Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: rm0nsVnMTYIOgGJ39D7BCYNxiZblzPoxR6dZH73XsCw=
Subject key identifier: D2:BE:D9:60:4D:7D:E8:40:B2:C1:3E:88:76:62:BF:8A:2D:B9:30:C0
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 019A21ADCEA66738B0183C0A3883B642657E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 16F5
Signing time: Sun 26 Oct 2025 18:00:29 +0000
Manifest this update: Sun 26 Oct 2025 18:00:29 +0000
Manifest next update: Mon 27 Oct 2025 18:00:29 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: wGHe4CiNgMY+7Co7FsUMRfiadv9FuFkVgsggbcIpAUk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 18:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:ad:ce:a6:67:38:b0:18:3c:0a:38:83:b6:42:65:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Oct 26 18:00:29 2025 GMT
Not After : Oct 27 18:00:29 2025 GMT
Subject: CN=d2bed9604d7de840b2c13e887662bf8a2db930c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:86:0a:7d:0a:56:2a:c0:5c:9d:e8:ce:04:47:
e2:15:b1:17:54:eb:7b:12:d0:c2:ae:ff:1e:61:76:
11:08:ff:20:14:45:f3:5b:03:21:5b:43:82:4b:5a:
85:5f:a0:cf:fe:d4:77:27:47:38:0c:b7:2d:06:88:
d6:b9:8f:c4:9f:2a:41:e3:b6:ad:0f:9f:e3:7a:aa:
b2:ca:15:27:02:d4:e0:f4:48:7c:d7:c0:1e:69:bc:
7c:c2:d1:7c:d1:d2:7d:aa:78:f8:09:fa:ca:d0:67:
a2:85:00:67:00:b4:d6:f9:60:c3:32:7b:af:e3:0b:
74:4d:4d:0e:6c:21:95:8a:7d:6f:ae:fa:9b:4d:ff:
cd:81:ad:8e:6b:e9:b8:c7:40:c6:f7:07:23:6d:c4:
1d:c2:b8:07:83:3e:34:d7:30:ff:08:88:03:5d:e3:
5b:92:f3:7c:30:6c:bd:25:61:8b:c6:9f:c7:af:97:
29:78:5a:e7:0b:93:9f:9d:f9:f5:28:b5:5b:45:3e:
3e:78:01:3e:4b:05:1f:b8:e9:2c:b7:0a:b4:5c:04:
f6:90:e7:f0:46:79:d6:84:d3:af:64:92:a2:6c:aa:
00:e0:e0:86:0e:f0:79:a7:1f:d3:d6:ee:ee:3b:69:
0c:36:02:c2:ae:7b:0f:f6:b8:05:75:57:a2:11:7b:
14:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BE:D9:60:4D:7D:E8:40:B2:C1:3E:88:76:62:BF:8A:2D:B9:30:C0
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:41:58:bc:a4:1a:ae:af:96:44:39:f6:b0:15:10:d4:18:95:
71:b3:5b:d8:68:74:b8:54:25:68:c6:59:a1:dc:2f:aa:4b:20:
45:32:7d:ca:75:0c:59:82:16:94:a3:de:c7:21:af:62:8a:84:
2a:f5:19:dc:f0:a9:57:8e:c5:24:f4:4d:22:e1:8f:47:4a:37:
a6:2b:bd:45:35:c9:56:a2:d6:41:8c:b1:59:99:b5:dc:8d:b6:
76:52:0a:b0:23:65:d1:0d:1a:da:54:30:cc:e4:5d:6a:5a:9a:
a4:80:c5:fe:49:91:72:d8:f2:cf:0a:cc:07:14:81:82:90:45:
a0:63:20:5f:56:dc:b7:14:57:94:67:7a:ac:a1:04:15:17:0e:
48:37:05:1c:5d:34:87:f7:49:23:2f:f1:97:9f:e5:9f:74:40:
6f:98:65:f5:de:cd:69:6f:cd:06:ce:f4:49:c7:65:63:1b:8d:
a0:70:b5:e9:19:2f:62:34:0e:04:d8:1a:db:8e:55:81:29:00:
ab:8c:8a:88:06:c1:a9:8f:64:c1:b6:89:1f:3e:b6:01:3d:a4:
36:c4:46:96:59:a6:45:7e:6b:d1:e2:5e:87:55:3e:94:be:72:
92:33:a9:a4:2f:21:6d:24:67:66:ae:b4:89:84:b8:01:59:03:
12:f4:8f:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZohrc6mZziwGDwKOIO2QmV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUxMDI2MTgwMDI5WhcNMjUxMDI3MTgwMDI5WjAzMTEwLwYDVQQD
EyhkMmJlZDk2MDRkN2RlODQwYjJjMTNlODg3NjYyYmY4YTJkYjkzMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44YKfQpWKsBcnejOBEfiFbEXVOt7
EtDCrv8eYXYRCP8gFEXzWwMhW0OCS1qFX6DP/tR3J0c4DLctBojWuY/EnypB47at
D5/jeqqyyhUnAtTg9Eh818Aeabx8wtF80dJ9qnj4CfrK0GeihQBnALTW+WDDMnuv
4wt0TU0ObCGVin1vrvqbTf/Nga2Oa+m4x0DG9wcjbcQdwrgHgz401zD/CIgDXeNb
kvN8MGy9JWGLxp/Hr5cpeFrnC5Ofnfn1KLVbRT4+eAE+SwUfuOkstwq0XAT2kOfw
RnnWhNOvZJKibKoA4OCGDvB5px/T1u7uO2kMNgLCrnsP9rgFdVeiEXsU4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNK+2WBNfehAssE+iHZiv4otuTDAMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEFYvKQa
rq+WRDn2sBUQ1BiVcbNb2Gh0uFQlaMZZodwvqksgRTJ9ynUMWYIWlKPexyGvYoqE
KvUZ3PCpV47FJPRNIuGPR0o3piu9RTXJVqLWQYyxWZm13I22dlIKsCNl0Q0a2lQw
zORdalqapIDF/kmRctjyzwrMBxSBgpBFoGMgX1bctxRXlGd6rKEEFRcOSDcFHF00
h/dJIy/xl5/ln3RAb5hl9d7NaW/NBs70ScdlYxuNoHC16RkvYjQOBNga245VgSkA
q4yKiAbBqY9kwbaJHz62AT2kNsRGllmmRX5r0eJeh1U+lL5ykjOppC8hbSRnZq60
iYS4AVkDEvSP8Q==
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:04:05 2025 by rpki-client