Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
File: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft (raw, json)
Hash identifier: cAl67DPGi/HxUxET7fM1HM+cpP6REQQOLuo8FiGvuUc=
Subject key identifier: ED:90:F2:9A:BE:7D:2D:57:3B:B8:6F:95:A1:57:B1:B3:B7:FA:D4:52
Authority key identifier: 53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6
Certificate issuer: /CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
Certificate serial: 019A725C79BFE776F1FB19D83B81949EEF16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
Manifest number: 1442
Signing time: Tue 11 Nov 2025 10:00:54 +0000
Manifest this update: Tue 11 Nov 2025 10:00:54 +0000
Manifest next update: Wed 12 Nov 2025 10:00:54 +0000
Files and hashes: 1: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl (hash: x1Q6VsNW7Z/D9rcfIDTt6wPQk68UVTtydZyomrjm1qs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:79:bf:e7:76:f1:fb:19:d8:3b:81:94:9e:ef:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
Validity
Not Before: Nov 11 10:00:54 2025 GMT
Not After : Nov 12 10:00:54 2025 GMT
Subject: CN=ed90f29abe7d2d573bb86f95a157b1b3b7fad452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:73:ea:66:1b:a7:57:61:c4:4a:93:96:b1:7b:
75:34:54:54:e8:fb:1b:05:38:3c:a1:43:ec:c2:85:
aa:0d:0d:62:f9:7b:b5:5d:22:f6:f9:e6:16:c8:68:
36:0f:a6:76:b3:de:ed:83:77:83:eb:23:56:79:8d:
5e:81:08:3f:67:a4:6d:ea:e0:c8:26:1a:50:68:03:
97:19:44:48:44:73:e5:47:1b:bb:79:af:b9:df:c6:
5f:cf:d3:fc:e6:35:c0:4b:b5:58:a8:e7:2e:d9:e1:
af:28:ae:05:25:97:48:08:9b:fb:9e:2f:15:2f:89:
8c:39:a5:ca:93:a1:9f:3c:d8:e6:df:0b:dc:85:ba:
0c:03:26:35:e3:45:2c:c6:f6:3f:8d:63:5a:6e:ee:
bb:bd:62:db:eb:0d:94:eb:41:b1:59:aa:a2:df:ff:
95:a0:4e:d4:15:0e:a1:1f:de:af:ab:15:92:bf:77:
07:1e:4c:68:ec:86:2d:7f:9b:5a:ee:06:af:56:ac:
c1:d1:a3:4f:28:8c:d8:2f:e8:53:c3:79:f9:cf:fc:
07:02:1f:f0:d7:0d:b8:cb:cc:9b:fc:ab:7c:37:57:
c0:9c:d4:7c:76:22:17:46:ed:75:f9:86:70:04:12:
23:02:43:c4:84:ad:15:9b:f1:4a:9e:34:6a:28:dc:
70:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:90:F2:9A:BE:7D:2D:57:3B:B8:6F:95:A1:57:B1:B3:B7:FA:D4:52
X509v3 Authority Key Identifier:
keyid:53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:0c:00:81:76:cf:50:72:34:48:cc:ec:9b:0b:ad:61:f3:d6:
28:e2:c0:51:8d:ff:70:7b:eb:03:fb:e3:af:c8:33:74:26:d3:
ca:b4:44:e1:0e:cc:a8:a5:62:09:b7:be:64:e3:6f:56:e0:00:
87:c6:8a:4f:12:e2:04:e5:df:76:e1:18:1b:45:f2:f9:d3:bd:
3e:0d:4a:95:8a:75:57:51:c3:42:07:cf:e2:7f:fd:34:6a:48:
47:a9:ad:32:41:6f:02:82:c5:2d:b4:37:37:cb:29:ad:ab:89:
34:7b:26:37:24:7e:2c:bf:87:66:72:cb:13:3a:6f:bb:70:ba:
74:a7:49:40:91:74:0f:1a:f7:93:4c:95:f0:f4:36:ca:d1:e3:
78:0e:82:a0:72:bf:0e:34:06:be:df:34:53:11:42:91:53:58:
6c:29:22:a2:da:f9:a0:75:72:d4:26:bd:fc:0b:0d:87:16:e0:
13:4e:10:c8:b7:f7:6f:a3:75:76:df:02:29:94:5b:c6:a6:5c:
ba:27:90:69:2d:63:17:96:72:70:16:e7:54:b5:51:d7:ae:8e:
d9:1f:ea:0e:51:df:6b:c5:09:3d:7a:08:e4:55:56:e2:88:f7:
10:98:5d:c7:4a:6f:02:bc:6a:92:fc:52:9c:db:20:0d:41:a0:
8f:3e:f4:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXHm/53bx+xnYO4GUnu8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTNjNGVlNjcwZGNlYTY4YjRkNzllYTZjMzE4NWZlMDI5
ZDk3YjYwHhcNMjUxMTExMTAwMDU0WhcNMjUxMTEyMTAwMDU0WjAzMTEwLwYDVQQD
EyhlZDkwZjI5YWJlN2QyZDU3M2JiODZmOTVhMTU3YjFiM2I3ZmFkNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nPqZhunV2HESpOWsXt1NFRU6Psb
BTg8oUPswoWqDQ1i+Xu1XSL2+eYWyGg2D6Z2s97tg3eD6yNWeY1egQg/Z6Rt6uDI
JhpQaAOXGURIRHPlRxu7ea+538Zfz9P85jXAS7VYqOcu2eGvKK4FJZdICJv7ni8V
L4mMOaXKk6GfPNjm3wvchboMAyY140UsxvY/jWNabu67vWLb6w2U60GxWaqi3/+V
oE7UFQ6hH96vqxWSv3cHHkxo7IYtf5ta7gavVqzB0aNPKIzYL+hTw3n5z/wHAh/w
1w24y8yb/Kt8N1fAnNR8diIXRu11+YZwBBIjAkPEhK0Vm/FKnjRqKNxwFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2Q8pq+fS1XO7hvlaFXsbO3+tRSMB8GA1UdIwQY
MBaAFFOjxO5nDc6mi0156mwxhf4CnZe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjIt
MDQ0YzMyNTMxYWQzLzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjItMDQ0YzMyNTMxYWQz
LzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArAwAgXbP
UHI0SMzsmwutYfPWKOLAUY3/cHvrA/vjr8gzdCbTyrRE4Q7MqKViCbe+ZONvVuAA
h8aKTxLiBOXfduEYG0Xy+dO9Pg1KlYp1V1HDQgfP4n/9NGpIR6mtMkFvAoLFLbQ3
N8sprauJNHsmNyR+LL+HZnLLEzpvu3C6dKdJQJF0Dxr3k0yV8PQ2ytHjeA6CoHK/
DjQGvt80UxFCkVNYbCkiotr5oHVy1Ca9/AsNhxbgE04QyLf3b6N1dt8CKZRbxqZc
uieQaS1jF5ZycBbnVLVR166O2R/qDlHfa8UJPXoI5FVW4oj3EJhdx0pvArxqkvxS
nNsgDUGgjz70YA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:42 2025 by rpki-client