Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a621a8-e079-4a14-98ba-e36a9793ea6d/1/unnFAIApfLnMDMk07jifUMPnPUo.mft
File: unnFAIApfLnMDMk07jifUMPnPUo.mft (raw, json)
Hash identifier: L81Zzqy35dMmTQBJ96SE53L2DN8v0j5TPEHVqG+qlFo=
Subject key identifier: 36:F1:B8:86:52:A5:C8:3E:FD:8E:AD:1C:EE:5C:29:39:62:99:64:9D
Authority key identifier: BA:79:C5:00:80:29:7C:B9:CC:0C:C9:34:EE:38:9F:50:C3:E7:3D:4A
Certificate issuer: /CN=ba79c50080297cb9cc0cc934ee389f50c3e73d4a
Certificate serial: 0199FFC8AE89EC06A1D5DDAB9DECF4461834
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unnFAIApfLnMDMk07jifUMPnPUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a621a8-e079-4a14-98ba-e36a9793ea6d/1/unnFAIApfLnMDMk07jifUMPnPUo.mft
Manifest number: 05B2
Signing time: Mon 20 Oct 2025 04:02:45 +0000
Manifest this update: Mon 20 Oct 2025 04:02:45 +0000
Manifest next update: Tue 21 Oct 2025 04:02:45 +0000
Files and hashes: 1: CpPRk_TNW4CH4jbImpFoaI2OcL4.roa (hash: eYYsy6V5aRdmdwv40uWtw/bgoED55t23eDlp8kMf818=)
2: unnFAIApfLnMDMk07jifUMPnPUo.crl (hash: bcban+k92C7VSZg2BSU8USPWs88Rp+nDeH7Or5E8yMY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/a621a8-e079-4a14-98ba-e36a9793ea6d/1/unnFAIApfLnMDMk07jifUMPnPUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/a621a8-e079-4a14-98ba-e36a9793ea6d/1/unnFAIApfLnMDMk07jifUMPnPUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/unnFAIApfLnMDMk07jifUMPnPUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c8:ae:89:ec:06:a1:d5:dd:ab:9d:ec:f4:46:18:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba79c50080297cb9cc0cc934ee389f50c3e73d4a
Validity
Not Before: Oct 20 04:02:45 2025 GMT
Not After : Oct 21 04:02:45 2025 GMT
Subject: CN=36f1b88652a5c83efd8ead1cee5c29396299649d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fb:2f:70:b3:84:f9:e7:0e:91:7f:67:a9:31:
16:6f:9a:b9:25:b1:c8:fa:2d:d9:2f:ef:34:53:a2:
55:62:c0:08:dd:13:fe:22:f3:b4:ec:3e:c8:d8:3f:
58:9f:07:b5:61:e4:2f:d9:10:7b:2e:0a:b0:d2:4c:
c8:f9:1d:08:93:11:d6:27:df:6a:50:b9:14:c5:af:
45:57:ed:f7:6c:71:82:95:d2:2d:80:26:17:03:d1:
63:ba:8d:2a:9b:dc:8e:4c:cb:b1:ef:2b:db:53:35:
88:28:42:5b:93:07:c3:45:26:14:b3:b1:0f:9f:4d:
a2:8b:56:70:e3:e2:b4:0c:b5:30:68:a4:9c:97:a1:
56:93:75:03:4e:f1:b9:93:d2:d7:82:c0:f0:06:6a:
c4:e8:0d:5a:2a:70:93:f3:f2:af:39:f4:a8:53:4c:
79:39:9f:d1:38:83:80:e6:40:6c:ae:be:7b:76:29:
6a:f0:77:f0:62:52:b4:27:05:af:ff:d0:13:e2:3b:
6e:ed:4e:b2:ad:84:f5:05:ef:60:16:70:77:5e:b5:
93:75:4c:70:3f:0a:5f:05:44:50:b2:9d:4b:81:a5:
a9:f5:70:e6:83:a2:ef:b2:93:9e:78:17:05:9a:a9:
5e:03:b5:e1:62:9b:1d:14:a8:f6:df:3d:d4:25:9f:
df:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F1:B8:86:52:A5:C8:3E:FD:8E:AD:1C:EE:5C:29:39:62:99:64:9D
X509v3 Authority Key Identifier:
keyid:BA:79:C5:00:80:29:7C:B9:CC:0C:C9:34:EE:38:9F:50:C3:E7:3D:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unnFAIApfLnMDMk07jifUMPnPUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a621a8-e079-4a14-98ba-e36a9793ea6d/1/unnFAIApfLnMDMk07jifUMPnPUo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a621a8-e079-4a14-98ba-e36a9793ea6d/1/unnFAIApfLnMDMk07jifUMPnPUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:25:d4:44:a8:d2:fc:12:cd:ad:30:3c:28:6c:fc:c5:b6:e7:
c0:73:55:71:d9:5a:43:34:9a:13:aa:11:c5:0a:41:a9:07:2f:
1b:70:2f:2f:66:4a:b0:cf:9b:e5:18:1f:2b:d2:06:f9:a2:90:
f5:7e:15:54:5f:41:62:8d:59:74:ab:b0:fc:1b:e0:20:70:52:
1d:4c:1d:6c:d3:fb:18:c7:ca:16:d9:46:d7:31:f8:07:c3:c8:
97:03:f7:eb:82:d1:34:51:18:42:aa:b3:0b:8a:9a:30:1a:c8:
5d:f2:18:ea:b9:d4:de:f6:68:b6:a9:32:f3:20:31:fd:b3:30:
6a:75:67:e9:44:ac:cb:5a:a4:10:69:a7:1a:54:1b:0d:c5:0f:
b7:38:28:d3:76:c7:5e:1b:c7:3a:1c:99:c9:27:b3:d7:49:4b:
bd:59:e3:fe:bc:12:7e:f5:39:0c:da:2b:c7:a6:75:89:e7:8f:
27:10:b1:bf:27:c2:4c:e4:73:38:f1:aa:e9:19:9b:d9:62:98:
1f:1e:7e:dc:b4:13:49:74:ba:9c:aa:02:6e:d3:50:23:89:8f:
fa:0e:c8:6e:7d:9e:b3:2e:24:4b:3b:46:93:ae:44:1c:3f:be:
5f:53:e7:fe:ea:46:2b:e3:50:8d:1b:2b:8f:c7:b3:77:df:f3:
2e:54:a4:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yK6J7Aah1d2rnez0Rhg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzljNTAwODAyOTdjYjljYzBjYzkzNGVlMzg5ZjUwYzNl
NzNkNGEwHhcNMjUxMDIwMDQwMjQ1WhcNMjUxMDIxMDQwMjQ1WjAzMTEwLwYDVQQD
EygzNmYxYjg4NjUyYTVjODNlZmQ4ZWFkMWNlZTVjMjkzOTYyOTk2NDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPsvcLOE+ecOkX9nqTEWb5q5JbHI
+i3ZL+80U6JVYsAI3RP+IvO07D7I2D9Ynwe1YeQv2RB7Lgqw0kzI+R0IkxHWJ99q
ULkUxa9FV+33bHGCldItgCYXA9Fjuo0qm9yOTMux7yvbUzWIKEJbkwfDRSYUs7EP
n02ii1Zw4+K0DLUwaKScl6FWk3UDTvG5k9LXgsDwBmrE6A1aKnCT8/KvOfSoU0x5
OZ/ROIOA5kBsrr57dilq8HfwYlK0JwWv/9AT4jtu7U6yrYT1Be9gFnB3XrWTdUxw
PwpfBURQsp1LgaWp9XDmg6LvspOeeBcFmqleA7XhYpsdFKj23z3UJZ/fjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbxuIZSpcg+/Y6tHO5cKTlimWSdMB8GA1UdIwQY
MBaAFLp5xQCAKXy5zAzJNO44n1DD5z1KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5uRkFJQXBmTG5NRE1rMDdqaWZVTVBuUFVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hNjIxYTgtZTA3OS00YTE0LTk4YmEt
ZTM2YTk3OTNlYTZkLzEvdW5uRkFJQXBmTG5NRE1rMDdqaWZVTVBuUFVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hNjIxYTgtZTA3OS00YTE0LTk4YmEtZTM2YTk3OTNlYTZk
LzEvdW5uRkFJQXBmTG5NRE1rMDdqaWZVTVBuUFVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtCXURKjS
/BLNrTA8KGz8xbbnwHNVcdlaQzSaE6oRxQpBqQcvG3AvL2ZKsM+b5RgfK9IG+aKQ
9X4VVF9BYo1ZdKuw/BvgIHBSHUwdbNP7GMfKFtlG1zH4B8PIlwP364LRNFEYQqqz
C4qaMBrIXfIY6rnU3vZotqky8yAx/bMwanVn6USsy1qkEGmnGlQbDcUPtzgo03bH
XhvHOhyZySez10lLvVnj/rwSfvU5DNorx6Z1ieePJxCxvyfCTORzOPGq6Rmb2WKY
Hx5+3LQTSXS6nKoCbtNQI4mP+g7Ibn2esy4kSztGk65EHD++X1Pn/upGK+NQjRsr
j8ezd9/zLlSkzA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:23:38 2025 by rpki-client