Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
File: U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft (raw, json)
Hash identifier: SOVvu/HQFYuHmHLsxdgtezQqdHgHiPuWEaztTceZJY8=
Subject key identifier: B0:76:21:ED:27:03:2A:68:8D:E5:B2:DB:A2:DA:29:31:1C:E7:CD:C4
Authority key identifier: 53:EA:A1:9C:A2:7A:6F:57:F2:CB:B4:E4:63:72:0B:43:6A:F1:7D:EA
Certificate issuer: /CN=53eaa19ca27a6f57f2cbb4e463720b436af17dea
Certificate serial: 019A7226103D86E33EF94A1CD1DEE9C3E7A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
Manifest number: 0702
Signing time: Tue 11 Nov 2025 09:01:28 +0000
Manifest this update: Tue 11 Nov 2025 09:01:28 +0000
Manifest next update: Wed 12 Nov 2025 09:01:28 +0000
Files and hashes: 1: HoEt4y6zf8w5L0OHd11vl-inukI.roa (hash: 470AufFFRZgA9ydBk/s9OXGNkkDkg7YffxaoQosYMko=)
2: U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl (hash: WHH7gCiIUrA3uqP8dNmr0V0G4tTdAg+xsUbyEqbNu00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:10:3d:86:e3:3e:f9:4a:1c:d1:de:e9:c3:e7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53eaa19ca27a6f57f2cbb4e463720b436af17dea
Validity
Not Before: Nov 11 09:01:28 2025 GMT
Not After : Nov 12 09:01:28 2025 GMT
Subject: CN=b07621ed27032a688de5b2dba2da29311ce7cdc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:20:46:6c:b6:24:ee:5d:5a:2b:d0:57:1c:da:
23:7d:22:2e:0b:a0:a2:df:b3:c4:08:de:8b:8d:a6:
93:a7:c0:fa:24:f2:5e:88:2e:ae:1d:de:f9:14:04:
91:97:5d:90:3f:56:4a:22:9d:78:b4:13:97:29:e0:
d6:4f:d0:d7:56:63:01:ae:0d:9d:68:00:37:ce:5a:
92:c9:6e:e9:98:8d:fa:47:d1:8c:63:84:cb:b7:2e:
0b:5a:bb:0b:ff:eb:47:c5:c4:0c:eb:d7:d1:a6:44:
c9:c2:21:61:42:23:74:67:aa:d4:85:54:b4:e4:c9:
e8:d8:32:0a:60:aa:1d:fb:3a:be:b5:1d:5e:d2:12:
94:21:ad:65:b3:f9:5c:60:77:3b:af:86:e2:8b:e2:
ab:bd:02:58:97:63:35:4e:3a:9d:4e:85:20:59:f2:
95:92:19:84:35:fa:72:81:ca:a3:34:c8:77:ab:ab:
54:08:da:da:00:7f:e7:01:7d:8a:f6:26:d4:f9:ba:
c1:e8:3b:ba:1c:e8:93:4b:42:a0:1b:ac:93:ed:ed:
32:9b:57:59:ee:86:8d:cd:06:36:64:19:39:cd:fd:
3b:0c:f8:92:4b:a3:c5:ff:11:0d:6c:60:cb:de:16:
dd:dd:2d:20:e5:c5:15:30:e1:f4:99:cc:ed:a5:d5:
c1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:76:21:ED:27:03:2A:68:8D:E5:B2:DB:A2:DA:29:31:1C:E7:CD:C4
X509v3 Authority Key Identifier:
keyid:53:EA:A1:9C:A2:7A:6F:57:F2:CB:B4:E4:63:72:0B:43:6A:F1:7D:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:15:7b:f8:d2:76:97:0e:84:2a:6b:26:ca:21:8a:01:6a:36:
fd:ce:ef:4e:ed:a9:8d:b8:76:ae:cd:ed:35:4f:b1:64:5a:cc:
e4:2e:72:1a:02:e6:5c:50:eb:74:36:f1:fa:23:65:c9:fd:37:
b6:b8:05:8c:0d:fc:16:0d:c8:51:3c:5d:36:22:0f:56:2a:66:
6d:4a:08:5a:f0:a6:d0:21:0f:c5:af:d7:e8:22:fa:a0:de:08:
22:c2:d4:81:7b:d2:ae:a8:bc:a5:76:5a:04:0e:dc:b2:fb:8c:
9b:62:a7:6e:b2:d0:9c:ee:ba:8e:67:81:18:78:a1:15:bd:f1:
09:a3:24:0c:01:1a:2f:8e:fe:44:97:e5:bb:7f:73:1f:6a:95:
34:a3:70:b1:68:47:2a:a4:e8:fb:1e:6e:ec:50:79:67:b6:57:
a3:ad:28:12:f8:fa:c5:72:ea:d1:4c:60:fd:58:ac:20:3e:b2:
f3:50:9a:3b:8b:95:12:18:7a:3a:0b:ba:38:19:70:34:b7:25:
c5:e4:4f:53:eb:de:59:f6:aa:fa:ac:55:46:21:4d:9f:8d:68:
7f:48:5a:60:10:d5:94:de:4e:af:70:ce:ad:f2:cf:07:c7:f4:
c6:44:91:c3:27:35:2e:3a:cb:eb:ac:58:39:ce:83:8e:3b:7b:
3b:0d:90:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhA9huM++Uoc0d7pw+ejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZWFhMTljYTI3YTZmNTdmMmNiYjRlNDYzNzIwYjQzNmFm
MTdkZWEwHhcNMjUxMTExMDkwMTI4WhcNMjUxMTEyMDkwMTI4WjAzMTEwLwYDVQQD
EyhiMDc2MjFlZDI3MDMyYTY4OGRlNWIyZGJhMmRhMjkzMTFjZTdjZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyBGbLYk7l1aK9BXHNojfSIuC6Ci
37PECN6LjaaTp8D6JPJeiC6uHd75FASRl12QP1ZKIp14tBOXKeDWT9DXVmMBrg2d
aAA3zlqSyW7pmI36R9GMY4TLty4LWrsL/+tHxcQM69fRpkTJwiFhQiN0Z6rUhVS0
5Mno2DIKYKod+zq+tR1e0hKUIa1ls/lcYHc7r4bii+KrvQJYl2M1TjqdToUgWfKV
khmENfpygcqjNMh3q6tUCNraAH/nAX2K9ibU+brB6Du6HOiTS0KgG6yT7e0ym1dZ
7oaNzQY2ZBk5zf07DPiSS6PF/xENbGDL3hbd3S0g5cUVMOH0mcztpdXBvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLB2Ie0nAypojeWy26LaKTEc583EMB8GA1UdIwQY
MBaAFFPqoZyiem9X8su05GNyC0Nq8X3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8wZDNiMmItZTMwNC00ZDYxLWI2ZDAt
MjdlOGY0ZjFjNjg0LzEvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8wZDNiMmItZTMwNC00ZDYxLWI2ZDAtMjdlOGY0ZjFjNjg0
LzEvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXBV7+NJ2
lw6EKmsmyiGKAWo2/c7vTu2pjbh2rs3tNU+xZFrM5C5yGgLmXFDrdDbx+iNlyf03
trgFjA38Fg3IUTxdNiIPVipmbUoIWvCm0CEPxa/X6CL6oN4IIsLUgXvSrqi8pXZa
BA7csvuMm2KnbrLQnO66jmeBGHihFb3xCaMkDAEaL47+RJflu39zH2qVNKNwsWhH
KqTo+x5u7FB5Z7ZXo60oEvj6xXLq0Uxg/VisID6y81CaO4uVEhh6Ogu6OBlwNLcl
xeRPU+veWfaq+qxVRiFNn41of0haYBDVlN5Or3DOrfLPB8f0xkSRwyc1LjrL66xY
Oc6Djjt7Ow2Q1g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:11 2025 by rpki-client