Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/fbd382-10d0-4684-8836-eed1d0967078/1/0uuxFmwGDbJd-U8CvS-PnabE3Us.mft
File: 0uuxFmwGDbJd-U8CvS-PnabE3Us.mft (raw, json)
Hash identifier: KWQSNg5yC/1SvPcdav0CFwWcUvRBQ1bcaq44CLJkrlU=
Subject key identifier: A4:04:C2:9C:37:62:B3:7F:41:FF:F7:40:73:9F:39:3B:D8:31:E5:A0
Authority key identifier: D2:EB:B1:16:6C:06:0D:B2:5D:F9:4F:02:BD:2F:8F:9D:A6:C4:DD:4B
Certificate issuer: /CN=d2ebb1166c060db25df94f02bd2f8f9da6c4dd4b
Certificate serial: 019A72261D9361FDEADB6A92C753C601F2C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0uuxFmwGDbJd-U8CvS-PnabE3Us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/fbd382-10d0-4684-8836-eed1d0967078/1/0uuxFmwGDbJd-U8CvS-PnabE3Us.mft
Manifest number: 12DA
Signing time: Tue 11 Nov 2025 09:01:31 +0000
Manifest this update: Tue 11 Nov 2025 09:01:31 +0000
Manifest next update: Wed 12 Nov 2025 09:01:31 +0000
Files and hashes: 1: 0uuxFmwGDbJd-U8CvS-PnabE3Us.crl (hash: u3aa6yDBRKm9e3mtgJdpTdaamQOgrpoNt20yZiAHpEo=)
2: LdFx4O_axkyLwKBn8hayXhVuuTY.roa (hash: +qJwhkRCeLKYqE6tG+1RNrXKKNfgmZMWphTwQtobs60=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/fbd382-10d0-4684-8836-eed1d0967078/1/0uuxFmwGDbJd-U8CvS-PnabE3Us.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/fbd382-10d0-4684-8836-eed1d0967078/1/0uuxFmwGDbJd-U8CvS-PnabE3Us.mft
rsync://rpki.ripe.net/repository/DEFAULT/0uuxFmwGDbJd-U8CvS-PnabE3Us.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:1d:93:61:fd:ea:db:6a:92:c7:53:c6:01:f2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ebb1166c060db25df94f02bd2f8f9da6c4dd4b
Validity
Not Before: Nov 11 09:01:31 2025 GMT
Not After : Nov 12 09:01:31 2025 GMT
Subject: CN=a404c29c3762b37f41fff740739f393bd831e5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f2:27:42:a5:b7:6e:19:6e:3c:c0:34:11:6c:
b1:d8:08:57:7c:44:1d:de:ec:dc:6e:10:13:0a:e4:
01:53:a1:79:cd:80:57:a9:96:54:73:2b:03:db:aa:
06:d6:8c:b7:a2:98:81:0e:b1:b4:b1:69:1e:25:eb:
ad:63:0c:c5:42:49:65:04:e6:8c:0f:e0:81:fc:98:
7a:73:f9:e0:69:5f:64:fb:24:de:88:80:14:3c:3c:
0d:c8:37:4e:17:5f:45:c4:d3:eb:96:53:ca:f4:51:
66:13:80:0f:67:9e:cd:53:32:7f:df:f4:64:51:2e:
31:bd:d8:d7:56:22:eb:e7:a0:b5:31:69:27:f8:3b:
b9:05:e7:f9:95:f6:e1:50:63:04:d2:a6:cd:6b:72:
ad:94:17:a4:1d:64:59:15:9c:07:00:05:c4:7d:6c:
4e:a4:8a:cc:4a:4e:4a:87:91:c5:fa:78:b9:6b:24:
d7:ba:76:8e:d0:3e:0c:a1:f5:0f:f5:0e:1d:97:58:
ab:50:b2:c2:f0:cb:51:da:87:b0:98:7e:99:58:81:
b6:9f:1a:ed:8e:ed:c1:d6:cd:b4:ed:8f:2d:d0:15:
86:6f:6f:c0:9d:09:0e:38:30:e1:af:e9:20:ff:8e:
c1:5c:9f:c2:97:7b:4d:0a:b3:f0:9a:d4:7d:20:80:
a3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:04:C2:9C:37:62:B3:7F:41:FF:F7:40:73:9F:39:3B:D8:31:E5:A0
X509v3 Authority Key Identifier:
keyid:D2:EB:B1:16:6C:06:0D:B2:5D:F9:4F:02:BD:2F:8F:9D:A6:C4:DD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0uuxFmwGDbJd-U8CvS-PnabE3Us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/fbd382-10d0-4684-8836-eed1d0967078/1/0uuxFmwGDbJd-U8CvS-PnabE3Us.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/fbd382-10d0-4684-8836-eed1d0967078/1/0uuxFmwGDbJd-U8CvS-PnabE3Us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:8a:2c:7a:dc:6f:34:7c:b4:d6:79:e6:2c:db:ad:cb:0b:8d:
40:d8:78:86:7a:98:e7:8b:13:8f:dc:50:28:ca:47:f0:a4:3f:
89:e0:c7:3d:c1:7d:db:ee:71:ab:d0:f6:4c:29:7e:8d:c5:96:
2a:ec:26:a8:b0:cb:aa:c2:02:b7:f5:80:02:e0:d5:b4:78:98:
35:04:c4:88:de:fd:07:74:91:9a:f6:5b:a4:a7:4d:8c:06:74:
d8:df:d0:16:36:ef:31:71:e5:da:be:54:5c:10:d5:3d:3a:98:
a8:7f:04:c9:60:21:ce:0c:81:80:aa:87:32:8d:06:80:95:7d:
f1:8a:fa:26:af:bc:f8:65:fb:5c:eb:df:43:40:44:f7:7b:d1:
1b:18:78:66:6f:11:c1:9f:a9:e7:b3:ac:d6:a2:01:9c:d3:6b:
d8:a1:9d:81:6e:50:e7:20:e5:0c:15:7e:ea:d7:e5:92:64:e3:
83:1a:f3:c8:37:ea:66:47:a1:5a:47:3a:f6:47:9c:c3:bc:ef:
17:37:3c:60:08:b0:f9:c9:3b:4e:d9:ec:4c:c7:8f:07:2a:27:
cb:1b:ba:cf:49:ec:b2:53:26:4a:d2:5c:23:13:85:c8:0e:aa:
31:65:3c:f5:7e:4d:66:a8:3e:4e:39:fd:58:ff:30:f2:0f:7e:
28:01:b1:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJh2TYf3q22qSx1PGAfLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWJiMTE2NmMwNjBkYjI1ZGY5NGYwMmJkMmY4ZjlkYTZj
NGRkNGIwHhcNMjUxMTExMDkwMTMxWhcNMjUxMTEyMDkwMTMxWjAzMTEwLwYDVQQD
EyhhNDA0YzI5YzM3NjJiMzdmNDFmZmY3NDA3MzlmMzkzYmQ4MzFlNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvInQqW3bhluPMA0EWyx2AhXfEQd
3uzcbhATCuQBU6F5zYBXqZZUcysD26oG1oy3opiBDrG0sWkeJeutYwzFQkllBOaM
D+CB/Jh6c/ngaV9k+yTeiIAUPDwNyDdOF19FxNPrllPK9FFmE4APZ57NUzJ/3/Rk
US4xvdjXViLr56C1MWkn+Du5Bef5lfbhUGME0qbNa3KtlBekHWRZFZwHAAXEfWxO
pIrMSk5Kh5HF+ni5ayTXunaO0D4MofUP9Q4dl1irULLC8MtR2oewmH6ZWIG2nxrt
ju3B1s207Y8t0BWGb2/AnQkOODDhr+kg/47BXJ/Cl3tNCrPwmtR9IICjjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQEwpw3YrN/Qf/3QHOfOTvYMeWgMB8GA1UdIwQY
MBaAFNLrsRZsBg2yXflPAr0vj52mxN1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHV1eEZtd0dEYkpkLVU4Q3ZTLVBuYWJFM1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9mYmQzODItMTBkMC00Njg0LTg4MzYt
ZWVkMWQwOTY3MDc4LzEvMHV1eEZtd0dEYkpkLVU4Q3ZTLVBuYWJFM1VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9mYmQzODItMTBkMC00Njg0LTg4MzYtZWVkMWQwOTY3MDc4
LzEvMHV1eEZtd0dEYkpkLVU4Q3ZTLVBuYWJFM1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdYosetxv
NHy01nnmLNutywuNQNh4hnqY54sTj9xQKMpH8KQ/ieDHPcF92+5xq9D2TCl+jcWW
KuwmqLDLqsICt/WAAuDVtHiYNQTEiN79B3SRmvZbpKdNjAZ02N/QFjbvMXHl2r5U
XBDVPTqYqH8EyWAhzgyBgKqHMo0GgJV98Yr6Jq+8+GX7XOvfQ0BE93vRGxh4Zm8R
wZ+p57Os1qIBnNNr2KGdgW5Q5yDlDBV+6tflkmTjgxrzyDfqZkehWkc69kecw7zv
Fzc8YAiw+ck7TtnsTMePByonyxu6z0nsslMmStJcIxOFyA6qMWU89X5NZqg+Tjn9
WP8w8g9+KAGxnA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:28:34 2025 by rpki-client