Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/s4WUFGIC4vbDRWsGlv8YVi8bn4E.mft
File: s4WUFGIC4vbDRWsGlv8YVi8bn4E.mft (raw, json)
Hash identifier: S0LRxbaeEQlgew/xC33UruweETS09QElR5vv18o4L5g=
Subject key identifier: 8A:87:F5:F3:FC:92:3B:FB:5B:FA:38:50:A1:D4:8E:D4:4A:58:5B:47
Authority key identifier: B3:85:94:14:62:02:E2:F6:C3:45:6B:06:96:FF:18:56:2F:1B:9F:81
Certificate issuer: /CN=b38594146202e2f6c3456b0696ff18562f1b9f81
Certificate serial: 019A71EE5E4C53811D6B846C1278940E3AA2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4WUFGIC4vbDRWsGlv8YVi8bn4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/s4WUFGIC4vbDRWsGlv8YVi8bn4E.mft
Manifest number: 0AA8
Signing time: Tue 11 Nov 2025 08:00:38 +0000
Manifest this update: Tue 11 Nov 2025 08:00:38 +0000
Manifest next update: Wed 12 Nov 2025 08:00:38 +0000
Files and hashes: 1: IcIyZXTtvGCVT7kmzm3an6XI4Ds.roa (hash: 9+rlboX5YqLY2xGwqsRBQUwcIF0ZyOqFrf8SvNh+rfQ=)
2: s4WUFGIC4vbDRWsGlv8YVi8bn4E.crl (hash: FYYIqAcMc/50pBOKw5iFM0gvZNv5SOAdSnWbxsarci4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/s4WUFGIC4vbDRWsGlv8YVi8bn4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/s4WUFGIC4vbDRWsGlv8YVi8bn4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/s4WUFGIC4vbDRWsGlv8YVi8bn4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:5e:4c:53:81:1d:6b:84:6c:12:78:94:0e:3a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38594146202e2f6c3456b0696ff18562f1b9f81
Validity
Not Before: Nov 11 08:00:38 2025 GMT
Not After : Nov 12 08:00:38 2025 GMT
Subject: CN=8a87f5f3fc923bfb5bfa3850a1d48ed44a585b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:13:bc:ce:10:64:72:9b:dd:59:a7:9a:59:80:
78:d4:af:95:ef:7b:24:1d:d4:98:63:74:21:7c:81:
0c:80:d8:5d:74:d3:f9:ff:1a:28:3a:de:9a:7c:f1:
8e:13:65:ef:71:4f:4c:cd:30:c7:3f:78:cf:8c:87:
21:92:c9:38:c0:d1:d8:51:c6:42:c3:aa:59:65:37:
ba:15:b4:02:8a:e8:d1:b8:be:2b:7e:6d:57:a8:90:
65:8d:5f:2b:26:6a:64:e5:35:7a:e5:f4:6e:2d:27:
be:8f:62:8b:e2:8b:94:ea:b4:07:e5:f4:16:b2:83:
58:58:ff:6d:b1:d1:ac:b7:78:2a:5d:6d:bf:4c:f7:
52:4f:51:a0:22:02:ee:a1:40:e0:b7:07:55:b8:56:
3c:e8:44:29:4a:78:13:b0:ac:9a:67:bb:25:a3:84:
61:aa:8a:a7:b4:36:71:2e:c6:d9:6b:03:e5:73:5c:
68:4c:8e:50:b8:97:54:c1:66:48:3f:e2:47:ea:88:
c4:9f:0c:94:07:d1:5b:11:31:d6:54:0a:9c:04:a9:
73:09:df:36:df:61:c9:e3:8e:ef:ce:de:9e:45:a0:
ab:f8:5c:bd:c2:93:4f:56:09:ae:c3:42:63:55:a8:
ac:ce:ac:10:60:a4:ec:98:99:0e:8a:07:9c:07:6f:
e9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:87:F5:F3:FC:92:3B:FB:5B:FA:38:50:A1:D4:8E:D4:4A:58:5B:47
X509v3 Authority Key Identifier:
keyid:B3:85:94:14:62:02:E2:F6:C3:45:6B:06:96:FF:18:56:2F:1B:9F:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4WUFGIC4vbDRWsGlv8YVi8bn4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/s4WUFGIC4vbDRWsGlv8YVi8bn4E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/d2e826-5acb-47d6-92a4-43bb19f2e53b/1/s4WUFGIC4vbDRWsGlv8YVi8bn4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:87:be:f1:ee:9f:f9:ba:a5:9c:56:8d:9b:7a:8d:b4:91:ec:
9d:31:01:9a:c0:e0:74:9b:06:21:5c:fe:cf:0a:71:a6:0f:06:
f4:4a:d9:f5:07:99:f8:20:43:02:66:ee:2d:1a:f2:0d:79:38:
75:4f:4a:0c:3e:a7:4c:14:54:07:21:c1:01:5a:77:6c:67:fd:
57:1d:04:c7:64:40:1a:6f:d5:d8:39:3a:3d:21:6a:fa:ff:6c:
68:93:ee:a4:42:67:c7:eb:5b:6f:c7:72:58:6b:38:52:9b:3d:
8f:4f:3e:4f:39:dc:90:46:86:53:f2:f1:67:f5:6e:b0:9f:e1:
da:47:e7:c6:c6:9a:e4:8d:db:74:e0:91:be:cf:8e:ef:9b:36:
d3:c8:fd:d6:9e:72:ea:54:30:b1:cb:c9:11:b9:bd:5d:f1:c4:
bd:b4:09:9d:cb:46:6c:f3:db:18:ad:84:ea:97:46:3a:85:d0:
95:32:1d:30:5f:c8:1a:6b:e4:05:98:8f:6a:49:56:c1:d9:c8:
ee:d1:01:b2:07:71:52:09:2b:af:bc:84:af:a9:81:63:c4:36:
ae:ce:b1:0b:eb:6e:1b:d6:95:9d:0e:1d:4c:7a:3a:20:e0:f4:
82:69:fd:6a:f1:37:cc:69:54:2d:5e:2d:56:4a:68:cd:6e:8b:
7d:b8:e2:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7l5MU4Eda4RsEniUDjqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzODU5NDE0NjIwMmUyZjZjMzQ1NmIwNjk2ZmYxODU2MmYx
YjlmODEwHhcNMjUxMTExMDgwMDM4WhcNMjUxMTEyMDgwMDM4WjAzMTEwLwYDVQQD
Eyg4YTg3ZjVmM2ZjOTIzYmZiNWJmYTM4NTBhMWQ0OGVkNDRhNTg1YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxO8zhBkcpvdWaeaWYB41K+V73sk
HdSYY3QhfIEMgNhddNP5/xooOt6afPGOE2XvcU9MzTDHP3jPjIchksk4wNHYUcZC
w6pZZTe6FbQCiujRuL4rfm1XqJBljV8rJmpk5TV65fRuLSe+j2KL4ouU6rQH5fQW
soNYWP9tsdGst3gqXW2/TPdST1GgIgLuoUDgtwdVuFY86EQpSngTsKyaZ7slo4Rh
qoqntDZxLsbZawPlc1xoTI5QuJdUwWZIP+JH6ojEnwyUB9FbETHWVAqcBKlzCd82
32HJ447vzt6eRaCr+Fy9wpNPVgmuw0JjVaiszqwQYKTsmJkOigecB2/plQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqH9fP8kjv7W/o4UKHUjtRKWFtHMB8GA1UdIwQY
MBaAFLOFlBRiAuL2w0VrBpb/GFYvG5+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczRXVUZHSUM0dmJEUldzR2x2OFlWaThibjRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kMmU4MjYtNWFjYi00N2Q2LTkyYTQt
NDNiYjE5ZjJlNTNiLzEvczRXVUZHSUM0dmJEUldzR2x2OFlWaThibjRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9kMmU4MjYtNWFjYi00N2Q2LTkyYTQtNDNiYjE5ZjJlNTNi
LzEvczRXVUZHSUM0dmJEUldzR2x2OFlWaThibjRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApIe+8e6f
+bqlnFaNm3qNtJHsnTEBmsDgdJsGIVz+zwpxpg8G9ErZ9QeZ+CBDAmbuLRryDXk4
dU9KDD6nTBRUByHBAVp3bGf9Vx0Ex2RAGm/V2Dk6PSFq+v9saJPupEJnx+tbb8dy
WGs4Ups9j08+TznckEaGU/LxZ/VusJ/h2kfnxsaa5I3bdOCRvs+O75s208j91p5y
6lQwscvJEbm9XfHEvbQJnctGbPPbGK2E6pdGOoXQlTIdMF/IGmvkBZiPaklWwdnI
7tEBsgdxUgkrr7yEr6mBY8Q2rs6xC+tuG9aVnQ4dTHo6IOD0gmn9avE3zGlULV4t
VkpozW6LfbjixA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:37 2025 by rpki-client