Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
File: UFrRf0xiDVjUU9X218kjP84SZJk.mft (raw, json)
Hash identifier: zJpJPlFQ+RoUpuw/6lc+S7gfcqwbwVUNJ1mRAT2Y9vM=
Subject key identifier: 7D:7C:94:40:29:44:95:38:55:D2:E7:B0:D6:E2:0E:5D:53:34:BD:36
Authority key identifier: 50:5A:D1:7F:4C:62:0D:58:D4:53:D5:F6:D7:C9:23:3F:CE:12:64:99
Certificate issuer: /CN=505ad17f4c620d58d453d5f6d7c9233fce126499
Certificate serial: 019A71EEC7FAC5C864EBDDD3F1324D6675DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
Manifest number: 07A9
Signing time: Tue 11 Nov 2025 08:01:05 +0000
Manifest this update: Tue 11 Nov 2025 08:01:05 +0000
Manifest next update: Wed 12 Nov 2025 08:01:05 +0000
Files and hashes: 1: UFrRf0xiDVjUU9X218kjP84SZJk.crl (hash: AuI5gUO2V+WnCkcoSDhb+WBMFGrvAj8LA53/tqs87Rw=)
2: z0gK7j1eTNv7dmhYM5fYU83PlcI.roa (hash: F9PSIbqhKjRh7i/sDNMQoDtTGb+P8gRfs9+wZwKnUuY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:c7:fa:c5:c8:64:eb:dd:d3:f1:32:4d:66:75:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505ad17f4c620d58d453d5f6d7c9233fce126499
Validity
Not Before: Nov 11 08:01:05 2025 GMT
Not After : Nov 12 08:01:05 2025 GMT
Subject: CN=7d7c94402944953855d2e7b0d6e20e5d5334bd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:f4:51:bd:38:96:8f:05:89:37:5d:7b:fe:
d3:77:03:4b:65:e7:f2:65:70:e8:4f:fc:5e:fe:01:
96:24:3c:16:24:ce:52:44:7c:a4:54:e3:9e:98:41:
bc:f0:9e:dc:41:7b:de:a2:30:88:5d:f9:8b:b8:93:
3b:11:c4:4d:d8:3b:61:5f:7a:9f:c7:bd:bc:f3:56:
22:5c:5e:da:a7:ef:8b:a4:c5:75:56:90:17:8e:d9:
2e:0f:57:ce:d7:75:85:0f:af:96:f1:f0:77:fd:9c:
d9:4d:84:ed:f0:e7:f4:b8:26:99:97:94:44:8f:93:
49:35:5c:b8:ed:0b:08:9e:df:71:15:a7:c5:58:78:
7c:70:4d:a9:d8:a9:31:e6:a5:9f:19:5e:f8:e6:90:
59:c3:40:47:2d:8d:b1:48:fc:ab:c1:15:be:4f:ac:
28:2e:2c:19:af:ce:8e:dd:b9:b9:b9:ae:88:8d:62:
15:27:48:94:32:a5:f7:70:60:df:60:f5:3d:fe:0e:
f8:ee:73:06:8d:ae:03:22:0d:79:4b:99:b3:4f:70:
9f:b1:ee:76:a7:17:85:81:6e:18:c1:30:73:27:b0:
63:24:36:4e:08:c0:d2:29:d4:6e:1c:36:3d:ab:76:
f8:1d:e2:0e:dc:1d:f8:ab:e0:d7:ea:1e:b3:4d:c3:
b8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7C:94:40:29:44:95:38:55:D2:E7:B0:D6:E2:0E:5D:53:34:BD:36
X509v3 Authority Key Identifier:
keyid:50:5A:D1:7F:4C:62:0D:58:D4:53:D5:F6:D7:C9:23:3F:CE:12:64:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:46:f2:0c:23:6f:7a:78:5d:92:ad:c1:43:1c:3b:7b:5b:f7:
7d:80:13:6e:28:ca:98:23:f1:37:d9:53:7a:ed:56:db:9a:e9:
d8:ca:59:6e:bf:4c:db:c9:9a:34:fc:18:4d:b3:eb:c8:7b:e1:
9e:79:9f:a7:ea:11:34:a9:18:c7:85:1d:a8:d8:06:fa:3e:c1:
46:52:0d:40:49:b2:2a:5e:a6:85:74:ae:38:e9:55:51:22:1b:
89:23:23:82:83:ec:24:b7:29:2f:98:fc:9c:05:b3:91:5c:62:
9e:24:5f:6d:0b:b3:94:13:3f:a1:70:23:08:ec:a2:ff:20:cb:
ed:58:17:97:3f:91:49:02:9a:7e:78:38:1a:8f:01:ca:a5:88:
17:c4:f7:3d:36:35:d4:14:cb:36:ef:52:ec:ba:f5:df:78:97:
ce:13:43:52:76:92:e9:b9:71:45:33:aa:93:a5:da:a1:f8:5a:
d6:4f:02:16:ab:b1:e2:9e:c7:2b:f5:2a:67:d7:6d:39:91:8c:
b8:e9:60:ba:55:4d:c9:b9:61:96:69:e3:68:af:f0:ac:90:3b:
35:46:18:17:13:4a:96:6e:62:e4:7f:95:fe:2a:ea:61:cb:c0:
6e:52:ae:83:80:cd:78:2a:27:ad:01:e4:23:48:e3:61:11:19:
a8:ae:0b:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7sf6xchk693T8TJNZnXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNWFkMTdmNGM2MjBkNThkNDUzZDVmNmQ3YzkyMzNmY2Ux
MjY0OTkwHhcNMjUxMTExMDgwMTA1WhcNMjUxMTEyMDgwMTA1WjAzMTEwLwYDVQQD
Eyg3ZDdjOTQ0MDI5NDQ5NTM4NTVkMmU3YjBkNmUyMGU1ZDUzMzRiZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8v0Ub04lo8FiTdde/7TdwNLZefy
ZXDoT/xe/gGWJDwWJM5SRHykVOOemEG88J7cQXveojCIXfmLuJM7EcRN2DthX3qf
x72881YiXF7ap++LpMV1VpAXjtkuD1fO13WFD6+W8fB3/ZzZTYTt8Of0uCaZl5RE
j5NJNVy47QsInt9xFafFWHh8cE2p2Kkx5qWfGV745pBZw0BHLY2xSPyrwRW+T6wo
LiwZr86O3bm5ua6IjWIVJ0iUMqX3cGDfYPU9/g747nMGja4DIg15S5mzT3Cfse52
pxeFgW4YwTBzJ7BjJDZOCMDSKdRuHDY9q3b4HeIO3B34q+DX6h6zTcO4wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH18lEApRJU4VdLnsNbiDl1TNL02MB8GA1UdIwQY
MBaAFFBa0X9MYg1Y1FPV9tfJIz/OEmSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMmZjMTgtNTM0Yi00NDU0LTliZDEt
ZmU2YmIwNDkzMzdkLzEvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMmZjMTgtNTM0Yi00NDU0LTliZDEtZmU2YmIwNDkzMzdk
LzEvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG0byDCNv
enhdkq3BQxw7e1v3fYATbijKmCPxN9lTeu1W25rp2MpZbr9M28maNPwYTbPryHvh
nnmfp+oRNKkYx4UdqNgG+j7BRlINQEmyKl6mhXSuOOlVUSIbiSMjgoPsJLcpL5j8
nAWzkVxiniRfbQuzlBM/oXAjCOyi/yDL7VgXlz+RSQKafng4Go8ByqWIF8T3PTY1
1BTLNu9S7Lr133iXzhNDUnaS6blxRTOqk6Xaofha1k8CFqux4p7HK/UqZ9dtOZGM
uOlgulVNyblhlmnjaK/wrJA7NUYYFxNKlm5i5H+V/irqYcvAblKug4DNeConrQHk
I0jjYREZqK4Llw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:16 2025 by rpki-client