Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.mft
File: u3zLGm47yrYxnTF_YsdL8eH0FHM.mft (raw, json)
Hash identifier: ffFCibpmles0+a3cyIQrWKm9LrIS9EH6gU3y+iZ4zzY=
Subject key identifier: F4:72:05:29:EF:6E:35:83:EC:3F:E0:4B:80:AC:F4:69:D7:38:BC:5B
Authority key identifier: BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
Certificate issuer: /CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Certificate serial: 019933808F599E68FDC9F79BC8F70EF8CE8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.mft
Manifest number: 0648
Signing time: Wed 10 Sep 2025 12:01:27 +0000
Manifest this update: Wed 10 Sep 2025 12:01:27 +0000
Manifest next update: Thu 11 Sep 2025 12:01:27 +0000
Files and hashes: 1: WziYZQTgG6uYWNEdvqwQxarVou4.roa (hash: K1TtQwXEcoMLvYVaawZdU+KIeSsRtPv5nA+Jxlzh0sU=)
2: u3zLGm47yrYxnTF_YsdL8eH0FHM.crl (hash: W5HFbjX2fMafO2xNv3xtVefbQlnyngcFIEdJrQBIhCM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 11:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:80:8f:59:9e:68:fd:c9:f7:9b:c8:f7:0e:f8:ce:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Validity
Not Before: Sep 10 12:01:27 2025 GMT
Not After : Sep 11 12:01:27 2025 GMT
Subject: CN=f4720529ef6e3583ec3fe04b80acf469d738bc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ce:0d:dc:20:e1:12:2a:71:da:bf:d2:c3:2f:
60:2e:ea:5d:d5:fd:88:fc:f8:e2:95:3a:c6:a8:6f:
93:1a:b5:75:2c:31:52:53:d1:01:49:48:aa:25:a0:
3c:49:5b:de:20:f2:98:01:23:03:58:4e:62:ab:03:
ce:59:c2:78:5a:d1:c4:32:f1:1f:98:67:6e:40:1f:
d4:02:cf:40:97:db:59:a5:49:f6:e0:bd:c0:f0:e2:
48:13:19:6f:71:f1:e2:a0:6d:e3:86:e2:84:ab:89:
db:d6:e8:38:90:4f:76:28:e5:b5:84:b8:ff:59:77:
97:1d:2d:e8:dc:af:3f:9a:a0:13:0c:00:a6:be:c7:
ab:19:42:90:cc:fa:8a:21:0d:ba:3e:94:2d:4c:4f:
1b:1d:4b:5f:80:67:e5:34:02:9b:5d:3d:96:96:b2:
63:a0:b6:0a:e3:ec:ea:5d:5f:8b:0e:b7:75:48:4a:
fb:2f:ab:d3:8c:cd:2b:9d:0b:5c:a2:7c:2d:32:4c:
ae:71:3b:a0:59:28:7e:e3:a9:ef:91:ad:10:e4:d5:
05:25:9c:5b:57:a1:b7:38:22:c3:fe:c2:c2:42:0c:
e4:b3:d4:21:97:50:d3:ec:1b:9b:9c:58:b8:51:e6:
b0:3d:fa:07:5d:95:ca:02:27:be:59:93:79:e9:2e:
0d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:72:05:29:EF:6E:35:83:EC:3F:E0:4B:80:AC:F4:69:D7:38:BC:5B
X509v3 Authority Key Identifier:
keyid:BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:f0:8b:5b:89:49:53:79:c3:75:3c:3a:d5:52:0b:1c:29:17:
83:85:1e:56:31:48:d7:34:76:df:c2:eb:5c:24:81:c6:bc:87:
cf:fb:6e:87:0f:4d:6d:1a:eb:b1:b7:f2:ce:28:fb:40:1d:0c:
97:81:23:48:5b:2a:ec:f9:91:4d:3e:ac:64:9d:b9:b6:1d:49:
11:58:59:c8:02:06:5a:78:76:13:11:31:a1:77:11:63:e3:e0:
86:73:2b:e0:9f:92:76:0f:43:fe:c1:40:06:5c:67:1c:92:f2:
be:19:a8:66:c6:c0:d9:ef:55:ca:b4:84:ad:fb:83:7a:80:2d:
cd:df:0a:9d:e7:a7:80:07:a6:4f:b9:f0:50:2f:5a:c2:ce:79:
3f:e7:e4:52:5b:39:54:94:48:d8:30:2e:a1:68:18:01:16:6f:
29:ab:6e:93:bf:39:78:69:b0:22:21:0d:9a:83:5c:d3:dc:1e:
68:03:94:08:b4:c7:15:bb:7a:c7:21:6e:d1:04:19:e1:39:f0:
40:66:b9:70:e0:db:ed:42:9f:4e:b0:33:2f:9c:a1:39:c1:32:
6c:66:d9:66:f2:45:14:33:a7:9f:b3:f3:39:7f:6c:aa:bd:27:
0f:c7:c8:78:32:36:3b:82:54:56:93:7f:ad:78:23:52:ca:fb:
df:6f:d0:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkzgI9Znmj9yfebyPcO+M6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiN2NjYjFhNmUzYmNhYjYzMTlkMzE3ZjYyYzc0YmYxZTFm
NDE0NzMwHhcNMjUwOTEwMTIwMTI3WhcNMjUwOTExMTIwMTI3WjAzMTEwLwYDVQQD
EyhmNDcyMDUyOWVmNmUzNTgzZWMzZmUwNGI4MGFjZjQ2OWQ3MzhiYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms4N3CDhEipx2r/Swy9gLupd1f2I
/PjilTrGqG+TGrV1LDFSU9EBSUiqJaA8SVveIPKYASMDWE5iqwPOWcJ4WtHEMvEf
mGduQB/UAs9Al9tZpUn24L3A8OJIExlvcfHioG3jhuKEq4nb1ug4kE92KOW1hLj/
WXeXHS3o3K8/mqATDACmvserGUKQzPqKIQ26PpQtTE8bHUtfgGflNAKbXT2WlrJj
oLYK4+zqXV+LDrd1SEr7L6vTjM0rnQtconwtMkyucTugWSh+46nvka0Q5NUFJZxb
V6G3OCLD/sLCQgzks9Qhl1DT7BubnFi4UeawPfoHXZXKAie+WZN56S4NIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPRyBSnvbjWD7D/gS4Cs9GnXOLxbMB8GA1UdIwQY
MBaAFLt8yxpuO8q2MZ0xf2LHS/Hh9BRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMt
NjRiMGU2MTRkMDA0LzEvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMtNjRiMGU2MTRkMDA0
LzEvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPCLW4lJ
U3nDdTw61VILHCkXg4UeVjFI1zR238LrXCSBxryHz/tuhw9NbRrrsbfyzij7QB0M
l4EjSFsq7PmRTT6sZJ25th1JEVhZyAIGWnh2ExExoXcRY+PghnMr4J+Sdg9D/sFA
BlxnHJLyvhmoZsbA2e9VyrSErfuDeoAtzd8KneengAemT7nwUC9aws55P+fkUls5
VJRI2DAuoWgYARZvKatuk785eGmwIiENmoNc09weaAOUCLTHFbt6xyFu0QQZ4Tnw
QGa5cODb7UKfTrAzL5yhOcEybGbZZvJFFDOnn7PzOX9sqr0nD8fIeDI2O4JUVpN/
rXgjUsr732/QPg==
-----END CERTIFICATE-----
Generated at Wed Sep 10 14:46:07 2025 by rpki-client