Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
File: u7hl_W36q6dxJJt-uujr1SgKDJc.mft (raw, json)
Hash identifier: PewYuectatnv7ogFrEB5+nv/yfI4eOIOOravAFzBgn0=
Subject key identifier: 55:60:FC:0B:31:4B:98:1B:27:F2:9A:C9:18:0F:07:38:FE:D8:47:59
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 019A4DE20B4EAC930AF8602C434222CBA3BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
Manifest number: 1257
Signing time: Tue 04 Nov 2025 08:00:50 +0000
Manifest this update: Tue 04 Nov 2025 08:00:50 +0000
Manifest next update: Wed 05 Nov 2025 08:00:50 +0000
Files and hashes: 1: kr3FPTrUbvprQB5gOzb6Xm9In9I.roa (hash: hZOcB5l1wSRFBsah9a6wwCM7j6k84PdiP/Urp0eSJlg=)
2: u7hl_W36q6dxJJt-uujr1SgKDJc.crl (hash: vMvWhA5gjB2rmT9yJfRvrxXxO4+rvwCKzRrAfO4K6/A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:0b:4e:ac:93:0a:f8:60:2c:43:42:22:cb:a3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Nov 4 08:00:50 2025 GMT
Not After : Nov 5 08:00:50 2025 GMT
Subject: CN=5560fc0b314b981b27f29ac9180f0738fed84759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:23:01:28:20:12:90:c8:8c:3a:73:87:83:3b:
d3:fe:a4:de:64:ea:b6:7e:43:a6:ff:9a:e0:3e:40:
ad:89:70:de:42:06:b8:22:78:70:04:22:24:b2:e2:
ba:97:06:2e:ce:95:30:cf:41:ae:e0:17:fe:29:b0:
8f:40:2f:5a:b0:63:c6:f2:71:45:48:81:74:3d:58:
cb:cc:e8:e7:ee:4e:04:c6:3c:ae:3f:e8:6b:80:7b:
3d:81:13:d6:62:b0:0f:d7:03:70:91:f2:2c:59:71:
71:ec:40:94:2d:c1:f8:4e:84:ca:35:5d:21:24:85:
af:7f:91:b5:ec:0e:d7:9b:06:8c:3c:c8:19:42:c6:
b6:1e:4a:2b:cb:21:c9:37:da:76:b1:05:55:8e:8c:
4c:00:5d:23:ee:96:91:e2:2a:d1:40:51:1e:6d:fd:
9b:1e:d3:33:75:ea:d8:1a:6e:ee:28:8b:b0:8b:7f:
c9:13:2c:c7:e4:94:70:14:39:b2:bf:0d:52:5a:03:
6c:30:f5:26:9d:fe:c7:b8:87:9a:c8:dd:56:92:11:
b3:f6:40:a6:c1:74:03:a4:96:df:96:98:7d:02:fa:
86:03:af:8f:73:d8:ea:7d:bf:72:11:f9:4c:cc:e6:
6a:8f:4c:1d:fe:c8:12:2c:d4:b1:70:32:2b:e2:02:
1d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:60:FC:0B:31:4B:98:1B:27:F2:9A:C9:18:0F:07:38:FE:D8:47:59
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:58:57:db:0b:f3:22:e8:7e:7f:4f:ed:5e:d1:30:a0:86:17:
51:f6:cc:bb:04:66:76:e3:56:42:5a:fd:02:ab:1c:f1:b2:52:
4d:ef:4f:f0:39:30:96:5c:7a:16:4f:fe:61:86:b6:9a:c3:25:
75:f5:08:92:22:4f:91:27:0b:61:bf:d8:2d:d4:5a:96:84:ad:
2b:7b:ad:3d:b4:37:85:f0:a2:7c:3e:39:bd:68:72:68:c0:ed:
a1:e1:02:cd:32:b5:f5:74:24:6e:92:cf:9d:47:eb:8a:3a:a9:
9b:32:b9:a5:bf:86:6e:6a:1e:3e:c2:55:b1:5c:4e:8b:91:a9:
19:2e:6b:38:c2:0b:35:5d:6d:ef:b0:35:60:c5:f3:1e:47:47:
3c:42:6c:cd:36:1a:c0:3c:14:32:26:55:88:3a:3d:48:c8:a6:
a2:85:0a:41:d3:89:36:29:ff:36:db:a0:24:1f:19:85:87:d2:
f7:df:3a:95:4a:06:59:2b:2f:d3:4a:6f:e7:da:9d:c1:14:9f:
fc:07:c0:78:63:67:8c:14:4e:5c:df:72:e2:07:b6:25:66:d5:
84:01:dc:78:1f:45:77:9b:61:95:bb:fb:e0:32:f5:c3:48:94:
07:8d:96:20:d5:2d:e0:6e:76:3a:35:42:1b:a1:0d:fa:02:f0:
08:e8:78:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gtOrJMK+GAsQ0Iiy6O/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjUxMTA0MDgwMDUwWhcNMjUxMTA1MDgwMDUwWjAzMTEwLwYDVQQD
Eyg1NTYwZmMwYjMxNGI5ODFiMjdmMjlhYzkxODBmMDczOGZlZDg0NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiMBKCASkMiMOnOHgzvT/qTeZOq2
fkOm/5rgPkCtiXDeQga4InhwBCIksuK6lwYuzpUwz0Gu4Bf+KbCPQC9asGPG8nFF
SIF0PVjLzOjn7k4ExjyuP+hrgHs9gRPWYrAP1wNwkfIsWXFx7ECULcH4ToTKNV0h
JIWvf5G17A7XmwaMPMgZQsa2HkoryyHJN9p2sQVVjoxMAF0j7paR4irRQFEebf2b
HtMzderYGm7uKIuwi3/JEyzH5JRwFDmyvw1SWgNsMPUmnf7HuIeayN1WkhGz9kCm
wXQDpJbflph9AvqGA6+Pc9jqfb9yEflMzOZqj0wd/sgSLNSxcDIr4gIdaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVg/AsxS5gbJ/KayRgPBzj+2EdZMB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzItNWZjZmE0MjE5NzVj
LzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdlhX2wvz
Iuh+f0/tXtEwoIYXUfbMuwRmduNWQlr9Aqsc8bJSTe9P8Dkwllx6Fk/+YYa2msMl
dfUIkiJPkScLYb/YLdRaloStK3utPbQ3hfCifD45vWhyaMDtoeECzTK19XQkbpLP
nUfrijqpmzK5pb+GbmoePsJVsVxOi5GpGS5rOMILNV1t77A1YMXzHkdHPEJszTYa
wDwUMiZViDo9SMimooUKQdOJNin/NtugJB8ZhYfS9986lUoGWSsv00pv59qdwRSf
/AfAeGNnjBROXN9y4ge2JWbVhAHceB9Fd5thlbv74DL1w0iUB42WINUt4G52OjVC
G6EN+gLwCOh4Zw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:01:55 2025 by rpki-client