Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/70eAIfcqIbdxQqRNgV3envJoTLw.mft
File: 70eAIfcqIbdxQqRNgV3envJoTLw.mft (raw, json)
Hash identifier: GGr/Iqu8GeBYKpxWg+vFpVjeV8NOoBPB2M1/Y00+o+w=
Subject key identifier: 2A:62:F5:22:68:5F:3F:3D:64:9A:F6:CB:3E:94:1D:6D:0F:7F:C4:C6
Authority key identifier: EF:47:80:21:F7:2A:21:B7:71:42:A4:4D:81:5D:DE:9E:F2:68:4C:BC
Certificate issuer: /CN=ef478021f72a21b77142a44d815dde9ef2684cbc
Certificate serial: 019A4EF49BF1ED2DF0FB130E5B2803BE461A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70eAIfcqIbdxQqRNgV3envJoTLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/70eAIfcqIbdxQqRNgV3envJoTLw.mft
Manifest number: 170B
Signing time: Tue 04 Nov 2025 13:00:44 +0000
Manifest this update: Tue 04 Nov 2025 13:00:44 +0000
Manifest next update: Wed 05 Nov 2025 13:00:44 +0000
Files and hashes: 1: 70eAIfcqIbdxQqRNgV3envJoTLw.crl (hash: kFPUvSSA+W0KamMvqEw3aihcmn4ecNUz+zjU4unJerM=)
2: uPPSCEPI-zYe8c4juKISlbYTsmI.roa (hash: ItdA3QN2L+hecSiCaaiQJ/fE6U5Bp5eLGhZQrMhDtVA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/70eAIfcqIbdxQqRNgV3envJoTLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/70eAIfcqIbdxQqRNgV3envJoTLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/70eAIfcqIbdxQqRNgV3envJoTLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:9b:f1:ed:2d:f0:fb:13:0e:5b:28:03:be:46:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef478021f72a21b77142a44d815dde9ef2684cbc
Validity
Not Before: Nov 4 13:00:44 2025 GMT
Not After : Nov 5 13:00:44 2025 GMT
Subject: CN=2a62f522685f3f3d649af6cb3e941d6d0f7fc4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fc:55:fb:68:86:fd:81:80:2d:26:5a:a3:ce:
98:5c:31:24:ac:5a:2a:40:ec:81:6a:fb:f7:69:17:
06:ad:fb:c0:07:de:ec:9c:43:81:35:de:a0:6d:94:
0a:5d:2a:7a:19:2c:d7:d7:43:4c:59:88:4e:ce:4f:
69:60:d6:1f:ed:0e:b3:41:35:25:91:14:7e:69:86:
18:31:5a:a5:46:79:cc:b7:f6:16:45:54:73:c8:5d:
cc:60:37:79:a0:19:ad:4f:af:81:1e:20:da:16:fb:
dd:2a:82:94:23:a0:f5:8c:03:b6:67:04:55:11:3c:
69:cc:e0:87:a3:d8:c4:58:ae:6f:79:56:6b:f1:ce:
b7:8a:f6:e2:d8:e7:c6:47:e7:83:ec:0d:95:20:df:
a1:eb:4a:1e:54:2f:33:34:b1:8b:34:b2:92:2b:a6:
8b:e1:1e:86:7d:18:57:b4:fd:90:40:d9:c4:8b:f4:
19:46:82:4c:e3:82:1a:c7:1f:26:ef:fd:b9:31:05:
58:23:2b:14:dd:28:cf:a5:6c:df:1c:a9:bd:fa:55:
df:2e:bc:c1:fc:9a:08:4f:1f:11:21:8f:3f:bb:25:
31:fd:e8:ea:e7:4f:42:ac:af:a9:f7:a3:3c:42:2d:
66:ba:99:c6:8a:a9:25:2d:c7:d8:9c:d2:56:96:67:
97:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:62:F5:22:68:5F:3F:3D:64:9A:F6:CB:3E:94:1D:6D:0F:7F:C4:C6
X509v3 Authority Key Identifier:
keyid:EF:47:80:21:F7:2A:21:B7:71:42:A4:4D:81:5D:DE:9E:F2:68:4C:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70eAIfcqIbdxQqRNgV3envJoTLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/70eAIfcqIbdxQqRNgV3envJoTLw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5172eb-6fb8-4216-8d81-3443464b9209/1/70eAIfcqIbdxQqRNgV3envJoTLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:7a:12:1b:55:d0:1d:22:fe:33:5a:f2:a6:27:51:c3:b1:14:
28:7d:d5:cd:2f:c5:18:dd:fd:23:49:f6:5b:b1:f1:93:82:0d:
ea:c4:da:4f:ed:0a:8e:2a:77:7b:f0:c7:dc:50:74:02:c7:71:
7e:cd:8b:1b:2c:51:8b:bb:43:78:56:a1:8b:b3:8b:76:cf:c2:
fa:35:0b:1c:35:95:cf:a4:e0:ce:66:80:a6:2a:73:b1:2c:1f:
4d:a2:bd:3c:56:35:b4:e5:eb:fe:51:0f:ba:8f:a8:72:1a:4c:
e2:86:36:8c:9a:dd:f7:df:d5:dd:ee:b1:57:9b:15:5b:45:80:
8a:41:16:e8:d0:b2:7b:f1:35:ad:39:c8:0f:bf:f0:e2:8a:2d:
59:c7:a0:0e:eb:a5:9b:44:13:db:94:b1:fb:3c:e5:f3:a1:16:
4a:cf:91:4c:e3:7b:8f:65:b0:49:fb:23:5f:c6:0a:26:c9:e3:
7b:8c:8b:38:de:4d:1e:4f:68:db:da:22:28:5e:dc:7c:20:3e:
6a:2b:4b:03:95:21:be:56:97:c7:3a:1c:a9:ae:c5:b4:fb:15:
53:e4:c5:96:ed:e3:86:1f:3c:7b:e6:3f:66:28:b3:c9:64:98:
a1:fa:37:99:23:11:3c:3d:23:58:5e:4a:58:11:9f:8f:d6:69:
9c:9b:17:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Jvx7S3w+xMOWygDvkYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDc4MDIxZjcyYTIxYjc3MTQyYTQ0ZDgxNWRkZTllZjI2
ODRjYmMwHhcNMjUxMTA0MTMwMDQ0WhcNMjUxMTA1MTMwMDQ0WjAzMTEwLwYDVQQD
EygyYTYyZjUyMjY4NWYzZjNkNjQ5YWY2Y2IzZTk0MWQ2ZDBmN2ZjNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfxV+2iG/YGALSZao86YXDEkrFoq
QOyBavv3aRcGrfvAB97snEOBNd6gbZQKXSp6GSzX10NMWYhOzk9pYNYf7Q6zQTUl
kRR+aYYYMVqlRnnMt/YWRVRzyF3MYDd5oBmtT6+BHiDaFvvdKoKUI6D1jAO2ZwRV
ETxpzOCHo9jEWK5veVZr8c63ivbi2OfGR+eD7A2VIN+h60oeVC8zNLGLNLKSK6aL
4R6GfRhXtP2QQNnEi/QZRoJM44Iaxx8m7/25MQVYIysU3SjPpWzfHKm9+lXfLrzB
/JoITx8RIY8/uyUx/ejq509CrK+p96M8Qi1mupnGiqklLcfYnNJWlmeXKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpi9SJoXz89ZJr2yz6UHW0Pf8TGMB8GA1UdIwQY
MBaAFO9HgCH3KiG3cUKkTYFd3p7yaEy8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBlQUlmY3FJYmR4UXFSTmdWM2VudkpvVEx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81MTcyZWItNmZiOC00MjE2LThkODEt
MzQ0MzQ2NGI5MjA5LzEvNzBlQUlmY3FJYmR4UXFSTmdWM2VudkpvVEx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81MTcyZWItNmZiOC00MjE2LThkODEtMzQ0MzQ2NGI5MjA5
LzEvNzBlQUlmY3FJYmR4UXFSTmdWM2VudkpvVEx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcHoSG1XQ
HSL+M1rypidRw7EUKH3VzS/FGN39I0n2W7Hxk4IN6sTaT+0Kjip3e/DH3FB0Asdx
fs2LGyxRi7tDeFahi7OLds/C+jULHDWVz6TgzmaApipzsSwfTaK9PFY1tOXr/lEP
uo+ochpM4oY2jJrd99/V3e6xV5sVW0WAikEW6NCye/E1rTnID7/w4ootWcegDuul
m0QT25Sx+zzl86EWSs+RTON7j2WwSfsjX8YKJsnje4yLON5NHk9o29oiKF7cfCA+
aitLA5UhvlaXxzocqa7FtPsVU+TFlu3jhh88e+Y/ZiizyWSYofo3mSMRPD0jWF5K
WBGfj9ZpnJsXYA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:37 2025 by rpki-client