Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
File: 8u5baEnIyB9adjWVWIprpoIedns.mft (raw, json)
Hash identifier: Aqg6hAPJ2yCzCrZpeXssalTksVtdAGthlQB/i15hh0M=
Subject key identifier: 38:19:9D:27:67:B6:66:84:86:68:11:BF:88:2E:61:72:10:A8:82:75
Authority key identifier: F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B
Certificate issuer: /CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
Certificate serial: 019A4DAA74BB4295EC68202AAAE601D83DF7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
Manifest number: 0711
Signing time: Tue 04 Nov 2025 07:00:07 +0000
Manifest this update: Tue 04 Nov 2025 07:00:07 +0000
Manifest next update: Wed 05 Nov 2025 07:00:07 +0000
Files and hashes: 1: 8u5baEnIyB9adjWVWIprpoIedns.crl (hash: E7ItvFTpGOBVk3i472w9zLer5k0Pxu59VCWkJmeT7KA=)
2: Di0vSgAmdtxn2ZM7Al8L8Zr3oIU.roa (hash: 0Bf0l0DWLnoKx593QVoGlu2x+BD1lYWYH448tSVbn0U=)
3: Tb-8GP8qcCsPrA2Xrleo-iet2HM.roa (hash: yyhoDt89y5+7nL9lVvf4sdS/dAeJY+OT1BrhoMFwMME=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:aa:74:bb:42:95:ec:68:20:2a:aa:e6:01:d8:3d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2ee5b6849c8c81f5a763595588a6ba6821e767b
Validity
Not Before: Nov 4 07:00:07 2025 GMT
Not After : Nov 5 07:00:07 2025 GMT
Subject: CN=38199d2767b66684866811bf882e617210a88275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:da:db:28:44:1b:2a:bd:36:d1:bc:de:63:c0:
cc:74:30:05:fa:93:fb:5b:28:b0:e0:d6:64:1c:36:
bd:ec:93:1a:43:7d:a0:d1:31:7f:3a:f5:ca:37:46:
fd:b1:d6:a7:c9:0a:46:18:34:53:5f:11:eb:4c:2d:
c0:b8:f2:ff:c2:90:69:e5:4a:a5:64:f8:c1:29:f2:
e9:13:a8:fc:44:e9:2f:3a:2b:67:9d:c6:e1:a9:49:
da:32:1f:44:7d:c8:1e:c0:3b:05:33:c0:d9:d6:40:
5f:79:08:76:d0:56:26:7c:00:f7:ac:96:0f:5c:5e:
e7:55:00:09:04:77:ee:87:92:c9:61:78:f6:d4:90:
cf:74:53:0b:76:95:28:7a:11:24:6e:75:34:17:6b:
a2:19:45:4f:8c:ef:98:09:bb:3d:a9:32:62:c5:eb:
76:ca:28:15:d1:3f:bc:17:6a:32:16:2a:e8:fc:1c:
bd:1e:86:03:e1:e6:4a:50:2d:c9:c5:33:ee:b0:aa:
d6:70:a2:15:d7:55:66:cd:9e:c2:76:71:32:72:17:
26:de:86:3f:4c:15:be:f8:41:dd:ca:e3:9f:67:02:
13:ad:4c:a8:f4:00:68:61:e2:ac:af:bb:8e:64:0a:
6f:ec:7f:7c:4d:54:18:e1:3d:3f:dc:5e:a5:38:7b:
3c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:19:9D:27:67:B6:66:84:86:68:11:BF:88:2E:61:72:10:A8:82:75
X509v3 Authority Key Identifier:
keyid:F2:EE:5B:68:49:C8:C8:1F:5A:76:35:95:58:8A:6B:A6:82:1E:76:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8u5baEnIyB9adjWVWIprpoIedns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/002a88-3a85-476f-b452-60a039dd1bca/1/8u5baEnIyB9adjWVWIprpoIedns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:1d:da:eb:60:de:48:d3:4c:21:ac:cf:c8:e2:7c:65:ed:de:
89:cc:22:6e:f0:0e:40:ef:39:f4:3a:31:85:73:7a:02:c5:52:
26:32:37:58:7d:68:a3:46:e9:c7:a0:5f:68:d9:fc:0a:71:1f:
14:54:1c:fd:2a:44:46:e1:44:29:fc:63:2e:df:11:10:06:4b:
de:24:4e:82:1c:44:eb:a5:84:06:99:95:f7:1d:a2:17:9f:9c:
f6:28:a2:db:e5:50:7b:75:85:36:69:9a:52:94:c8:de:40:63:
21:bd:b0:94:19:b5:69:69:5d:b4:a0:9f:6c:b6:d8:9e:d3:c8:
8f:00:85:85:02:fd:4c:73:8c:ee:06:5d:31:bc:8d:3d:38:00:
98:fd:4f:b4:7c:9b:a9:36:ae:96:e8:d6:9b:5b:df:7a:68:52:
e8:ee:df:d2:cf:c1:cb:83:43:6b:95:94:78:1e:d4:d2:91:59:
10:1c:20:ee:c0:94:6c:31:6e:09:07:9f:63:64:6c:02:84:80:
8b:c2:2e:80:df:a8:94:f7:ff:77:da:88:1b:49:2b:4f:5f:ae:
e4:36:cc:c8:a5:9d:d0:4c:be:81:30:83:56:02:e7:34:d7:8e:
ea:b6:e5:dd:92:a7:a8:f7:a1:b7:8e:0c:62:e6:eb:29:c1:0c:
9b:1f:92:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqnS7QpXsaCAqquYB2D33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZWU1YjY4NDljOGM4MWY1YTc2MzU5NTU4OGE2YmE2ODIx
ZTc2N2IwHhcNMjUxMTA0MDcwMDA3WhcNMjUxMTA1MDcwMDA3WjAzMTEwLwYDVQQD
EygzODE5OWQyNzY3YjY2Njg0ODY2ODExYmY4ODJlNjE3MjEwYTg4Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNrbKEQbKr020bzeY8DMdDAF+pP7
Wyiw4NZkHDa97JMaQ32g0TF/OvXKN0b9sdanyQpGGDRTXxHrTC3AuPL/wpBp5Uql
ZPjBKfLpE6j8ROkvOitnncbhqUnaMh9EfcgewDsFM8DZ1kBfeQh20FYmfAD3rJYP
XF7nVQAJBHfuh5LJYXj21JDPdFMLdpUoehEkbnU0F2uiGUVPjO+YCbs9qTJixet2
yigV0T+8F2oyFiro/By9HoYD4eZKUC3JxTPusKrWcKIV11VmzZ7CdnEychcm3oY/
TBW++EHdyuOfZwITrUyo9ABoYeKsr7uOZApv7H98TVQY4T0/3F6lOHs8BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgZnSdntmaEhmgRv4guYXIQqIJ1MB8GA1UdIwQY
MBaAFPLuW2hJyMgfWnY1lViKa6aCHnZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTIt
NjBhMDM5ZGQxYmNhLzEvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMDJhODgtM2E4NS00NzZmLWI0NTItNjBhMDM5ZGQxYmNh
LzEvOHU1YmFFbkl5QjlhZGpXVldJcHJwb0llZG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsR3a62De
SNNMIazPyOJ8Ze3eicwibvAOQO859DoxhXN6AsVSJjI3WH1oo0bpx6BfaNn8CnEf
FFQc/SpERuFEKfxjLt8REAZL3iROghxE66WEBpmV9x2iF5+c9iii2+VQe3WFNmma
UpTI3kBjIb2wlBm1aWldtKCfbLbYntPIjwCFhQL9THOM7gZdMbyNPTgAmP1PtHyb
qTaulujWm1vfemhS6O7f0s/By4NDa5WUeB7U0pFZEBwg7sCUbDFuCQefY2RsAoSA
i8IugN+olPf/d9qIG0krT1+u5DbMyKWd0Ey+gTCDVgLnNNeO6rbl3ZKnqPeht44M
YubrKcEMmx+SSA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:38:05 2025 by rpki-client