Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft
File: UKiPmoNBAa34dwN6UcgdEzqpRuw.mft (raw, json)
Hash identifier: fOIhTTOsZpxHNYiv9rjA9XcUeUjJ24TcjFJY9hmiSro=
Subject key identifier: 25:C2:D9:C1:63:6C:B9:30:94:94:08:1A:7A:1F:F0:86:40:43:0D:2A
Authority key identifier: 50:A8:8F:9A:83:41:01:AD:F8:77:03:7A:51:C8:1D:13:3A:A9:46:EC
Certificate issuer: /CN=50a88f9a834101adf877037a51c81d133aa946ec
Certificate serial: 019A71B8D941D148CFA67FEB05F4E995C8E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UKiPmoNBAa34dwN6UcgdEzqpRuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft
Manifest number: 0EAA
Signing time: Tue 11 Nov 2025 07:02:10 +0000
Manifest this update: Tue 11 Nov 2025 07:02:10 +0000
Manifest next update: Wed 12 Nov 2025 07:02:10 +0000
Files and hashes: 1: UKiPmoNBAa34dwN6UcgdEzqpRuw.crl (hash: rnvWSC7HlaoyTTmBCBM7CNwPfl8unIouGIL2BAJ4s/8=)
2: kc-RSMe4Oew5F8NEK8PnK5Ztook.roa (hash: RrPN8D12kwMiREonpEUwGrZPp2WKXYrir6fymPU5Gvs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/UKiPmoNBAa34dwN6UcgdEzqpRuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:d9:41:d1:48:cf:a6:7f:eb:05:f4:e9:95:c8:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50a88f9a834101adf877037a51c81d133aa946ec
Validity
Not Before: Nov 11 07:02:10 2025 GMT
Not After : Nov 12 07:02:10 2025 GMT
Subject: CN=25c2d9c1636cb9309494081a7a1ff08640430d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:87:d9:5a:8b:61:a3:ed:1d:a0:39:a8:18:2b:
35:12:b4:bf:91:46:44:8f:92:c3:58:d6:8b:6a:6c:
d8:27:db:fd:22:1a:0f:48:27:bf:da:6a:aa:5f:88:
07:75:c2:be:75:cc:44:f4:12:72:d5:17:38:80:1a:
0c:6b:9e:bb:31:f1:6c:9b:0f:d7:ae:95:e7:69:5e:
f2:85:ed:a8:41:6a:73:b6:da:95:62:84:29:28:f3:
e8:97:1e:60:10:d8:4c:16:50:93:5b:ed:5b:9d:7d:
14:d7:e0:00:87:d8:d0:76:69:9f:89:21:08:ee:63:
9f:54:a9:bb:91:97:58:a6:d1:0a:e3:8c:4e:c7:b2:
ad:f2:f1:fb:49:a2:c8:06:ba:c9:ae:09:39:d2:9c:
d6:2b:fe:17:d8:31:e1:d2:c8:65:df:96:fa:91:00:
f7:9a:e2:a0:6f:66:3a:b5:c4:d9:0e:eb:e0:87:fb:
f2:5d:fb:cd:7b:8c:3d:15:5e:e9:ed:ca:20:29:54:
68:ce:4b:4b:ca:58:50:85:c2:b0:d7:30:6d:02:35:
f2:bb:06:a9:31:56:69:53:e5:e4:69:07:77:56:a1:
99:31:4f:d9:b0:fb:ec:8e:45:8b:42:ff:b6:a8:c2:
40:cb:63:73:87:70:39:b5:9d:73:62:8d:89:d3:f1:
1b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C2:D9:C1:63:6C:B9:30:94:94:08:1A:7A:1F:F0:86:40:43:0D:2A
X509v3 Authority Key Identifier:
keyid:50:A8:8F:9A:83:41:01:AD:F8:77:03:7A:51:C8:1D:13:3A:A9:46:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UKiPmoNBAa34dwN6UcgdEzqpRuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9760c6-3fce-42bd-bbc8-49fbc30a8f61/1/UKiPmoNBAa34dwN6UcgdEzqpRuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:84:7e:52:cf:5a:96:0e:22:ef:fe:b3:0b:d6:45:1b:57:00:
23:d6:bc:86:8a:1c:58:42:e7:48:7e:3d:af:d3:57:03:76:b6:
98:3f:1c:23:dd:ba:b9:ab:6c:7f:45:b9:6a:b0:06:5f:6b:49:
02:b6:63:58:f8:63:73:f9:8b:8e:75:82:5c:a2:56:c1:d4:d6:
e7:9b:f2:c4:60:d0:96:60:9f:5e:b5:17:a8:93:f2:2f:ee:da:
5d:4d:1d:0b:1f:93:2b:b9:c1:81:df:34:78:09:df:7a:93:3b:
b3:e8:15:8f:a2:d9:a5:f7:1b:2d:36:eb:76:f8:66:38:58:f6:
39:c7:a0:66:e5:4d:06:85:36:39:79:e7:a7:3b:50:50:08:eb:
06:f6:6b:8c:b6:69:8f:1c:c6:50:a9:d2:1a:e3:e9:ea:19:c3:
b8:92:79:40:e4:64:dd:8c:6f:d1:34:60:25:d1:9b:e6:ba:a3:
98:98:4b:db:c8:60:93:b2:54:76:8d:e6:ce:a3:0b:bf:58:b5:
ce:69:bc:b2:c5:59:95:0d:00:35:9d:26:46:6c:9c:3a:65:a3:
1d:62:4d:fd:e0:c6:73:6c:7f:80:fd:68:9a:6e:6f:7f:97:b7:
4c:91:80:76:a9:57:2b:54:99:99:53:8a:53:0b:02:26:22:16:
a2:0a:5f:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNlB0UjPpn/rBfTplcjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYTg4ZjlhODM0MTAxYWRmODc3MDM3YTUxYzgxZDEzM2Fh
OTQ2ZWMwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EygyNWMyZDljMTYzNmNiOTMwOTQ5NDA4MWE3YTFmZjA4NjQwNDMwZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04fZWotho+0doDmoGCs1ErS/kUZE
j5LDWNaLamzYJ9v9IhoPSCe/2mqqX4gHdcK+dcxE9BJy1Rc4gBoMa567MfFsmw/X
rpXnaV7yhe2oQWpzttqVYoQpKPPolx5gENhMFlCTW+1bnX0U1+AAh9jQdmmfiSEI
7mOfVKm7kZdYptEK44xOx7Kt8vH7SaLIBrrJrgk50pzWK/4X2DHh0shl35b6kQD3
muKgb2Y6tcTZDuvgh/vyXfvNe4w9FV7p7cogKVRozktLylhQhcKw1zBtAjXyuwap
MVZpU+XkaQd3VqGZMU/ZsPvsjkWLQv+2qMJAy2Nzh3A5tZ1zYo2J0/EbYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXC2cFjbLkwlJQIGnof8IZAQw0qMB8GA1UdIwQY
MBaAFFCoj5qDQQGt+HcDelHIHRM6qUbsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUtpUG1vTkJBYTM0ZHdONlVjZ2RFenFwUnV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85NzYwYzYtM2ZjZS00MmJkLWJiYzgt
NDlmYmMzMGE4ZjYxLzEvVUtpUG1vTkJBYTM0ZHdONlVjZ2RFenFwUnV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85NzYwYzYtM2ZjZS00MmJkLWJiYzgtNDlmYmMzMGE4ZjYx
LzEvVUtpUG1vTkJBYTM0ZHdONlVjZ2RFenFwUnV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoYR+Us9a
lg4i7/6zC9ZFG1cAI9a8hoocWELnSH49r9NXA3a2mD8cI926uatsf0W5arAGX2tJ
ArZjWPhjc/mLjnWCXKJWwdTW55vyxGDQlmCfXrUXqJPyL+7aXU0dCx+TK7nBgd80
eAnfepM7s+gVj6LZpfcbLTbrdvhmOFj2OcegZuVNBoU2OXnnpztQUAjrBvZrjLZp
jxzGUKnSGuPp6hnDuJJ5QORk3Yxv0TRgJdGb5rqjmJhL28hgk7JUdo3mzqMLv1i1
zmm8ssVZlQ0ANZ0mRmycOmWjHWJN/eDGc2x/gP1omm5vf5e3TJGAdqlXK1SZmVOK
UwsCJiIWogpfRg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:05 2025 by rpki-client