Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.mft
File: U4Vcjs6b1vjjlAICISzgmwX1-KA.mft (raw, json)
Hash identifier: 2ZEZZ7QvTevnjw+EZuCUXSJCUjvQTafPYIDU+DcxVug=
Subject key identifier: 3F:FF:B9:65:AB:B6:F9:00:3D:D2:40:C8:01:30:45:E6:AD:AE:F3:43
Authority key identifier: 53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
Certificate issuer: /CN=53855c8ece9bd6f8e3940202212ce09b05f5f8a0
Certificate serial: 019A0C01D6C149AB8D1033166982013E26D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.mft
Manifest number: 137D
Signing time: Wed 22 Oct 2025 13:00:38 +0000
Manifest this update: Wed 22 Oct 2025 13:00:38 +0000
Manifest next update: Thu 23 Oct 2025 13:00:38 +0000
Files and hashes: 1: F1LbGv2MkXWWefxkT_CtpriNBr4.roa (hash: RRHmy9X/CGJW+TnFMQF3NirLVJyyI3P64OOzvqQr238=)
2: U4Vcjs6b1vjjlAICISzgmwX1-KA.crl (hash: WfniMltUOEKbhcrYt73RUSULMfI0WfH7vbdX9SZr/30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:01:d6:c1:49:ab:8d:10:33:16:69:82:01:3e:26:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53855c8ece9bd6f8e3940202212ce09b05f5f8a0
Validity
Not Before: Oct 22 13:00:38 2025 GMT
Not After : Oct 23 13:00:38 2025 GMT
Subject: CN=3fffb965abb6f9003dd240c8013045e6adaef343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:19:06:33:17:1c:cc:81:81:63:0b:dc:18:
97:4c:91:d9:ed:c7:77:ad:82:ce:6a:36:9e:2a:f5:
8a:d1:1a:b7:39:0d:f0:0a:5e:4d:2f:03:94:b7:6a:
e6:29:36:2f:a2:c5:a9:f6:86:fa:d9:1a:d3:e9:95:
88:a7:be:b1:29:16:71:aa:04:cc:8b:3c:1e:bd:7b:
af:43:ac:e5:a6:48:05:5e:75:64:8d:df:8f:f3:0c:
5f:a3:12:7d:d4:ad:04:c1:c1:1e:66:69:a6:dd:fe:
23:f3:0b:a5:ff:fd:00:c5:dc:d7:c6:39:e2:7b:d7:
06:8e:ba:ca:58:c2:ec:b4:54:80:fd:87:3c:b5:02:
8c:43:0d:ab:ae:a7:d4:7d:a0:27:f7:66:09:b3:19:
e7:19:cc:15:be:71:ce:e6:ba:e8:e9:f3:18:d0:d3:
6b:e2:b2:05:91:52:3b:a3:78:c5:af:1a:97:f6:3e:
10:ca:af:5c:30:32:7e:cf:35:e4:c3:38:10:83:00:
2f:e3:91:4c:e9:36:7e:a6:bf:1a:97:80:ab:17:f1:
8b:09:4f:12:9d:72:59:e8:16:4a:b1:80:ca:a5:ad:
8e:a4:22:02:06:68:6c:d9:e5:c6:79:57:e8:82:c3:
bc:7a:76:f3:ed:95:f9:e5:92:90:63:ab:88:50:d4:
4c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:FF:B9:65:AB:B6:F9:00:3D:D2:40:C8:01:30:45:E6:AD:AE:F3:43
X509v3 Authority Key Identifier:
keyid:53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d5:fe:e0:94:f4:d8:70:57:09:8a:8b:81:50:f0:03:f1:98:34:
6d:45:b5:6c:6d:0c:1e:10:d3:ce:eb:93:3c:c7:1d:bc:b3:ee:
c3:5d:ff:4c:69:1e:eb:d9:76:71:72:8a:07:07:fd:cc:ed:43:
78:df:96:49:7d:e0:31:8d:a0:c5:2f:71:ab:db:50:e2:e0:26:
98:0d:34:90:d6:64:df:a9:f2:a3:33:83:b7:16:b3:e1:1f:de:
51:0c:9d:a8:53:06:79:05:6f:6d:01:05:02:a1:ae:bf:09:24:
14:60:14:ca:8e:bf:b6:8a:76:ef:6c:9b:6b:35:75:7f:fb:3e:
4a:49:63:88:0f:fb:14:4d:2b:78:e5:a6:9e:fd:71:c3:6b:a9:
4a:b7:e4:c3:d6:47:4f:6d:ab:05:1e:03:e0:ea:0a:0a:b7:f8:
58:53:ed:16:21:4a:11:84:9f:9a:68:58:26:c9:ca:08:56:45:
c1:10:2b:08:2b:4e:63:87:0b:fe:e1:81:4a:76:5a:66:82:44:
5e:66:80:0a:67:43:59:93:22:6a:ac:db:a1:83:d2:d9:72:8d:
10:d4:76:73:04:47:02:06:a6:95:84:bd:70:39:42:10:cc:e5:
e5:cf:75:6a:48:8b:39:e3:7a:bc:d6:44:fa:ac:c3:e3:4d:08:
f0:71:27:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoMAdbBSauNEDMWaYIBPibYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzODU1YzhlY2U5YmQ2ZjhlMzk0MDIwMjIxMmNlMDliMDVm
NWY4YTAwHhcNMjUxMDIyMTMwMDM4WhcNMjUxMDIzMTMwMDM4WjAzMTEwLwYDVQQD
EygzZmZmYjk2NWFiYjZmOTAwM2RkMjQwYzgwMTMwNDVlNmFkYWVmMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFIZBjMXHMyBgWML3BiXTJHZ7cd3
rYLOajaeKvWK0Rq3OQ3wCl5NLwOUt2rmKTYvosWp9ob62RrT6ZWIp76xKRZxqgTM
izwevXuvQ6zlpkgFXnVkjd+P8wxfoxJ91K0EwcEeZmmm3f4j8wul//0AxdzXxjni
e9cGjrrKWMLstFSA/Yc8tQKMQw2rrqfUfaAn92YJsxnnGcwVvnHO5rro6fMY0NNr
4rIFkVI7o3jFrxqX9j4Qyq9cMDJ+zzXkwzgQgwAv45FM6TZ+pr8al4CrF/GLCU8S
nXJZ6BZKsYDKpa2OpCICBmhs2eXGeVfogsO8enbz7ZX55ZKQY6uIUNRM1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD//uWWrtvkAPdJAyAEwReatrvNDMB8GA1UdIwQY
MBaAFFOFXI7Om9b445QCAiEs4JsF9figMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRWY2pzNmIxdmpqbEFJQ0lTemdtd1gxLUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MzM2YjAtY2JlNC00ZGEyLTg0MWIt
MWNlZmQxZmExMGE2LzEvVTRWY2pzNmIxdmpqbEFJQ0lTemdtd1gxLUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MzM2YjAtY2JlNC00ZGEyLTg0MWItMWNlZmQxZmExMGE2
LzEvVTRWY2pzNmIxdmpqbEFJQ0lTemdtd1gxLUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1f7glPTY
cFcJiouBUPAD8Zg0bUW1bG0MHhDTzuuTPMcdvLPuw13/TGke69l2cXKKBwf9zO1D
eN+WSX3gMY2gxS9xq9tQ4uAmmA00kNZk36nyozODtxaz4R/eUQydqFMGeQVvbQEF
AqGuvwkkFGAUyo6/top272ybazV1f/s+SkljiA/7FE0reOWmnv1xw2upSrfkw9ZH
T22rBR4D4OoKCrf4WFPtFiFKEYSfmmhYJsnKCFZFwRArCCtOY4cL/uGBSnZaZoJE
XmaACmdDWZMiaqzboYPS2XKNENR2cwRHAgamlYS9cDlCEMzl5c91akiLOeN6vNZE
+qzD400I8HEnnw==
-----END CERTIFICATE-----
Generated at Wed Oct 22 15:01:20 2025 by rpki-client