Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
File: U70JkochUqhtYNljuH0BgXwA_FM.mft (raw, json)
Hash identifier: 34mgtcULS/biDJMyw8wys+IeHaB5gX+9qyfEojIJsz4=
Subject key identifier: 71:E1:93:05:F9:5D:F2:4E:70:8C:91:22:95:1C:68:A7:5C:20:B1:36
Authority key identifier: 53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
Certificate issuer: /CN=53bd0992872152a86d60d963b87d01817c00fc53
Certificate serial: 019A5074E715CA3AE86421EBCC383E64D371
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 20:00:29 +0000
Manifest this update: Tue 04 Nov 2025 20:00:29 +0000
Manifest next update: Wed 05 Nov 2025 20:00:29 +0000
Files and hashes: 1: 8hWTGCLXxSwODB2tKv40DFwDRSA.roa (hash: LnqtzTwP6Z/uj/Pahytsa4k9TTsa7E1q6xNsCMwJ/r4=)
2: KdlAk3dh27bShWAn4-0kWb61hVQ.roa (hash: ATJYV8SWOcnAG9fqVBljwxaiv5XnfJ4U40CX0lPgLrE=)
3: U70JkochUqhtYNljuH0BgXwA_FM.crl (hash: uEKY4F0E6E0qgNEF/8OqphBVX0WjpErUMucNjduhZNw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:74:e7:15:ca:3a:e8:64:21:eb:cc:38:3e:64:d3:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bd0992872152a86d60d963b87d01817c00fc53
Validity
Not Before: Nov 4 20:00:29 2025 GMT
Not After : Nov 5 20:00:29 2025 GMT
Subject: CN=71e19305f95df24e708c9122951c68a75c20b136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:93:ea:db:e5:e8:d8:57:ed:d6:a9:1b:d6:2d:
d5:1b:7e:ff:a9:0f:c0:cf:ac:f2:5b:71:30:09:ef:
f6:9e:2e:79:b3:7d:c0:03:da:08:c9:6e:91:81:32:
d7:37:79:42:c4:ea:73:e8:25:d9:11:c3:f3:54:15:
72:75:18:4e:41:c1:6f:0b:70:50:60:47:ae:d2:c1:
b4:77:80:aa:d8:b4:1d:59:55:af:f0:c9:a5:1c:89:
5e:be:3c:de:b9:de:35:de:d9:18:ca:76:92:d7:24:
e2:51:8b:d7:c7:6f:75:09:16:b3:d4:fa:1a:bd:e4:
f5:6e:33:22:f8:f6:e3:3f:68:fd:3f:7a:a7:0f:20:
2f:e2:90:ad:1f:0f:32:8a:31:6c:6a:99:3e:b0:ed:
de:34:ce:c7:aa:cf:61:b8:cb:51:b2:1a:48:6d:c8:
ae:ef:72:da:88:6a:23:22:71:63:1d:d1:9c:f2:b5:
dd:52:58:4c:67:58:1d:95:95:dd:a1:ee:7c:83:69:
01:57:a1:d3:f5:04:1d:55:03:ab:06:db:24:fa:83:
98:a1:24:0e:06:92:3b:6e:79:b0:a6:66:63:29:94:
bf:28:93:e6:d3:e8:00:e4:13:f8:68:49:bb:ef:39:
11:09:05:67:a1:e7:a3:36:22:d8:2b:37:87:f7:b4:
dd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E1:93:05:F9:5D:F2:4E:70:8C:91:22:95:1C:68:A7:5C:20:B1:36
X509v3 Authority Key Identifier:
keyid:53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c1:47:c1:a5:dd:c6:e0:68:17:97:f6:5f:56:57:fc:97:2a:27:
f9:38:27:c0:0e:6a:8e:a1:18:77:50:e1:54:a0:ff:60:3b:d7:
b6:00:bc:55:52:e7:46:27:ab:e0:b1:14:3b:8b:51:43:f5:7f:
3f:2b:13:b9:56:e2:c2:4c:1f:a6:35:17:2e:24:2a:4f:12:f5:
b3:2c:d6:87:a3:be:c6:61:0e:10:8a:a0:f1:c8:1b:bc:88:80:
7c:e4:9e:90:a1:58:2f:5e:41:5b:f9:3c:e4:83:a0:ba:cb:28:
1c:8c:4d:ad:34:46:91:ea:67:98:ef:45:35:84:c2:03:02:e9:
6d:2b:e0:63:c4:5e:38:de:c2:30:27:54:e0:81:d4:da:c4:9b:
f0:45:84:e3:81:ba:57:e9:ce:e8:0f:29:dc:c4:03:68:1f:90:
95:fa:2a:63:39:a5:cb:74:f7:00:d8:95:29:6c:aa:80:87:0d:
31:12:09:22:a8:74:b4:ee:4b:a9:f7:f9:e1:41:05:d0:5b:51:
87:b8:86:e0:12:c0:5e:c7:35:f3:99:2a:54:d0:53:cd:54:b2:
75:32:78:cc:39:7c:1d:93:28:88:c8:ca:79:48:6b:21:06:a5:
76:5c:86:ec:8f:7f:6a:fa:36:aa:35:4b:f6:a8:8c:69:7e:fb:
9e:cb:d7:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQdOcVyjroZCHrzDg+ZNNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmQwOTkyODcyMTUyYTg2ZDYwZDk2M2I4N2QwMTgxN2Mw
MGZjNTMwHhcNMjUxMTA0MjAwMDI5WhcNMjUxMTA1MjAwMDI5WjAzMTEwLwYDVQQD
Eyg3MWUxOTMwNWY5NWRmMjRlNzA4YzkxMjI5NTFjNjhhNzVjMjBiMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JPq2+Xo2Fft1qkb1i3VG37/qQ/A
z6zyW3EwCe/2ni55s33AA9oIyW6RgTLXN3lCxOpz6CXZEcPzVBVydRhOQcFvC3BQ
YEeu0sG0d4Cq2LQdWVWv8MmlHIlevjzeud413tkYynaS1yTiUYvXx291CRaz1Poa
veT1bjMi+PbjP2j9P3qnDyAv4pCtHw8yijFsapk+sO3eNM7Hqs9huMtRshpIbciu
73LaiGojInFjHdGc8rXdUlhMZ1gdlZXdoe58g2kBV6HT9QQdVQOrBtsk+oOYoSQO
BpI7bnmwpmZjKZS/KJPm0+gA5BP4aEm77zkRCQVnoeejNiLYKzeH97TdQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHhkwX5XfJOcIyRIpUcaKdcILE2MB8GA1UdIwQY
MBaAFFO9CZKHIVKobWDZY7h9AYF8APxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQt
ZTE1ZjRmODQwOWU2LzEvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQtZTE1ZjRmODQwOWU2
LzEvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwUfBpd3G
4GgXl/ZfVlf8lyon+TgnwA5qjqEYd1DhVKD/YDvXtgC8VVLnRier4LEUO4tRQ/V/
PysTuVbiwkwfpjUXLiQqTxL1syzWh6O+xmEOEIqg8cgbvIiAfOSekKFYL15BW/k8
5IOgussoHIxNrTRGkepnmO9FNYTCAwLpbSvgY8ReON7CMCdU4IHU2sSb8EWE44G6
V+nO6A8p3MQDaB+QlfoqYzmly3T3ANiVKWyqgIcNMRIJIqh0tO5Lqff54UEF0FtR
h7iG4BLAXsc185kqVNBTzVSydTJ4zDl8HZMoiMjKeUhrIQaldlyG7I9/avo2qjVL
9qiMaX77nsvXUQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:47:25 2025 by rpki-client