Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
File: UFEncj6gz9ByRxOykXNMqjU-IOo.mft (raw, json)
Hash identifier: 0d1QNoPX7I87AnO5z6YC2V5Su+euo2GQNnZkZ2jKwU8=
Subject key identifier: CB:92:EA:45:19:72:BE:19:E7:B1:1F:C5:31:BB:09:B2:8C:B2:DB:F5
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019A4C60F3FBD2C179BC17C0DD425531C1F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
Manifest number: 171D
Signing time: Tue 04 Nov 2025 01:00:13 +0000
Manifest this update: Tue 04 Nov 2025 01:00:13 +0000
Manifest next update: Wed 05 Nov 2025 01:00:13 +0000
Files and hashes: 1: 1WNYYNS7RX-CeZ_6JxRjUdD-q2A.roa (hash: wxMlsJGdNKU4KY3gfHml6end/i1xs49sClefHW/FEbI=)
2: RWBCbOOdbBGTferrrFeH21g0Q-s.roa (hash: OgUeYLtx1plcBJ0e3g1wF6V6jlWOtr/OpNuK7tUONQE=)
3: UFEncj6gz9ByRxOykXNMqjU-IOo.crl (hash: 4iH9VLeywXQLcvUKV+kCHRux7LMf0axcHEKnFuJEOEk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 01:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:60:f3:fb:d2:c1:79:bc:17:c0:dd:42:55:31:c1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Nov 4 01:00:13 2025 GMT
Not After : Nov 5 01:00:13 2025 GMT
Subject: CN=cb92ea451972be19e7b11fc531bb09b28cb2dbf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0f:4d:ad:ae:30:a0:9c:84:4d:fe:f6:cf:8c:
9e:f1:3c:59:03:27:ba:da:a8:f0:7c:62:7b:72:5d:
13:74:13:85:0e:35:37:89:34:b7:e3:09:23:8e:e3:
55:dd:3d:f3:f2:48:0f:00:22:2a:2f:02:68:28:04:
19:a6:5d:4f:90:31:51:33:6c:98:03:64:c5:16:6a:
a2:ac:dc:2a:ea:97:70:f6:de:a9:29:3c:33:20:03:
d4:da:30:a2:d1:84:fe:04:41:f9:50:7b:62:81:3a:
fe:fc:fc:89:16:38:d8:06:19:0c:51:f8:e9:c1:20:
67:36:16:fc:eb:d0:eb:04:28:36:2f:6f:49:ec:bc:
ea:6b:3c:d1:7f:d3:60:18:d8:34:46:c3:a8:3e:33:
5a:09:d8:ee:4c:60:59:9f:39:6f:63:13:51:be:eb:
bf:57:7e:f3:51:e3:af:97:fd:6e:4d:8f:c4:c4:4e:
1d:99:56:c7:33:21:17:71:43:05:c4:19:b1:3d:42:
9d:80:81:29:47:6a:f6:0f:71:5d:e0:6e:e5:3b:f7:
fe:77:79:f6:3f:b4:9a:9e:c9:80:53:02:03:9d:8e:
d2:5d:3f:0b:0d:09:b2:69:f5:40:7e:92:38:94:ac:
28:b2:d6:f0:50:8a:ea:b7:db:e9:10:b8:17:5b:c4:
38:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:92:EA:45:19:72:BE:19:E7:B1:1F:C5:31:BB:09:B2:8C:B2:DB:F5
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:df:ed:fb:bf:2a:dc:fe:e9:7b:91:2a:ad:28:99:8a:41:f8:
ff:1c:f8:46:8c:d1:68:23:56:02:e5:b2:7e:75:97:66:3d:c5:
1f:c1:6c:f9:69:ea:90:cb:b2:f9:27:de:29:c0:20:bc:c7:b2:
16:e9:fe:a5:9a:df:54:7e:70:28:80:f9:71:8b:ba:a3:b0:27:
ea:38:73:72:1e:85:b7:49:3d:84:8b:df:97:bd:31:62:7d:c7:
78:32:8b:0f:cc:45:67:ac:b1:f5:ad:93:de:a8:5e:3d:2a:fc:
08:ec:c1:36:3d:a5:71:46:85:7b:d5:0b:74:1b:3b:47:13:50:
90:c4:5a:0c:50:a0:e7:fd:3b:09:79:12:7f:29:4b:5d:60:7f:
68:47:6f:3b:ba:92:45:c2:72:fb:93:ce:47:77:28:cb:ac:f2:
9c:5c:19:fe:63:15:ff:bd:54:e7:03:bc:5f:a4:f4:be:48:34:
05:da:e7:80:99:2f:f5:35:f7:3e:d2:08:d0:4a:3f:c6:90:63:
e6:db:61:6e:ee:e1:d1:35:cb:34:c8:18:7f:70:54:ee:52:92:
28:2d:9d:ad:3c:ca:09:e6:63:72:e2:c3:db:f0:e6:10:a6:06:
13:56:7b:36:9b:28:78:9f:3d:e6:75:7d:70:39:b0:7f:21:7c:
f7:58:44:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYPP70sF5vBfA3UJVMcH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjUxMTA0MDEwMDEzWhcNMjUxMTA1MDEwMDEzWjAzMTEwLwYDVQQD
EyhjYjkyZWE0NTE5NzJiZTE5ZTdiMTFmYzUzMWJiMDliMjhjYjJkYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzA9Nra4woJyETf72z4ye8TxZAye6
2qjwfGJ7cl0TdBOFDjU3iTS34wkjjuNV3T3z8kgPACIqLwJoKAQZpl1PkDFRM2yY
A2TFFmqirNwq6pdw9t6pKTwzIAPU2jCi0YT+BEH5UHtigTr+/PyJFjjYBhkMUfjp
wSBnNhb869DrBCg2L29J7LzqazzRf9NgGNg0RsOoPjNaCdjuTGBZnzlvYxNRvuu/
V37zUeOvl/1uTY/ExE4dmVbHMyEXcUMFxBmxPUKdgIEpR2r2D3Fd4G7lO/f+d3n2
P7SansmAUwIDnY7SXT8LDQmyafVAfpI4lKwostbwUIrqt9vpELgXW8Q42wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuS6kUZcr4Z57EfxTG7CbKMstv1MB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATd/t+78q
3P7pe5EqrSiZikH4/xz4RozRaCNWAuWyfnWXZj3FH8Fs+WnqkMuy+SfeKcAgvMey
Fun+pZrfVH5wKID5cYu6o7An6jhzch6Ft0k9hIvfl70xYn3HeDKLD8xFZ6yx9a2T
3qhePSr8COzBNj2lcUaFe9ULdBs7RxNQkMRaDFCg5/07CXkSfylLXWB/aEdvO7qS
RcJy+5POR3coy6zynFwZ/mMV/71U5wO8X6T0vkg0BdrngJkv9TX3PtII0Eo/xpBj
5tthbu7h0TXLNMgYf3BU7lKSKC2drTzKCeZjcuLD2/DmEKYGE1Z7NpsoeJ895nV9
cDmwfyF891hEwQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:47:00 2025 by rpki-client