Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
File: upcN4SazoLVI2tdvXvqIhVxvH_I.mft (raw, json)
Hash identifier: B/wVtq7eo4Se5/RCsAvNWuunv44fYEOaEuSyjGwkLo8=
Subject key identifier: 88:3A:A3:D9:1B:C6:1C:9D:9F:4A:71:6A:E5:1C:30:1C:82:BE:28:6D
Authority key identifier: BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2
Certificate issuer: /CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2
Certificate serial: 019A71B7753B21CCE1A3C47B5DFFFCF1BED6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
Manifest number: 0AA5
Signing time: Tue 11 Nov 2025 07:00:39 +0000
Manifest this update: Tue 11 Nov 2025 07:00:39 +0000
Manifest next update: Wed 12 Nov 2025 07:00:39 +0000
Files and hashes: 1: iB0nh2pqz5-ySXR-fF2YCAS68X8.roa (hash: Y94jSzgT6noKQkiYTVT17vXi3fN7I6D0Bkm1xKFYYKk=)
2: upcN4SazoLVI2tdvXvqIhVxvH_I.crl (hash: AkoEfUa0RgPCFMTmvJ5koxJRzf4JCrREW7T1FzyyGz0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:75:3b:21:cc:e1:a3:c4:7b:5d:ff:fc:f1:be:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2
Validity
Not Before: Nov 11 07:00:39 2025 GMT
Not After : Nov 12 07:00:39 2025 GMT
Subject: CN=883aa3d91bc61c9d9f4a716ae51c301c82be286d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:56:21:55:4e:e1:de:3b:21:a8:8a:34:42:10:
cb:3e:f6:99:e9:d5:b9:5d:2a:2b:30:61:1d:8f:35:
45:f5:d9:7c:2e:0f:0e:06:d3:aa:03:8e:5f:76:ab:
d6:e3:3a:d9:5b:c8:2e:ec:4e:c7:5a:9e:71:60:72:
62:e6:9c:68:90:a2:64:51:41:0e:6c:90:ac:b5:33:
8b:22:d4:7e:94:d8:e3:1a:90:f7:f2:b6:a4:cd:b7:
8e:66:df:90:e0:4e:67:62:86:86:17:07:1b:35:3d:
ff:da:18:73:de:e3:ed:3f:4c:93:18:2a:c2:1a:46:
50:87:40:2b:53:81:cf:c8:ff:24:f0:c7:b7:7c:93:
2a:eb:60:54:b8:00:c7:65:eb:d2:bd:34:67:2d:13:
2b:55:fd:d5:b1:03:bb:c6:70:66:84:fa:8d:cf:82:
f3:56:c2:3c:b1:b4:41:d3:d4:ad:2a:22:b2:b1:f9:
38:92:ca:3a:7e:1a:c3:6c:40:4f:d9:ae:32:47:32:
d5:a5:24:27:48:7f:1b:d1:ec:d9:da:38:f6:1e:7b:
6f:07:4f:c1:06:59:ca:c3:83:cd:60:b0:f6:ee:91:
89:0e:c0:c6:e4:23:2f:76:ce:82:64:c8:b7:bd:f1:
a8:0a:31:70:22:59:af:ac:27:51:92:7b:f2:a0:80:
31:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3A:A3:D9:1B:C6:1C:9D:9F:4A:71:6A:E5:1C:30:1C:82:BE:28:6D
X509v3 Authority Key Identifier:
keyid:BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:f9:15:71:b6:89:19:a3:bb:08:03:8e:12:1c:4b:30:ce:4a:
f0:53:c0:13:d3:33:fb:4a:09:55:b1:f8:46:f1:5f:35:f9:ba:
1e:f7:79:da:d1:b5:41:a2:05:7a:01:f2:f8:8f:c9:96:ea:3a:
50:38:bf:d0:c6:77:92:3e:3c:fa:7c:e0:c9:25:c4:77:5f:7a:
e4:df:31:57:b5:95:72:3c:a5:29:56:ce:97:6b:89:4b:51:b8:
ce:94:3c:be:57:6f:9d:2a:bc:8a:a4:52:7f:85:19:ad:10:91:
92:61:aa:62:5a:3b:b2:f6:c7:e3:c1:54:56:a3:2d:1b:d8:86:
70:67:1f:f8:d1:87:63:c6:4e:6a:48:1a:f0:db:d8:c1:3d:6e:
08:d9:8a:ff:c9:07:ad:cf:fa:7c:86:a7:bb:c7:34:1c:0a:26:
27:d7:69:16:51:7c:db:53:7b:9f:b5:8c:cc:79:d8:19:18:9d:
17:e1:ad:1d:03:d9:6a:f0:a0:3b:3c:0d:b0:0d:6c:e8:99:bb:
a2:14:6b:21:5b:ff:e5:9f:50:1e:2b:8d:5b:7f:aa:b7:a2:8e:
6b:f3:d6:38:fe:1d:04:b7:54:13:9e:19:db:9f:21:8e:71:80:
ca:6c:3f:d5:ca:4d:a3:a3:8f:d9:e5:11:b0:4f:74:09:61:a2:
09:6a:a6:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3U7Iczho8R7Xf/88b7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTcwZGUxMjZiM2EwYjU0OGRhZDc2ZjVlZmE4ODg1NWM2
ZjFmZjIwHhcNMjUxMTExMDcwMDM5WhcNMjUxMTEyMDcwMDM5WjAzMTEwLwYDVQQD
Eyg4ODNhYTNkOTFiYzYxYzlkOWY0YTcxNmFlNTFjMzAxYzgyYmUyODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVYhVU7h3jshqIo0QhDLPvaZ6dW5
XSorMGEdjzVF9dl8Lg8OBtOqA45fdqvW4zrZW8gu7E7HWp5xYHJi5pxokKJkUUEO
bJCstTOLItR+lNjjGpD38rakzbeOZt+Q4E5nYoaGFwcbNT3/2hhz3uPtP0yTGCrC
GkZQh0ArU4HPyP8k8Me3fJMq62BUuADHZevSvTRnLRMrVf3VsQO7xnBmhPqNz4Lz
VsI8sbRB09StKiKysfk4kso6fhrDbEBP2a4yRzLVpSQnSH8b0ezZ2jj2HntvB0/B
BlnKw4PNYLD27pGJDsDG5CMvds6CZMi3vfGoCjFwIlmvrCdRknvyoIAxiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIg6o9kbxhydn0pxauUcMByCvihtMB8GA1UdIwQY
MBaAFLqXDeEms6C1SNrXb176iIVcbx/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAt
M2FiYTU5NWI1OGE4LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAtM2FiYTU5NWI1OGE4
LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyvkVcbaJ
GaO7CAOOEhxLMM5K8FPAE9Mz+0oJVbH4RvFfNfm6Hvd52tG1QaIFegHy+I/Jluo6
UDi/0MZ3kj48+nzgySXEd1965N8xV7WVcjylKVbOl2uJS1G4zpQ8vldvnSq8iqRS
f4UZrRCRkmGqYlo7svbH48FUVqMtG9iGcGcf+NGHY8ZOakga8NvYwT1uCNmK/8kH
rc/6fIanu8c0HAomJ9dpFlF821N7n7WMzHnYGRidF+GtHQPZavCgOzwNsA1s6Jm7
ohRrIVv/5Z9QHiuNW3+qt6KOa/PWOP4dBLdUE54Z258hjnGAymw/1cpNo6OP2eUR
sE90CWGiCWqmLA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:59 2025 by rpki-client