Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
File: UGF1T3aJFp9qFQZQlUcmcrorRYk.mft (raw, json)
Hash identifier: vln/pS9isQiOHUeMc3+YSI7wkQlZUdu8Lsprx7hpODo=
Subject key identifier: BA:59:F6:90:54:6A:9E:6A:4F:34:E4:7B:9E:F7:39:60:73:AA:D3:6E
Authority key identifier: 50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
Certificate issuer: /CN=5061754f7689169f6a15065095472672ba2b4589
Certificate serial: 019A4D73E422CDFD86B9AB805C01658B4FF6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
Manifest number: 0E80
Signing time: Tue 04 Nov 2025 06:00:31 +0000
Manifest this update: Tue 04 Nov 2025 06:00:31 +0000
Manifest next update: Wed 05 Nov 2025 06:00:31 +0000
Files and hashes: 1: UGF1T3aJFp9qFQZQlUcmcrorRYk.crl (hash: pCtfJeBWdHMNW0HZenbDwUfQrbcluRoKh4RRKCuFHVQ=)
2: yiSfs72_nEyzYSAodCILSS2FNUg.roa (hash: S9gHpNvUCJD2H4bcxuT5WWB4Uck7rHXNRIxCLUlb2hE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:e4:22:cd:fd:86:b9:ab:80:5c:01:65:8b:4f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5061754f7689169f6a15065095472672ba2b4589
Validity
Not Before: Nov 4 06:00:31 2025 GMT
Not After : Nov 5 06:00:31 2025 GMT
Subject: CN=ba59f690546a9e6a4f34e47b9ef7396073aad36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5d:ab:d5:10:6c:60:7a:e4:b3:3f:cf:d6:2f:
bd:9a:af:1d:e8:31:4b:4a:b5:f8:cf:57:23:f7:e7:
52:d0:0a:f1:38:89:b5:70:20:b6:ee:21:66:e6:cf:
69:c6:2e:b6:71:69:51:63:1b:c1:25:07:c4:08:bc:
c7:04:f0:46:60:75:34:20:db:03:35:bb:7e:34:ec:
5e:75:d5:81:f1:42:43:26:64:bd:ee:7a:d4:a4:14:
df:05:b8:63:04:aa:70:5a:95:e0:32:b7:fa:fc:ac:
98:26:d8:0f:ce:19:95:66:e8:5f:c6:3f:2d:c9:e0:
44:48:33:56:95:5a:ef:10:c4:af:bb:9b:19:29:a5:
a3:6e:86:dd:f5:56:7f:a6:21:79:3a:3a:df:04:97:
86:ad:da:c8:1d:e7:ce:1f:29:1b:94:92:fe:e4:2f:
33:33:4d:86:6e:70:43:85:bd:1e:91:7d:13:c2:ab:
03:65:ba:7b:06:db:88:92:5d:0f:b0:7c:22:fd:5b:
74:46:3a:fc:92:62:d4:fd:c0:cf:c0:d5:9f:2e:fb:
53:08:ba:f0:66:02:97:59:a2:b3:b2:b6:74:4b:f2:
d9:28:5e:aa:22:11:e0:f4:2b:10:af:5f:5e:49:94:
eb:d0:07:d1:d3:8f:6a:ef:3e:9d:34:28:26:0d:ae:
75:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:59:F6:90:54:6A:9E:6A:4F:34:E4:7B:9E:F7:39:60:73:AA:D3:6E
X509v3 Authority Key Identifier:
keyid:50:61:75:4F:76:89:16:9F:6A:15:06:50:95:47:26:72:BA:2B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGF1T3aJFp9qFQZQlUcmcrorRYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3b59d5-602d-4351-96bc-a108649d51e2/1/UGF1T3aJFp9qFQZQlUcmcrorRYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:b6:f4:4d:ae:08:f8:3c:0b:e4:c0:57:54:aa:69:99:83:ab:
7b:2d:97:a1:86:c5:77:cc:45:6c:d0:20:29:df:9d:6d:b4:52:
34:59:9d:6e:4c:9d:af:0c:c6:be:2a:40:71:8e:e1:69:e5:be:
54:ca:ef:67:fc:3f:2f:e4:32:20:ae:d1:54:c1:82:8e:4f:49:
ad:4f:18:39:4b:74:3f:0c:b6:37:5c:80:81:57:7c:16:30:5b:
64:2f:9f:43:c6:d6:1f:35:50:04:25:6c:9f:1c:cf:3e:2c:4f:
b4:b6:19:f1:a3:c9:d9:be:08:05:91:7d:50:1a:85:b6:8a:2c:
be:72:ad:f1:00:0d:4b:09:4f:98:e6:be:18:33:ba:dc:55:5d:
26:1c:0c:0c:8e:f9:21:ae:8a:fc:2c:c8:7d:af:ef:16:89:41:
29:2f:16:ec:5e:5e:aa:08:f2:04:40:3c:05:86:52:26:a2:47:
3c:29:37:d9:cf:01:a9:34:a3:10:53:64:a1:08:17:e1:ce:2d:
05:df:fc:0a:c7:b1:de:c5:68:64:7f:61:ee:46:1c:3a:c4:87:
d9:66:bb:a5:93:bc:6d:cc:0e:bb:c8:fe:82:97:b8:9d:8f:04:
1b:20:d2:90:4c:70:4f:af:4f:80:e4:01:13:65:2a:7c:09:61:
62:65:04:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc+Qizf2GuauAXAFli0/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjE3NTRmNzY4OTE2OWY2YTE1MDY1MDk1NDcyNjcyYmEy
YjQ1ODkwHhcNMjUxMTA0MDYwMDMxWhcNMjUxMTA1MDYwMDMxWjAzMTEwLwYDVQQD
EyhiYTU5ZjY5MDU0NmE5ZTZhNGYzNGU0N2I5ZWY3Mzk2MDczYWFkMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V2r1RBsYHrksz/P1i+9mq8d6DFL
SrX4z1cj9+dS0ArxOIm1cCC27iFm5s9pxi62cWlRYxvBJQfECLzHBPBGYHU0INsD
Nbt+NOxeddWB8UJDJmS97nrUpBTfBbhjBKpwWpXgMrf6/KyYJtgPzhmVZuhfxj8t
yeBESDNWlVrvEMSvu5sZKaWjbobd9VZ/piF5OjrfBJeGrdrIHefOHykblJL+5C8z
M02GbnBDhb0ekX0TwqsDZbp7BtuIkl0PsHwi/Vt0Rjr8kmLU/cDPwNWfLvtTCLrw
ZgKXWaKzsrZ0S/LZKF6qIhHg9CsQr19eSZTr0AfR049q7z6dNCgmDa51/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLpZ9pBUap5qTzTke573OWBzqtNuMB8GA1UdIwQY
MBaAFFBhdU92iRafahUGUJVHJnK6K0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMt
YTEwODY0OWQ1MWUyLzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zYjU5ZDUtNjAyZC00MzUxLTk2YmMtYTEwODY0OWQ1MWUy
LzEvVUdGMVQzYUpGcDlxRlFaUWxVY21jcm9yUllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS7b0Ta4I
+DwL5MBXVKppmYOrey2XoYbFd8xFbNAgKd+dbbRSNFmdbkydrwzGvipAcY7haeW+
VMrvZ/w/L+QyIK7RVMGCjk9JrU8YOUt0Pwy2N1yAgVd8FjBbZC+fQ8bWHzVQBCVs
nxzPPixPtLYZ8aPJ2b4IBZF9UBqFtoosvnKt8QANSwlPmOa+GDO63FVdJhwMDI75
Ia6K/CzIfa/vFolBKS8W7F5eqgjyBEA8BYZSJqJHPCk32c8BqTSjEFNkoQgX4c4t
Bd/8Csex3sVoZH9h7kYcOsSH2Wa7pZO8bcwOu8j+gpe4nY8EGyDSkExwT69PgOQB
E2UqfAlhYmUEKg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:22:25 2025 by rpki-client