Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
File: 67Ulb-PgcwKrcye3R7jfOCRcTt8.mft (raw, json)
Hash identifier: YWIKDOzMfIsNuPlR2i3G5WaWpT6dSh2xLjFwXA+emdA=
Subject key identifier: 17:BC:F0:7C:4B:6E:27:2C:B2:53:39:7C:CE:CA:81:BB:3B:44:58:6A
Authority key identifier: EB:B5:25:6F:E3:E0:73:02:AB:73:27:B7:47:B8:DF:38:24:5C:4E:DF
Certificate issuer: /CN=ebb5256fe3e07302ab7327b747b8df38245c4edf
Certificate serial: 019A51878F1C4F02500D11173F7CEBB7B1FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67Ulb-PgcwKrcye3R7jfOCRcTt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
Manifest number: 0232
Signing time: Wed 05 Nov 2025 01:00:29 +0000
Manifest this update: Wed 05 Nov 2025 01:00:29 +0000
Manifest next update: Thu 06 Nov 2025 01:00:29 +0000
Files and hashes: 1: 67Ulb-PgcwKrcye3R7jfOCRcTt8.crl (hash: 82fcoZO4ehUUIXjLNHoRPOXvKESZU2kwm4i09NfgDhI=)
2: R2qc8xIB7ETeFtMUELFMOTQfjZ4.roa (hash: BfeJlxl1OQPY3ScyZzCp1zSxOdUPgq5TTtPThWNATH0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/67Ulb-PgcwKrcye3R7jfOCRcTt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 01:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:87:8f:1c:4f:02:50:0d:11:17:3f:7c:eb:b7:b1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebb5256fe3e07302ab7327b747b8df38245c4edf
Validity
Not Before: Nov 5 01:00:29 2025 GMT
Not After : Nov 6 01:00:29 2025 GMT
Subject: CN=17bcf07c4b6e272cb253397cceca81bb3b44586a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0b:a1:9a:26:eb:1b:72:d7:22:79:3e:bf:5f:
e7:96:9c:d0:8c:9e:73:cb:70:89:21:17:20:df:d2:
08:e7:fb:2c:f7:70:c3:3b:53:6d:7f:bd:e8:37:9d:
08:51:9f:ae:29:f5:cf:7d:dd:59:20:3d:23:d2:27:
25:df:e6:e1:23:d8:a3:b2:c2:d9:eb:b7:1b:ab:bb:
45:a2:de:f8:d9:4d:e5:2a:0e:ac:f7:d4:c0:ce:28:
9f:38:1f:45:79:d5:31:a9:f0:db:61:dd:8a:f4:43:
7e:03:ec:6f:d7:73:57:22:8d:e7:ce:1f:d9:1e:d6:
7a:df:c3:96:22:a2:f3:6d:e8:88:d5:ee:58:b4:9d:
39:f4:c2:26:2b:b4:4a:dd:2c:48:81:fe:e8:fe:3e:
73:fe:cd:19:48:10:d3:68:35:af:26:d6:b6:82:a8:
90:3c:ca:c5:9b:82:9f:7e:c2:3c:be:fc:c3:50:6b:
54:c0:79:a1:73:55:8c:76:25:a3:f8:50:53:d6:76:
c5:85:4b:5b:a6:af:0d:f8:da:ce:e1:1a:e0:01:f6:
d8:ee:4a:d4:30:ae:e3:c1:5e:d4:39:f9:d7:6b:34:
1e:df:f0:21:67:76:1e:32:d4:0b:16:4e:80:a7:55:
2d:cd:61:95:6c:ee:10:7c:59:98:13:10:3d:9c:8d:
22:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BC:F0:7C:4B:6E:27:2C:B2:53:39:7C:CE:CA:81:BB:3B:44:58:6A
X509v3 Authority Key Identifier:
keyid:EB:B5:25:6F:E3:E0:73:02:AB:73:27:B7:47:B8:DF:38:24:5C:4E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67Ulb-PgcwKrcye3R7jfOCRcTt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/40b2a9-b2c7-4223-8848-0d2e4205686f/1/67Ulb-PgcwKrcye3R7jfOCRcTt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:66:6a:bb:c9:61:da:a2:73:05:6b:7e:62:c4:c3:ee:5d:11:
b5:41:8b:86:37:b4:7e:1d:28:8b:d8:f9:d7:85:2e:30:e4:75:
37:19:16:26:83:53:d4:96:2e:0a:6c:9b:38:30:2e:fc:95:02:
43:f8:d7:16:7a:1c:01:f2:4e:9a:c1:a5:38:17:80:94:fb:68:
ff:ef:a2:45:89:4d:e1:7e:0c:3e:45:5f:7e:b6:8b:54:12:01:
88:b3:55:85:e4:f7:4d:b8:b6:da:9c:23:91:bc:61:f0:63:a1:
9e:12:ab:e1:6a:27:f0:a7:65:61:6a:4a:3e:37:09:58:d4:ca:
de:73:70:33:46:26:ed:f8:01:34:2d:93:f1:86:2a:69:91:36:
7c:ee:e5:95:cc:9c:db:57:ca:ad:ac:fe:e0:61:c2:07:fe:19:
c3:a2:3c:a7:ff:cf:de:aa:2d:bc:8c:a2:dd:bf:39:0a:08:06:
1e:f9:b9:4e:9b:e1:19:b7:2e:a4:34:04:72:26:ff:3a:da:98:
2b:ae:87:ce:43:79:68:43:ed:aa:e1:a0:00:d9:2f:93:47:e4:
9d:89:69:c7:b6:62:09:0c:35:dd:25:6f:5a:77:d8:d7:06:78:
cb:5e:b4:fa:fd:ba:d3:a4:ea:be:01:7b:c0:b7:d1:fa:2e:8a:
e6:91:d1:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh48cTwJQDREXP3zrt7H8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYjUyNTZmZTNlMDczMDJhYjczMjdiNzQ3YjhkZjM4MjQ1
YzRlZGYwHhcNMjUxMTA1MDEwMDI5WhcNMjUxMTA2MDEwMDI5WjAzMTEwLwYDVQQD
EygxN2JjZjA3YzRiNmUyNzJjYjI1MzM5N2NjZWNhODFiYjNiNDQ1ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAuhmibrG3LXInk+v1/nlpzQjJ5z
y3CJIRcg39II5/ss93DDO1Ntf73oN50IUZ+uKfXPfd1ZID0j0icl3+bhI9ijssLZ
67cbq7tFot742U3lKg6s99TAziifOB9FedUxqfDbYd2K9EN+A+xv13NXIo3nzh/Z
HtZ638OWIqLzbeiI1e5YtJ059MImK7RK3SxIgf7o/j5z/s0ZSBDTaDWvJta2gqiQ
PMrFm4KffsI8vvzDUGtUwHmhc1WMdiWj+FBT1nbFhUtbpq8N+NrO4RrgAfbY7krU
MK7jwV7UOfnXazQe3/AhZ3YeMtQLFk6Ap1UtzWGVbO4QfFmYExA9nI0i1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBe88HxLbicsslM5fM7Kgbs7RFhqMB8GA1UdIwQY
MBaAFOu1JW/j4HMCq3Mnt0e43zgkXE7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjdVbGItUGdjd0tyY3llM1I3amZPQ1JjVHQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80MGIyYTktYjJjNy00MjIzLTg4NDgt
MGQyZTQyMDU2ODZmLzEvNjdVbGItUGdjd0tyY3llM1I3amZPQ1JjVHQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80MGIyYTktYjJjNy00MjIzLTg4NDgtMGQyZTQyMDU2ODZm
LzEvNjdVbGItUGdjd0tyY3llM1I3amZPQ1JjVHQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe2Zqu8lh
2qJzBWt+YsTD7l0RtUGLhje0fh0oi9j514UuMOR1NxkWJoNT1JYuCmybODAu/JUC
Q/jXFnocAfJOmsGlOBeAlPto/++iRYlN4X4MPkVffraLVBIBiLNVheT3Tbi22pwj
kbxh8GOhnhKr4Won8KdlYWpKPjcJWNTK3nNwM0Ym7fgBNC2T8YYqaZE2fO7llcyc
21fKraz+4GHCB/4Zw6I8p//P3qotvIyi3b85CggGHvm5TpvhGbcupDQEcib/OtqY
K66HzkN5aEPtquGgANkvk0fknYlpx7ZiCQw13SVvWnfY1wZ4y160+v2606TqvgF7
wLfR+i6K5pHRkw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:56:29 2025 by rpki-client