Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/UJSiarpxAHYh_VmdU3u3rqreizM.mft
File: UJSiarpxAHYh_VmdU3u3rqreizM.mft (raw, json)
Hash identifier: SM7kybJfhEWNeZj3xAbDGHmppSYpeI+3tsSa57FMtU0=
Subject key identifier: DF:8D:61:6D:0C:2C:29:37:E1:58:E4:67:BA:71:7F:CA:85:32:8A:4B
Authority key identifier: 50:94:A2:6A:BA:71:00:76:21:FD:59:9D:53:7B:B7:AE:AA:DE:8B:33
Certificate issuer: /CN=5094a26aba71007621fd599d537bb7aeaade8b33
Certificate serial: 019A72940FA8C373984B58562EE64ED9FC0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJSiarpxAHYh_VmdU3u3rqreizM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/UJSiarpxAHYh_VmdU3u3rqreizM.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 11:01:37 +0000
Manifest this update: Tue 11 Nov 2025 11:01:37 +0000
Manifest next update: Wed 12 Nov 2025 11:01:37 +0000
Files and hashes: 1: PYLR3kfr_0El_Ga2E9JeZcCyCVc.roa (hash: A0449RCi6B29H8zKA0rMM/NDvKNi2c+elOaTXG6BpHk=)
2: UJSiarpxAHYh_VmdU3u3rqreizM.crl (hash: Jxbj5rXBzYDtcOLt3Ao3knZAltZMiWEKvzkP9gywgGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/UJSiarpxAHYh_VmdU3u3rqreizM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/UJSiarpxAHYh_VmdU3u3rqreizM.mft
rsync://rpki.ripe.net/repository/DEFAULT/UJSiarpxAHYh_VmdU3u3rqreizM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:94:0f:a8:c3:73:98:4b:58:56:2e:e6:4e:d9:fc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5094a26aba71007621fd599d537bb7aeaade8b33
Validity
Not Before: Nov 11 11:01:37 2025 GMT
Not After : Nov 12 11:01:37 2025 GMT
Subject: CN=df8d616d0c2c2937e158e467ba717fca85328a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c0:2f:a3:ec:df:b8:cf:b4:f3:5f:e7:12:16:
b0:98:04:9f:a1:5a:65:e7:2b:1d:de:06:56:78:e4:
f7:f3:73:70:d4:71:47:3c:28:eb:00:17:f8:a0:d4:
a7:a2:8c:82:65:0b:54:32:84:b0:1c:3f:95:3e:3a:
38:f3:00:eb:65:07:65:fe:49:43:95:4a:78:3c:8e:
8f:36:f8:67:7d:cb:4a:ce:8f:1c:c6:32:e6:fe:ae:
c0:8e:5a:16:3a:4f:0f:c6:c4:24:33:79:aa:24:51:
a0:5e:a6:a4:4c:d1:6c:88:42:5f:31:81:e4:8b:4a:
a8:39:b3:f5:29:25:5c:fa:8d:d0:c5:f1:99:c6:3a:
61:e1:74:c6:44:a6:1b:16:5c:3c:b2:27:89:00:34:
00:63:e0:26:82:ba:ad:3d:06:66:f5:a4:c9:a5:f7:
01:16:b4:93:4e:3d:a7:f2:8d:b0:65:b3:a8:7e:81:
db:ab:2a:74:6b:81:5b:f5:78:73:b6:39:ca:67:1d:
c6:8d:5c:93:65:0a:10:60:d1:bd:ab:27:3b:4d:2e:
b3:f5:bf:ef:23:2b:0b:4c:bb:34:d8:b6:51:39:c6:
44:6b:31:c1:29:27:30:cf:1e:ba:30:2b:ab:82:1c:
68:a7:5b:c7:e2:a8:f6:d0:d8:12:ae:70:62:55:4b:
b5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8D:61:6D:0C:2C:29:37:E1:58:E4:67:BA:71:7F:CA:85:32:8A:4B
X509v3 Authority Key Identifier:
keyid:50:94:A2:6A:BA:71:00:76:21:FD:59:9D:53:7B:B7:AE:AA:DE:8B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJSiarpxAHYh_VmdU3u3rqreizM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/UJSiarpxAHYh_VmdU3u3rqreizM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fce78-4f9d-4847-b759-b451e477b9c2/1/UJSiarpxAHYh_VmdU3u3rqreizM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:07:e4:5f:e7:cd:ac:ae:a6:75:9c:ce:22:14:6f:0a:50:8b:
be:c6:71:17:08:e5:e0:eb:c4:3e:8d:d4:e5:75:8a:99:b1:d7:
79:95:52:93:cc:58:76:14:2c:e4:19:64:e4:7d:36:23:36:f1:
04:a2:66:9b:05:e8:02:b0:b6:5d:2c:82:6a:8f:08:4a:8d:4e:
4b:e4:d0:d7:9c:84:13:14:db:99:52:d8:ea:c3:67:65:79:35:
9c:3e:3f:8e:b0:50:5a:72:49:32:17:e9:b6:a7:3f:c3:d8:a0:
5e:bc:4e:73:68:14:3a:85:33:f1:f8:4f:a5:dd:e9:81:13:2b:
00:36:3e:42:ad:15:cd:2e:b0:c9:76:cd:a9:44:b6:cd:0b:2e:
7e:df:02:6b:d3:fe:1d:b2:4a:b4:98:41:28:1a:b8:d5:4d:8e:
29:2d:7b:37:25:7d:45:59:b6:ed:c5:b0:a0:8d:95:fa:85:c4:
49:9a:73:41:ef:86:3c:27:a7:db:16:cd:ad:37:c5:05:92:f3:
a8:4e:73:4b:e5:48:c1:71:75:cb:1a:d4:ef:44:b1:0e:b4:5d:
16:7f:af:3a:ce:c0:0f:0a:70:92:f2:79:04:6d:4e:f6:72:59:
5e:db:11:cf:51:63:d5:7b:3a:2c:0c:61:89:93:b3:c0:c6:8b:
86:3a:a4:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpylA+ow3OYS1hWLuZO2fwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTRhMjZhYmE3MTAwNzYyMWZkNTk5ZDUzN2JiN2FlYWFk
ZThiMzMwHhcNMjUxMTExMTEwMTM3WhcNMjUxMTEyMTEwMTM3WjAzMTEwLwYDVQQD
EyhkZjhkNjE2ZDBjMmMyOTM3ZTE1OGU0NjdiYTcxN2ZjYTg1MzI4YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMAvo+zfuM+081/nEhawmASfoVpl
5ysd3gZWeOT383Nw1HFHPCjrABf4oNSnooyCZQtUMoSwHD+VPjo48wDrZQdl/klD
lUp4PI6PNvhnfctKzo8cxjLm/q7AjloWOk8PxsQkM3mqJFGgXqakTNFsiEJfMYHk
i0qoObP1KSVc+o3QxfGZxjph4XTGRKYbFlw8sieJADQAY+AmgrqtPQZm9aTJpfcB
FrSTTj2n8o2wZbOofoHbqyp0a4Fb9XhztjnKZx3GjVyTZQoQYNG9qyc7TS6z9b/v
IysLTLs02LZROcZEazHBKScwzx66MCurghxop1vH4qj20NgSrnBiVUu1NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+NYW0MLCk34VjkZ7pxf8qFMopLMB8GA1UdIwQY
MBaAFFCUomq6cQB2If1ZnVN7t66q3oszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpTaWFycHhBSFloX1ZtZFUzdTNycXJlaXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85ZmNlNzgtNGY5ZC00ODQ3LWI3NTkt
YjQ1MWU0NzdiOWMyLzEvVUpTaWFycHhBSFloX1ZtZFUzdTNycXJlaXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85ZmNlNzgtNGY5ZC00ODQ3LWI3NTktYjQ1MWU0NzdiOWMy
LzEvVUpTaWFycHhBSFloX1ZtZFUzdTNycXJlaXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgfkX+fN
rK6mdZzOIhRvClCLvsZxFwjl4OvEPo3U5XWKmbHXeZVSk8xYdhQs5Blk5H02Izbx
BKJmmwXoArC2XSyCao8ISo1OS+TQ15yEExTbmVLY6sNnZXk1nD4/jrBQWnJJMhfp
tqc/w9igXrxOc2gUOoUz8fhPpd3pgRMrADY+Qq0VzS6wyXbNqUS2zQsuft8Ca9P+
HbJKtJhBKBq41U2OKS17NyV9RVm27cWwoI2V+oXESZpzQe+GPCen2xbNrTfFBZLz
qE5zS+VIwXF1yxrU70SxDrRdFn+vOs7ADwpwkvJ5BG1O9nJZXtsRz1Fj1Xs6LAxh
iZOzwMaLhjqkZg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:36:48 2025 by rpki-client