Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft
File: UFzWGp9t6drMDTySFwbffVCvvW8.mft (raw, json)
Hash identifier: y46vZW/hyVv9HpZjgYkOGtEMQ1VKFG2nS8STPou6NNk=
Subject key identifier: 71:A7:49:0E:B2:35:22:8C:25:95:A5:DC:37:89:C8:BD:F0:47:09:C2
Authority key identifier: 50:5C:D6:1A:9F:6D:E9:DA:CC:0D:3C:92:17:06:DF:7D:50:AF:BD:6F
Certificate issuer: /CN=505cd61a9f6de9dacc0d3c921706df7d50afbd6f
Certificate serial: 019A53765144821021151C219EED42FF3004
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft
Manifest number: 0D63
Signing time: Wed 05 Nov 2025 10:00:54 +0000
Manifest this update: Wed 05 Nov 2025 10:00:54 +0000
Manifest next update: Thu 06 Nov 2025 10:00:54 +0000
Files and hashes: 1: 02fZd277xqKcuTMYmhFfbwx9HwA.roa (hash: bemKy7xu5/Ii5zazW11+IHavu8JMVH9QIzpKn7l6Pf4=)
2: UFzWGp9t6drMDTySFwbffVCvvW8.crl (hash: pGTl2hr01aBYVEZd75Xgo/bLHkMXWxNfi/s//0Zsb3E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:76:51:44:82:10:21:15:1c:21:9e:ed:42:ff:30:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505cd61a9f6de9dacc0d3c921706df7d50afbd6f
Validity
Not Before: Nov 5 10:00:54 2025 GMT
Not After : Nov 6 10:00:54 2025 GMT
Subject: CN=71a7490eb235228c2595a5dc3789c8bdf04709c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:60:70:f0:1b:a9:aa:6f:93:c7:63:bf:08:16:
df:b2:07:0b:4c:b2:c7:d6:60:b3:cd:37:66:3e:58:
71:26:0c:96:db:05:0b:94:54:5c:a8:5d:4d:4f:ef:
5a:43:d7:c4:98:ad:ac:a3:16:9e:b4:eb:7a:d1:5b:
53:77:2b:1f:d6:f9:8d:70:f4:09:38:1f:8a:84:10:
4b:6c:31:df:d9:01:15:94:ad:82:8e:ee:de:41:6b:
67:51:be:e5:34:21:da:ac:02:1d:8a:44:77:c9:d8:
6c:16:9a:a9:4b:2e:96:5c:e6:d6:a5:02:78:52:b4:
1c:82:eb:2e:5d:01:8b:5f:62:35:f0:b2:e6:81:88:
9a:df:06:64:ce:0e:4b:bc:ae:9e:db:55:33:31:6b:
fc:50:d2:88:96:08:f9:72:eb:80:e9:55:80:a4:18:
c0:98:4d:d7:01:46:2c:46:c5:8d:70:5e:40:56:63:
94:4f:ff:98:78:2a:f9:e2:d7:8c:ed:9d:ee:4f:7a:
14:e3:08:d1:94:64:9b:ea:96:8c:31:ad:da:9b:47:
fd:61:d7:89:2f:ef:c2:9d:6b:b6:16:7a:93:f2:c6:
39:1e:1c:bd:0f:71:25:2b:06:9e:eb:c5:b7:cb:11:
56:ae:3b:81:78:4e:d1:e4:7c:43:02:af:19:1b:8a:
15:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A7:49:0E:B2:35:22:8C:25:95:A5:DC:37:89:C8:BD:F0:47:09:C2
X509v3 Authority Key Identifier:
keyid:50:5C:D6:1A:9F:6D:E9:DA:CC:0D:3C:92:17:06:DF:7D:50:AF:BD:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:18:dd:c1:0e:9f:95:63:fe:ae:67:56:d8:3f:0a:51:eb:51:
43:03:64:4d:3f:42:03:d0:a8:df:7b:68:30:d9:c4:17:cc:4e:
49:bb:36:1f:f3:ab:f9:71:a6:64:39:8b:44:18:f3:21:8e:00:
33:54:37:19:71:40:f4:f1:9e:e1:cf:94:c4:4c:5d:d5:df:c0:
f0:9b:bd:5e:f4:1b:ee:ca:a2:db:cc:9a:55:15:1e:0a:bd:29:
41:6f:2f:6f:66:75:ea:98:d5:04:ff:9c:50:53:0c:aa:b8:c5:
37:d2:87:21:a3:dd:65:81:26:7b:18:35:29:e7:4d:46:5c:c2:
c4:35:b3:55:c0:e9:ed:7c:4f:34:bf:d9:21:a3:a9:7c:59:07:
ac:85:67:0f:fe:1d:49:59:8d:6a:8c:de:12:b4:38:86:f0:71:
c5:6e:d0:0e:44:db:be:a9:88:b5:fb:92:d2:6e:0c:e0:99:ba:
ea:83:2f:9f:5e:d8:84:57:4d:1d:a5:dd:0d:f3:e3:3e:3d:05:
e4:c2:7b:00:11:77:ad:81:f9:4f:3a:cc:7b:30:b0:92:3b:f6:
0e:a5:62:c9:0f:4a:45:a4:d1:54:c0:b3:b9:62:22:d1:23:d9:
5e:b6:46:07:8e:32:4c:9e:e1:91:3a:3a:33:a0:c5:c5:62:c4:
ac:d8:be:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdlFEghAhFRwhnu1C/zAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNWNkNjFhOWY2ZGU5ZGFjYzBkM2M5MjE3MDZkZjdkNTBh
ZmJkNmYwHhcNMjUxMTA1MTAwMDU0WhcNMjUxMTA2MTAwMDU0WjAzMTEwLwYDVQQD
Eyg3MWE3NDkwZWIyMzUyMjhjMjU5NWE1ZGMzNzg5YzhiZGYwNDcwOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGBw8Bupqm+Tx2O/CBbfsgcLTLLH
1mCzzTdmPlhxJgyW2wULlFRcqF1NT+9aQ9fEmK2soxaetOt60VtTdysf1vmNcPQJ
OB+KhBBLbDHf2QEVlK2Cju7eQWtnUb7lNCHarAIdikR3ydhsFpqpSy6WXObWpQJ4
UrQcgusuXQGLX2I18LLmgYia3wZkzg5LvK6e21UzMWv8UNKIlgj5cuuA6VWApBjA
mE3XAUYsRsWNcF5AVmOUT/+YeCr54teM7Z3uT3oU4wjRlGSb6paMMa3am0f9YdeJ
L+/CnWu2FnqT8sY5Hhy9D3ElKwae68W3yxFWrjuBeE7R5HxDAq8ZG4oVUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGnSQ6yNSKMJZWl3DeJyL3wRwnCMB8GA1UdIwQY
MBaAFFBc1hqfbenazA08khcG331Qr71vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMzczNWEtZWNjYy00MWQ3LWI3MjMt
ZTAxMjM3YjVmYzEwLzEvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMzczNWEtZWNjYy00MWQ3LWI3MjMtZTAxMjM3YjVmYzEw
LzEvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWhjdwQ6f
lWP+rmdW2D8KUetRQwNkTT9CA9Co33toMNnEF8xOSbs2H/Or+XGmZDmLRBjzIY4A
M1Q3GXFA9PGe4c+UxExd1d/A8Ju9XvQb7sqi28yaVRUeCr0pQW8vb2Z16pjVBP+c
UFMMqrjFN9KHIaPdZYEmexg1KedNRlzCxDWzVcDp7XxPNL/ZIaOpfFkHrIVnD/4d
SVmNaozeErQ4hvBxxW7QDkTbvqmItfuS0m4M4Jm66oMvn17YhFdNHaXdDfPjPj0F
5MJ7ABF3rYH5TzrMezCwkjv2DqViyQ9KRaTRVMCzuWIi0SPZXrZGB44yTJ7hkTo6
M6DFxWLErNi+yQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:17:03 2025 by rpki-client