdlOmbujjXrft9IDatxjiLBGPMx4GuEWSI9ArTwu2y8Ut52Mv
Lz7rS/9Vgp3Z44mnp2Rg4C8jvvr4tAqML3qFE9CbQOtVwEw6FWlk/Qel6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIp7iYsNCvN7vXvT2l4GxsIsPQjDMB8GA1UdIwQY
MBaAFFNTqahfoR/EvxVvq02NhKCOXWb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUt
NzlkOTM0ZTRhOTlhLzEvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUtNzlkOTM0ZTRhOTlh
LzEvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIZ8aK4E+
Xvcfw0buGJJZtJ+C9cakJ8N/LDHDsyACbzekWOk+/NIyCt8cDIF459wvF5U/sbSM
S/38hS3t74s9DSQ21Wl3HNPN3xiXyOizIosyeuS6Qb5tAmikSf28g2b4h6irgQrp
fEMn/0/7Wg2Mrb0n5uRNU2R5nHoC8BlR2aHSqljM7IH3mnKuVWXN7f0B7ATdIGFA
ysKZWI+sFU4BtK2gS9hTZjF+gnC8jH39YheLlJcmW1h1/AFdG5JXc34rzBmJb3rh
av24Jrt/TIUJMywD5T4jdYg+LNGAL4cvzzkD4hiXiPC++lfZLfb/6MBjurajWK2M
26b4wo6fr64rOA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:52 2025 by rpki-client