Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
File: UGF1T3aJFp9qFQZQlUcmcrorRYk.mft (raw, json)
Hash identifier: LsqVZH0RvH96nrj3x6j3ar7V4IhjXG+jPJXnQig8RWI=
Subject key identifier: 4A:0C:06:60:E2:21:E7:A1:71:58:84:62:4D:35:5F:83:B5:EE:38:1E
Authority key identifier: 50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
Certificate issuer: /CN=5061754f7689169f6a15065095472672ba2b4589
Certificate serial: 019A722629630BF949F4213FD627CDCEC0B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
Manifest number: 0E93
Signing time: Tue 11 Nov 2025 09:01:34 +0000
Manifest this update: Tue 11 Nov 2025 09:01:34 +0000
Manifest next update: Wed 12 Nov 2025 09:01:34 +0000
Files and hashes: 1: UGF1T3aJFp9qFQZQlUcmcrorRYk.crl (hash: iHUjEUSJInBF6+H01tu348knh1gBSOAIBBuiK0E5vok=)
2: yiSfs72_nEyzYSAodCILSS2FNUg.roa (hash: S9gHpNvUCJD2H4bcxuT5WWB4Uck7rHXNRIxCLUlb2hE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:29:63:0b:f9:49:f4:21:3f:d6:27:cd:ce:c0:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5061754f7689169f6a15065095472672ba2b4589
Validity
Not Before: Nov 11 09:01:34 2025 GMT
Not After : Nov 12 09:01:34 2025 GMT
Subject: CN=4a0c0660e221e7a1715884624d355f83b5ee381e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:24:9c:fe:50:df:33:7a:21:8d:90:20:fd:99:
db:44:98:59:43:40:04:a7:0b:97:a3:d4:77:2a:6f:
c4:70:6a:8f:6f:ac:57:c8:ba:36:ab:13:e0:52:b7:
88:44:a8:0f:c5:fe:0d:b8:0f:fb:b8:b7:d7:74:fa:
8f:a8:80:31:a1:f5:37:1f:fa:0c:3a:49:b4:ec:9e:
68:04:49:7c:50:2f:35:c2:92:48:8e:98:f6:a8:02:
4b:fe:5d:49:86:5b:3f:34:0e:94:aa:aa:a3:dd:82:
73:48:d9:b7:e4:f6:51:6a:94:5e:d9:65:82:d9:44:
59:42:45:3a:4c:e0:0b:cf:df:3e:07:90:40:a6:cb:
0b:4d:62:6c:fe:1c:3f:59:3f:23:f2:4d:ca:88:17:
a7:ae:f7:ee:5b:a3:35:fa:fe:74:e7:c6:85:e7:1a:
61:ee:bf:b0:6a:2f:1c:d3:ff:62:03:44:d2:77:c0:
c8:50:7f:25:cf:0f:80:42:47:7f:a3:17:13:4f:9c:
c1:3c:0b:4a:8a:1b:9f:14:f4:c1:91:3c:88:b7:89:
65:4b:0e:65:03:4c:db:a5:fe:c9:7e:cc:cb:3b:fc:
5a:9f:3c:a7:91:e9:de:38:db:a2:d9:40:0d:fb:45:
31:92:12:7a:19:62:35:76:e9:11:d0:3a:67:99:d5:
51:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:0C:06:60:E2:21:E7:A1:71:58:84:62:4D:35:5F:83:B5:EE:38:1E
X509v3 Authority Key Identifier:
keyid:50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:c3:bc:3a:72:f9:0d:4e:6b:f0:1e:f5:00:64:f4:d5:7c:04:
86:c9:3f:38:ea:8e:3d:31:67:97:fc:17:30:30:86:1d:c0:73:
b3:35:88:22:ad:32:5e:8d:2b:5c:52:01:52:3f:c8:ff:d9:b4:
8f:7c:17:06:e3:44:1a:c7:e7:2d:38:05:23:ef:c5:2e:3d:cc:
93:0e:ef:a7:c9:4e:fc:d5:2f:3e:0a:bb:84:95:4b:86:db:b0:
99:c6:2f:fb:be:19:e4:65:c5:d6:d3:df:90:56:ef:19:16:9f:
ea:45:0e:26:2e:a1:eb:95:1d:e0:e0:fc:2e:3c:7a:85:c9:6a:
17:f2:17:71:45:40:bb:d6:32:82:75:dd:78:c3:6c:f3:e4:e4:
e8:64:ac:ef:d0:08:f9:80:96:8b:e2:ec:f8:a9:a1:e2:77:e4:
f6:8a:ac:98:32:42:8d:e1:18:32:2e:d1:88:e1:3f:21:5a:2c:
d2:82:d6:90:f9:05:4f:2d:18:7d:1f:90:79:cd:98:85:ff:f0:
aa:81:f7:29:d6:de:20:95:e2:57:ca:51:e9:e1:51:83:1a:80:
06:92:47:90:54:f0:a0:7f:5d:79:61:cb:c8:02:04:38:3c:27:
7a:35:4d:db:8e:3f:fa:d7:df:f9:2a:1e:e1:bb:9e:f9:12:b4:
ac:e8:27:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiljC/lJ9CE/1ifNzsCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjE3NTRmNzY4OTE2OWY2YTE1MDY1MDk1NDcyNjcyYmEy
YjQ1ODkwHhcNMjUxMTExMDkwMTM0WhcNMjUxMTEyMDkwMTM0WjAzMTEwLwYDVQQD
Eyg0YTBjMDY2MGUyMjFlN2ExNzE1ODg0NjI0ZDM1NWY4M2I1ZWUzODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiSc/lDfM3ohjZAg/ZnbRJhZQ0AE
pwuXo9R3Km/EcGqPb6xXyLo2qxPgUreIRKgPxf4NuA/7uLfXdPqPqIAxofU3H/oM
Okm07J5oBEl8UC81wpJIjpj2qAJL/l1Jhls/NA6Uqqqj3YJzSNm35PZRapRe2WWC
2URZQkU6TOALz98+B5BApssLTWJs/hw/WT8j8k3KiBenrvfuW6M1+v5058aF5xph
7r+wai8c0/9iA0TSd8DIUH8lzw+AQkd/oxcTT5zBPAtKihufFPTBkTyIt4llSw5l
A0zbpf7JfszLO/xanzynkeneONui2UAN+0UxkhJ6GWI1dukR0DpnmdVRJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoMBmDiIeehcViEYk01X4O17jgeMB8GA1UdIwQY
MBaAFFBhdU92iRafahUGUJVHJnK6K0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMt
YTEwODY0OWQ1MWUyLzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMtYTEwODY0OWQ1MWUy
LzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs8O8OnL5
DU5r8B71AGT01XwEhsk/OOqOPTFnl/wXMDCGHcBzszWIIq0yXo0rXFIBUj/I/9m0
j3wXBuNEGsfnLTgFI+/FLj3Mkw7vp8lO/NUvPgq7hJVLhtuwmcYv+74Z5GXF1tPf
kFbvGRaf6kUOJi6h65Ud4OD8Ljx6hclqF/IXcUVAu9YygnXdeMNs8+Tk6GSs79AI
+YCWi+Ls+Kmh4nfk9oqsmDJCjeEYMi7RiOE/IVos0oLWkPkFTy0YfR+Qec2Yhf/w
qoH3KdbeIJXiV8pR6eFRgxqABpJHkFTwoH9deWHLyAIEODwnejVN244/+tff+Soe
4bue+RK0rOgnzQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:48 2025 by rpki-client