Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
File: UGF1T3aJFp9qFQZQlUcmcrorRYk.mft (raw, json)
Hash identifier: SNDLQs1NKOSpp47SnalMhbStxTk0Ac7+ypBgX+HBmKg=
Subject key identifier: 32:E9:8E:63:5E:37:F9:44:60:FC:08:93:1B:5E:C1:BE:9C:BB:B8:DF
Authority key identifier: 50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
Certificate issuer: /CN=5061754f7689169f6a15065095472672ba2b4589
Certificate serial: 0199240C8AD909F7FCD537E12E02F6E6EE04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
Manifest number: 0DE6
Signing time: Sun 07 Sep 2025 12:00:25 +0000
Manifest this update: Sun 07 Sep 2025 12:00:25 +0000
Manifest next update: Mon 08 Sep 2025 12:00:25 +0000
Files and hashes: 1: UGF1T3aJFp9qFQZQlUcmcrorRYk.crl (hash: 1Eyf09SulzFC2Te29JPAzzXxVD2zu05tPE5YL8ouz1Y=)
2: yiSfs72_nEyzYSAodCILSS2FNUg.roa (hash: S9gHpNvUCJD2H4bcxuT5WWB4Uck7rHXNRIxCLUlb2hE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:24:0c:8a:d9:09:f7:fc:d5:37:e1:2e:02:f6:e6:ee:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5061754f7689169f6a15065095472672ba2b4589
Validity
Not Before: Sep 7 12:00:25 2025 GMT
Not After : Sep 8 12:00:25 2025 GMT
Subject: CN=32e98e635e37f94460fc08931b5ec1be9cbbb8df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bb:6a:57:e9:31:e7:b3:b3:31:33:91:1a:a9:
92:fe:e4:ad:92:81:62:16:1d:00:a3:b6:55:d4:59:
7e:ce:f1:da:42:63:8b:2f:43:be:93:0d:9d:b4:75:
c2:c5:b9:e1:ce:66:28:71:18:1c:d4:4b:bc:fc:27:
6d:a4:a9:37:fe:5f:79:23:78:9c:23:49:e1:95:79:
8b:a7:cd:54:eb:46:5d:ce:2c:77:46:7b:9a:76:9a:
7a:8d:38:ea:0a:48:9a:f7:d1:dc:eb:4e:04:3d:e4:
7f:f2:ad:8f:3d:d3:37:7e:da:bc:c4:e8:5c:c1:15:
d4:a8:6e:43:7d:66:ec:3b:6f:8f:9d:69:8f:4b:78:
76:22:bc:d8:3f:69:a1:4f:7c:8d:27:22:14:4e:ec:
b6:e8:d8:5a:fa:b1:ad:e0:d1:67:de:0f:a6:91:b7:
91:b4:ae:8f:15:51:70:be:d2:e6:a4:30:cf:fe:fc:
7d:46:c3:c6:f8:d5:b3:ff:ac:de:7c:92:19:d8:f6:
ed:3c:0a:f0:da:3a:05:09:88:0f:ef:fc:5a:73:44:
d6:3d:56:01:4d:89:2f:e6:50:e5:85:92:43:de:4b:
c9:d6:f8:58:fa:ac:11:14:16:1a:a8:16:79:0f:63:
15:05:ad:8d:60:d3:9c:91:e7:45:b0:58:19:6f:85:
f2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E9:8E:63:5E:37:F9:44:60:FC:08:93:1B:5E:C1:BE:9C:BB:B8:DF
X509v3 Authority Key Identifier:
keyid:50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:16:0b:dc:86:c2:3f:50:f5:86:8b:c5:71:cb:d4:5e:de:8c:
d0:bb:35:42:6c:00:22:f2:ef:01:6a:17:0a:ac:57:50:b5:7e:
d1:76:70:ab:93:fa:4d:08:ee:db:6a:98:e2:21:0d:1c:b0:30:
b4:55:13:6b:c7:6e:9c:20:75:de:58:68:0a:19:86:6c:35:84:
0a:26:98:7f:a6:6e:04:48:24:be:40:0c:b7:05:83:9f:36:94:
d4:c2:a2:17:b3:da:f6:3c:76:09:40:5e:40:75:42:de:a2:b4:
1a:48:02:37:39:83:07:b2:08:f7:22:e7:ed:9a:c6:63:ce:cb:
9d:93:55:67:b7:68:fe:2f:1d:7b:e2:8d:09:e6:fa:bf:d3:16:
0f:a3:1c:f8:df:40:ad:70:bb:61:24:30:06:1e:cb:de:71:c1:
36:a3:0e:40:8c:42:25:4b:e0:f1:65:4e:8d:1a:8d:84:5a:62:
68:4e:a1:56:e8:0c:15:31:38:49:c2:05:a8:fa:85:a0:35:8c:
4c:37:a7:90:5b:92:51:45:20:ff:2f:5d:5f:ce:a9:23:bc:85:
11:ed:db:0b:49:fb:7c:40:c3:30:95:65:3c:01:cd:b3:80:1b:
ad:6b:b3:60:60:b5:21:a2:71:1d:e1:64:08:26:1a:21:55:f3:
31:c3:96:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDIrZCff81TfhLgL25u4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjE3NTRmNzY4OTE2OWY2YTE1MDY1MDk1NDcyNjcyYmEy
YjQ1ODkwHhcNMjUwOTA3MTIwMDI1WhcNMjUwOTA4MTIwMDI1WjAzMTEwLwYDVQQD
EygzMmU5OGU2MzVlMzdmOTQ0NjBmYzA4OTMxYjVlYzFiZTljYmJiOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7tqV+kx57OzMTORGqmS/uStkoFi
Fh0Ao7ZV1Fl+zvHaQmOLL0O+kw2dtHXCxbnhzmYocRgc1Eu8/CdtpKk3/l95I3ic
I0nhlXmLp81U60Zdzix3Rnuadpp6jTjqCkia99Hc604EPeR/8q2PPdM3ftq8xOhc
wRXUqG5DfWbsO2+PnWmPS3h2IrzYP2mhT3yNJyIUTuy26Nha+rGt4NFn3g+mkbeR
tK6PFVFwvtLmpDDP/vx9RsPG+NWz/6zefJIZ2PbtPArw2joFCYgP7/xac0TWPVYB
TYkv5lDlhZJD3kvJ1vhY+qwRFBYaqBZ5D2MVBa2NYNOckedFsFgZb4XytQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLpjmNeN/lEYPwIkxtewb6cu7jfMB8GA1UdIwQY
MBaAFFBhdU92iRafahUGUJVHJnK6K0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMt
YTEwODY0OWQ1MWUyLzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMtYTEwODY0OWQ1MWUy
LzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQhYL3IbC
P1D1hovFccvUXt6M0Ls1QmwAIvLvAWoXCqxXULV+0XZwq5P6TQju22qY4iENHLAw
tFUTa8dunCB13lhoChmGbDWECiaYf6ZuBEgkvkAMtwWDnzaU1MKiF7Pa9jx2CUBe
QHVC3qK0GkgCNzmDB7II9yLn7ZrGY87LnZNVZ7do/i8de+KNCeb6v9MWD6Mc+N9A
rXC7YSQwBh7L3nHBNqMOQIxCJUvg8WVOjRqNhFpiaE6hVugMFTE4ScIFqPqFoDWM
TDenkFuSUUUg/y9dX86pI7yFEe3bC0n7fEDDMJVlPAHNs4AbrWuzYGC1IaJxHeFk
CCYaIVXzMcOWUA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:51:19 2025 by rpki-client