Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File: shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier: POk4gIuVtC1annLZEEIAMVcPaAYhy7BNEvl61MXTbZE=
Subject key identifier: 48:05:F9:BF:B1:04:AB:7C:BF:7B:A1:02:0A:E2:13:64:47:86:AD:9A
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer: /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial: 019A4F61F623B5B806EC3C5DD3A196F98ECB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 15:00:11 +0000
Manifest this update: Tue 04 Nov 2025 15:00:11 +0000
Manifest next update: Wed 05 Nov 2025 15:00:11 +0000
Files and hashes: 1: P2sE-3tUICXx7cfC0favLdtRCZ0.roa (hash: ayIaE8Pk074Tx7I6FVVUWCPvr0NKwOuaUa8Xe24IzDg=)
2: eGoVDFCAKRgMU7yFCgUyj1lHOYk.roa (hash: i9IHtchSCoTvu2jWZ+d1LDgXIzrS7PbiIZtxvaQvRRk=)
3: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: 9B8P9S1NQ/vmCFbFkPWR6uWFCQSWAPvUazWDQG6fASc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:61:f6:23:b5:b8:06:ec:3c:5d:d3:a1:96:f9:8e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
Validity
Not Before: Nov 4 15:00:11 2025 GMT
Not After : Nov 5 15:00:11 2025 GMT
Subject: CN=4805f9bfb104ab7cbf7ba1020ae213644786ad9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b2:bb:98:96:31:23:58:0f:61:55:1b:b7:ea:
2d:36:79:d7:28:2a:4d:21:5e:6a:6a:9b:f3:b0:11:
c3:03:7c:2b:33:dd:c9:aa:01:c6:a8:24:3a:1e:09:
b4:68:a1:d8:a6:9d:af:ab:fe:55:34:17:fd:c7:9e:
95:7a:60:ba:af:94:28:63:ed:4b:41:8d:73:6e:cb:
b0:f7:8e:3c:25:13:0a:34:29:34:e5:e0:e3:ce:d8:
72:38:e8:bb:fc:bf:c4:01:d7:53:b8:22:1e:50:4f:
4a:da:a5:65:f9:53:dc:0c:06:e0:14:86:46:8f:7d:
0c:c3:7b:f6:6c:fd:d3:db:ca:af:64:e3:a8:6a:44:
93:8b:90:72:f5:b6:c3:ec:30:25:ec:e6:3a:18:e4:
fd:25:c1:57:c0:9f:8d:97:36:3f:73:66:d3:fb:f3:
aa:a8:9c:ab:b8:fe:d7:65:22:dc:57:a5:8d:cb:e2:
47:98:7a:c8:33:ca:b2:4f:f5:18:68:59:ec:57:08:
91:2b:8f:c2:f1:c0:37:40:79:d5:4b:c0:02:37:67:
0e:2b:63:b4:b3:fa:62:bd:a0:a8:85:95:e4:52:dc:
3a:9d:fa:5e:ee:30:1e:67:a9:ff:f2:73:d0:4c:c5:
10:1a:5e:24:56:91:4f:fa:65:91:32:a5:18:1e:41:
12:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:05:F9:BF:B1:04:AB:7C:BF:7B:A1:02:0A:E2:13:64:47:86:AD:9A
X509v3 Authority Key Identifier:
keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:c7:6c:05:cd:28:1d:8c:69:6d:23:f6:4f:67:d2:e5:96:f8:
d1:f1:c3:08:56:ec:13:7b:02:de:bd:84:09:f7:7f:c3:af:b6:
c6:d8:4b:0f:86:ed:b5:a8:ba:01:67:df:d5:7f:1a:12:a6:cb:
3d:19:2c:5e:7b:d1:bc:5e:71:b9:fd:08:8b:87:74:27:b3:e0:
d0:12:1b:8f:a9:bc:01:bb:bd:bc:83:4c:93:da:37:de:92:c2:
39:97:bc:3b:66:6f:c5:18:31:bc:64:cd:60:a6:bd:9e:6d:fa:
67:46:71:1b:d4:73:59:71:57:48:52:6a:f8:33:95:8f:58:ee:
60:17:76:ae:2e:dd:b2:89:b5:64:b4:3c:67:36:11:dc:37:38:
90:cc:c5:ad:37:af:5f:b9:c8:a0:65:fb:30:99:e5:34:5a:85:
48:2a:27:17:b0:44:41:70:2a:a3:f5:5f:29:a0:72:cc:ab:a4:
39:a8:70:3b:ca:37:ca:78:ed:0b:2b:3c:2b:5f:af:b8:09:c5:
83:db:4f:01:2a:1f:b2:06:bb:b7:cc:1b:96:be:c2:42:ec:34:
e8:1c:76:9a:15:9a:b3:44:22:05:e9:a8:05:af:a8:01:21:cc:
f5:cd:cd:9b:7a:8f:45:73:1a:e7:c3:a7:8c:a1:e8:3e:36:73:
9a:67:30:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYfYjtbgG7Dxd06GW+Y7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjUxMTA0MTUwMDExWhcNMjUxMTA1MTUwMDExWjAzMTEwLwYDVQQD
Eyg0ODA1ZjliZmIxMDRhYjdjYmY3YmExMDIwYWUyMTM2NDQ3ODZhZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrK7mJYxI1gPYVUbt+otNnnXKCpN
IV5qapvzsBHDA3wrM93JqgHGqCQ6Hgm0aKHYpp2vq/5VNBf9x56VemC6r5QoY+1L
QY1zbsuw9448JRMKNCk05eDjzthyOOi7/L/EAddTuCIeUE9K2qVl+VPcDAbgFIZG
j30Mw3v2bP3T28qvZOOoakSTi5By9bbD7DAl7OY6GOT9JcFXwJ+NlzY/c2bT+/Oq
qJyruP7XZSLcV6WNy+JHmHrIM8qyT/UYaFnsVwiRK4/C8cA3QHnVS8ACN2cOK2O0
s/pivaCohZXkUtw6nfpe7jAeZ6n/8nPQTMUQGl4kVpFP+mWRMqUYHkES/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEgF+b+xBKt8v3uhAgriE2RHhq2aMB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr8dsBc0o
HYxpbSP2T2fS5Zb40fHDCFbsE3sC3r2ECfd/w6+2xthLD4bttai6AWff1X8aEqbL
PRksXnvRvF5xuf0Ii4d0J7Pg0BIbj6m8Abu9vINMk9o33pLCOZe8O2ZvxRgxvGTN
YKa9nm36Z0ZxG9RzWXFXSFJq+DOVj1juYBd2ri7dsom1ZLQ8ZzYR3Dc4kMzFrTev
X7nIoGX7MJnlNFqFSConF7BEQXAqo/VfKaByzKukOahwO8o3ynjtCys8K1+vuAnF
g9tPASofsga7t8wblr7CQuw06Bx2mhWas0QiBemoBa+oASHM9c3Nm3qPRXMa58On
jKHoPjZzmmcw+g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:42:49 2025 by rpki-client