Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.mft
File: U_R6clx2jU3nj7MbtA_hbroZ8g0.mft (raw, json)
Hash identifier: k3wHZsZEDRNqjZpAF1q8P66TdnPC/JWHwXV9X4kKJNw=
Subject key identifier: F1:CE:FA:3B:9C:0C:DD:96:6D:B0:6B:08:94:39:B6:CC:DE:3A:A6:19
Authority key identifier: 53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
Certificate issuer: /CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Certificate serial: 019A7225F1533CCCCB2BA922E40BABC878E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.mft
Manifest number: 0A43
Signing time: Tue 11 Nov 2025 09:01:20 +0000
Manifest this update: Tue 11 Nov 2025 09:01:20 +0000
Manifest next update: Wed 12 Nov 2025 09:01:20 +0000
Files and hashes: 1: Iy0rHic_3PT8I4SllQOcj0rP21I.roa (hash: 1k4b/DPKi2PAqgzyxoLR8dS4rCq9uyypxDCl+6BFsrg=)
2: U_R6clx2jU3nj7MbtA_hbroZ8g0.crl (hash: hPxYITm+GsR0WKn7SObtiiPbal2pgxF2G4YqhY0rbwE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:f1:53:3c:cc:cb:2b:a9:22:e4:0b:ab:c8:78:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Validity
Not Before: Nov 11 09:01:20 2025 GMT
Not After : Nov 12 09:01:20 2025 GMT
Subject: CN=f1cefa3b9c0cdd966db06b089439b6ccde3aa619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f1:42:26:50:ca:1b:67:3c:f0:ed:97:f8:ba:
af:cb:eb:95:73:c9:a8:64:86:9c:86:0d:34:92:54:
d2:a7:87:8f:d1:d8:92:c1:ec:96:d2:fa:c9:d1:0d:
e4:f5:25:30:a5:b9:74:9e:3b:84:be:ee:e2:02:24:
1d:50:25:83:58:3f:ef:76:b8:09:02:b4:c8:02:02:
3b:90:c1:46:00:a2:06:e2:3b:a3:ab:e2:54:1e:9a:
04:22:26:e7:39:4c:c3:79:92:b7:f9:e1:83:bf:5e:
4f:25:c8:b7:62:25:5f:e1:b8:3b:88:ce:86:00:c1:
aa:76:f7:0a:3c:60:34:e1:88:8f:31:94:36:37:a8:
ed:9f:ee:42:78:41:ba:0b:05:48:2c:cf:55:ce:c1:
d6:b6:7c:04:a2:84:a1:66:e8:05:62:96:e2:0b:76:
29:ed:99:4d:67:2a:41:a6:0a:cf:81:3b:a0:56:19:
aa:a4:9b:66:7c:16:fb:c4:86:d5:de:c7:ad:91:30:
f1:24:2a:0c:0a:4e:90:1f:10:99:e1:8d:21:d0:01:
89:83:6b:61:50:ee:c8:ef:93:1c:07:e3:0d:96:26:
3b:73:8a:5c:3a:ce:8c:8e:aa:52:d7:b9:7c:79:d4:
ba:2c:ac:54:1c:f3:18:e5:17:d1:03:00:00:07:ed:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CE:FA:3B:9C:0C:DD:96:6D:B0:6B:08:94:39:B6:CC:DE:3A:A6:19
X509v3 Authority Key Identifier:
keyid:53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:18:2e:cb:c8:48:f3:01:b5:42:00:42:19:e7:27:c0:b1:d9:
19:53:e9:34:78:39:76:fa:b4:c5:29:c7:93:5e:ca:ba:05:17:
24:1b:61:89:fd:28:7d:8d:60:fa:5b:3a:04:7a:02:0f:35:e2:
dc:e0:51:b4:47:c9:b8:b1:57:d3:bd:ed:4b:60:8a:a7:5a:95:
76:6e:0a:3f:8f:d0:b8:05:b9:4e:a2:53:93:29:ab:25:8b:f7:
b5:68:97:87:26:bd:e0:17:d4:6d:49:ec:5b:16:ac:a4:3d:1c:
7f:4d:1e:dd:ad:25:e7:b1:f9:05:7d:19:01:80:f3:80:93:95:
ec:12:6c:34:d2:65:01:3d:b4:d1:cb:aa:54:f6:68:d0:65:f6:
18:7c:f3:63:bf:46:81:e4:00:c2:10:42:bf:f1:35:55:f3:f5:
0a:a9:a5:bd:d9:7c:cb:a3:55:69:d6:1f:22:d7:d0:98:de:56:
3c:75:c7:85:f1:56:7b:1e:51:df:54:cb:2d:53:c1:39:2e:2b:
20:68:39:a2:6e:97:d4:1a:e8:c1:16:2f:02:53:ac:83:85:1d:
25:3b:af:68:51:7d:b5:c1:c5:de:20:44:da:c1:2c:7c:b4:17:
7c:46:5d:5e:96:a2:8b:26:9b:7b:fd:e8:e1:74:aa:04:53:99:
23:be:44:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfFTPMzLK6ki5AuryHjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjQ3YTcyNWM3NjhkNGRlNzhmYjMxYmI0MGZlMTZlYmEx
OWYyMGQwHhcNMjUxMTExMDkwMTIwWhcNMjUxMTEyMDkwMTIwWjAzMTEwLwYDVQQD
EyhmMWNlZmEzYjljMGNkZDk2NmRiMDZiMDg5NDM5YjZjY2RlM2FhNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/FCJlDKG2c88O2X+Lqvy+uVc8mo
ZIachg00klTSp4eP0diSweyW0vrJ0Q3k9SUwpbl0njuEvu7iAiQdUCWDWD/vdrgJ
ArTIAgI7kMFGAKIG4jujq+JUHpoEIibnOUzDeZK3+eGDv15PJci3YiVf4bg7iM6G
AMGqdvcKPGA04YiPMZQ2N6jtn+5CeEG6CwVILM9VzsHWtnwEooShZugFYpbiC3Yp
7ZlNZypBpgrPgTugVhmqpJtmfBb7xIbV3setkTDxJCoMCk6QHxCZ4Y0h0AGJg2th
UO7I75McB+MNliY7c4pcOs6MjqpS17l8edS6LKxUHPMY5RfRAwAAB+3RFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHO+jucDN2WbbBrCJQ5tszeOqYZMB8GA1UdIwQY
MBaAFFP0enJcdo1N54+zG7QP4W66GfINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMt
NTc0NzEzODQ1ZGJjLzEvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMtNTc0NzEzODQ1ZGJj
LzEvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmhguy8hI
8wG1QgBCGecnwLHZGVPpNHg5dvq0xSnHk17KugUXJBthif0ofY1g+ls6BHoCDzXi
3OBRtEfJuLFX073tS2CKp1qVdm4KP4/QuAW5TqJTkymrJYv3tWiXhya94BfUbUns
WxaspD0cf00e3a0l57H5BX0ZAYDzgJOV7BJsNNJlAT200cuqVPZo0GX2GHzzY79G
geQAwhBCv/E1VfP1Cqmlvdl8y6NVadYfItfQmN5WPHXHhfFWex5R31TLLVPBOS4r
IGg5om6X1BrowRYvAlOsg4UdJTuvaFF9tcHF3iBE2sEsfLQXfEZdXpaiiyabe/3o
4XSqBFOZI75Elw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:43 2025 by rpki-client