Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/uPrah6dvKfguJaMXnno4zwxrAwA.mft
File: uPrah6dvKfguJaMXnno4zwxrAwA.mft (raw, json)
Hash identifier: CeyHC5qCXFu9IaREfM5abkUpzXhkVsbxkv6ILizA4jk=
Subject key identifier: A1:69:62:77:11:07:C4:02:3F:3D:EF:49:2C:EC:0B:FF:CB:1C:CC:21
Authority key identifier: B8:FA:DA:87:A7:6F:29:F8:2E:25:A3:17:9E:7A:38:CF:0C:6B:03:00
Certificate issuer: /CN=b8fada87a76f29f82e25a3179e7a38cf0c6b0300
Certificate serial: 0199228CA4AB6408D843F2C500DC4F3F5984
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uPrah6dvKfguJaMXnno4zwxrAwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/uPrah6dvKfguJaMXnno4zwxrAwA.mft
Manifest number: 1640
Signing time: Sun 07 Sep 2025 05:01:06 +0000
Manifest this update: Sun 07 Sep 2025 05:01:06 +0000
Manifest next update: Mon 08 Sep 2025 05:01:06 +0000
Files and hashes: 1: qMZm8Udrq7vD5T2yYBAeB18Ev8A.roa (hash: z2089CzZPnbakpAVa3XOh5ZgRIHqWKGPuJw64Jno6FU=)
2: uPrah6dvKfguJaMXnno4zwxrAwA.crl (hash: rcNti4Mu+/i5FFxXaMqmynwzL3Up75StSHuVVtgm+hg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/uPrah6dvKfguJaMXnno4zwxrAwA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/uPrah6dvKfguJaMXnno4zwxrAwA.mft
rsync://rpki.ripe.net/repository/DEFAULT/uPrah6dvKfguJaMXnno4zwxrAwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:8c:a4:ab:64:08:d8:43:f2:c5:00:dc:4f:3f:59:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8fada87a76f29f82e25a3179e7a38cf0c6b0300
Validity
Not Before: Sep 7 05:01:06 2025 GMT
Not After : Sep 8 05:01:06 2025 GMT
Subject: CN=a16962771107c4023f3def492cec0bffcb1ccc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a4:59:25:e2:f1:0a:e9:2c:92:a0:e0:f0:b8:
80:73:df:60:1a:a4:cd:7c:99:e0:78:6c:92:1b:2a:
44:6d:35:67:69:8b:2a:e4:63:dc:e9:05:7b:9d:6f:
4a:b6:f2:3a:de:a2:a9:76:0c:94:54:bb:a8:d8:00:
1d:ee:15:e9:62:75:48:39:a2:c7:75:82:de:70:40:
32:4b:d4:37:87:fa:87:10:0a:d9:bc:e7:f5:4b:94:
1e:90:49:db:23:2e:32:65:f2:2d:be:ea:5c:c1:18:
b1:6b:f2:73:b1:17:6d:38:37:7c:da:0e:6b:f4:8b:
1c:1c:e3:59:56:d8:11:83:a8:b9:9f:2d:a9:61:bf:
db:48:47:c3:2d:21:f6:e0:5f:50:4b:ea:4c:31:f2:
ba:b1:9b:e0:8f:ec:23:d2:1e:c1:d7:38:ee:a9:40:
69:a5:f4:d6:32:f5:c1:c7:c8:da:22:bf:7d:1c:9e:
4a:95:6e:35:90:24:a3:a1:9e:7e:14:e3:4b:88:eb:
fa:33:b9:5f:06:af:71:6a:58:cc:e4:e6:eb:c7:ab:
4f:3e:25:ad:63:f6:6c:21:17:39:1c:61:47:fe:2a:
d9:0f:b8:87:37:16:ae:61:c6:37:f9:7a:02:40:56:
33:8f:a4:7b:58:d2:29:82:ec:cf:e9:62:f9:b8:d7:
a4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:69:62:77:11:07:C4:02:3F:3D:EF:49:2C:EC:0B:FF:CB:1C:CC:21
X509v3 Authority Key Identifier:
keyid:B8:FA:DA:87:A7:6F:29:F8:2E:25:A3:17:9E:7A:38:CF:0C:6B:03:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uPrah6dvKfguJaMXnno4zwxrAwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/uPrah6dvKfguJaMXnno4zwxrAwA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a56b2d-f795-495d-9c48-6f67b647722d/1/uPrah6dvKfguJaMXnno4zwxrAwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:9a:c3:06:0f:b5:bd:41:cb:47:9a:10:0e:55:b9:6c:99:ed:
bf:f4:e3:bc:d8:c3:96:e8:8d:67:54:15:73:b9:4d:9f:ae:d3:
51:0f:8b:90:85:83:5a:29:d0:8e:1c:49:05:b8:49:af:32:c8:
9d:a7:0d:95:66:01:94:42:f3:70:ad:f4:26:66:37:02:c4:fb:
d7:42:3a:f3:05:a0:cc:b8:0d:ea:44:65:71:4f:0c:e2:04:7f:
3f:2d:65:38:64:28:ec:29:dd:7d:7b:17:fb:46:2e:14:9f:68:
70:dd:e0:d0:f0:6e:83:02:cf:07:d6:5a:b9:d2:f7:95:27:2f:
86:09:fb:aa:30:29:e9:b9:b2:3c:e9:77:8b:a1:f4:9f:8b:67:
27:68:2d:b0:c9:ad:72:bb:ec:bf:96:3b:1b:f8:d2:41:af:19:
c0:d6:a4:cf:e9:69:a4:6b:f9:d5:02:b7:5c:49:21:6b:2a:66:
f1:15:97:ff:d6:f3:30:d4:cf:73:77:d6:c6:97:18:bf:35:64:
21:d7:43:54:0e:05:e7:6b:21:ef:41:a4:31:8d:10:a8:30:9d:
49:be:71:d5:e8:fe:93:e8:6f:1a:1a:51:10:04:27:ea:6f:0c:
58:69:6d:de:b6:4d:3c:37:7d:42:71:55:7a:b6:c5:2d:e2:43:
00:ba:16:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijKSrZAjYQ/LFANxPP1mEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZmFkYTg3YTc2ZjI5ZjgyZTI1YTMxNzllN2EzOGNmMGM2
YjAzMDAwHhcNMjUwOTA3MDUwMTA2WhcNMjUwOTA4MDUwMTA2WjAzMTEwLwYDVQQD
EyhhMTY5NjI3NzExMDdjNDAyM2YzZGVmNDkyY2VjMGJmZmNiMWNjYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aRZJeLxCukskqDg8LiAc99gGqTN
fJngeGySGypEbTVnaYsq5GPc6QV7nW9KtvI63qKpdgyUVLuo2AAd7hXpYnVIOaLH
dYLecEAyS9Q3h/qHEArZvOf1S5QekEnbIy4yZfItvupcwRixa/JzsRdtODd82g5r
9IscHONZVtgRg6i5ny2pYb/bSEfDLSH24F9QS+pMMfK6sZvgj+wj0h7B1zjuqUBp
pfTWMvXBx8jaIr99HJ5KlW41kCSjoZ5+FONLiOv6M7lfBq9xaljM5Obrx6tPPiWt
Y/ZsIRc5HGFH/irZD7iHNxauYcY3+XoCQFYzj6R7WNIpguzP6WL5uNekawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFpYncRB8QCPz3vSSzsC//LHMwhMB8GA1UdIwQY
MBaAFLj62oenbyn4LiWjF556OM8MawMAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVByYWg2ZHZLZmd1SmFNWG5ubzR6d3hyQXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hNTZiMmQtZjc5NS00OTVkLTljNDgt
NmY2N2I2NDc3MjJkLzEvdVByYWg2ZHZLZmd1SmFNWG5ubzR6d3hyQXdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hNTZiMmQtZjc5NS00OTVkLTljNDgtNmY2N2I2NDc3MjJk
LzEvdVByYWg2ZHZLZmd1SmFNWG5ubzR6d3hyQXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZrDBg+1
vUHLR5oQDlW5bJntv/TjvNjDluiNZ1QVc7lNn67TUQ+LkIWDWinQjhxJBbhJrzLI
nacNlWYBlELzcK30JmY3AsT710I68wWgzLgN6kRlcU8M4gR/Py1lOGQo7CndfXsX
+0YuFJ9ocN3g0PBugwLPB9ZaudL3lScvhgn7qjAp6bmyPOl3i6H0n4tnJ2gtsMmt
crvsv5Y7G/jSQa8ZwNakz+lppGv51QK3XEkhaypm8RWX/9bzMNTPc3fWxpcYvzVk
IddDVA4F52sh70GkMY0QqDCdSb5x1ej+k+hvGhpREAQn6m8MWGlt3rZNPDd9QnFV
erbFLeJDALoW6g==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:38:57 2025 by rpki-client