
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json)
Hash identifier: Sru9RvDxVgMBY0aZjjYJUNyn/CuVtbHi7LG9TR/PzIQ=
Subject key identifier: 9B:81:D9:6A:B4:75:5E:B4:AD:1A:53:43:FD:82:8F:90:B0:A6:8B:83
Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Certificate serial: 019A01EBF44732EDD9D752E183A31CCF3820
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
Manifest number: 136E
Signing time: Mon 20 Oct 2025 14:00:31 +0000
Manifest this update: Mon 20 Oct 2025 14:00:31 +0000
Manifest next update: Tue 21 Oct 2025 14:00:31 +0000
Files and hashes: 1: SIndVbkKUXy4BUQozeoniwpZDAY.roa (hash: w+S8wcJNHWfC84514ZDYZ2EFFwmdH9ulSWKDE7QHbmQ=)
2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: eLOtMO0aNAu2AvY/RRm//NooyKwtqtu7MB3bhBZvb5w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:eb:f4:47:32:ed:d9:d7:52:e1:83:a3:1c:cf:38:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f
Validity
Not Before: Oct 20 14:00:31 2025 GMT
Not After : Oct 21 14:00:31 2025 GMT
Subject: CN=9b81d96ab4755eb4ad1a5343fd828f90b0a68b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f9:3b:ed:d5:e7:87:2e:a0:1f:4a:7c:47:d2:
db:67:aa:c1:a8:5e:89:f3:00:d4:53:51:b8:1f:1d:
f3:37:0b:61:55:8c:0b:06:77:20:da:6a:b3:79:ef:
3c:c9:56:b0:5b:6a:56:a3:75:f7:5b:00:c0:9a:8f:
86:7e:e5:9f:19:25:f9:ca:5d:67:d2:22:f1:72:09:
9e:57:de:37:60:20:69:26:60:1e:24:93:d0:50:4c:
74:d4:de:ca:06:51:95:43:73:01:7b:f8:ac:73:f9:
59:1a:66:c5:da:a5:b5:95:b4:d7:29:a3:13:a5:56:
49:a0:a1:2f:46:46:83:00:f5:78:89:20:42:9b:c6:
ea:f7:80:9e:2c:ca:66:e3:d1:46:10:30:90:d9:24:
09:42:75:be:d7:85:58:b4:0b:96:95:c3:54:c8:0c:
68:6b:c2:4f:1a:69:c8:63:05:d1:fc:4d:b3:9b:f7:
ce:2a:ef:45:01:1a:fe:48:44:7a:2a:6e:be:d2:2e:
95:b6:7b:16:e4:15:a9:ad:f3:dd:81:28:82:5e:e8:
42:57:1d:4a:7e:d0:5f:5d:88:2c:23:2f:d7:15:69:
96:99:50:dd:99:d1:0f:ab:db:cb:f5:6e:61:4e:0d:
75:85:e8:e9:f9:b7:87:24:6e:11:51:1f:cb:8f:0d:
a3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:81:D9:6A:B4:75:5E:B4:AD:1A:53:43:FD:82:8F:90:B0:A6:8B:83
X509v3 Authority Key Identifier:
keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:1a:f1:c3:de:f2:01:aa:5f:2d:a5:fa:fa:9f:a4:ad:5f:07:
68:12:b1:80:43:1f:af:dc:eb:05:9f:aa:22:3c:8b:e8:ab:fc:
c8:27:0b:9c:21:f0:b6:e1:1b:b6:db:5b:73:c1:ad:e5:57:fa:
58:0c:f6:64:0f:23:f7:85:32:7c:8e:72:fa:bb:08:0b:14:ca:
d6:02:48:c4:f7:76:74:02:ea:f2:ee:6d:0e:bf:5c:ce:42:1f:
15:f2:cf:11:35:8f:fc:20:ba:6e:1b:c8:29:48:df:00:1b:bc:
42:be:e8:6a:a5:0a:ee:af:46:ef:03:2c:0a:03:84:05:ae:d0:
52:26:2b:3a:f8:9a:62:76:d1:36:ad:c4:36:e1:4b:75:83:6e:
61:75:ba:22:94:e7:ca:a0:6c:c0:e6:d2:e1:56:56:d0:61:7f:
6c:bc:f0:96:09:84:c2:23:89:a6:fa:76:bb:6c:8e:a5:c9:74:
16:56:2d:ea:e5:60:b1:95:4a:41:6a:2f:b1:88:c5:11:1e:ba:
52:19:db:27:49:2c:8c:48:b3:c3:7a:76:0e:77:05:e2:c1:54:
11:01:14:78:9c:e5:f8:c8:a9:ab:eb:0a:cf:90:19:4f:b0:4d:
73:1d:9e:cb:8f:b7:0e:1a:c0:23:7d:84:3f:65:78:f2:3f:44:
f3:1c:d6:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoB6/RHMu3Z11Lhg6MczzggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5
NDRmOGYwHhcNMjUxMDIwMTQwMDMxWhcNMjUxMDIxMTQwMDMxWjAzMTEwLwYDVQQD
Eyg5YjgxZDk2YWI0NzU1ZWI0YWQxYTUzNDNmZDgyOGY5MGIwYTY4YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Pk77dXnhy6gH0p8R9LbZ6rBqF6J
8wDUU1G4Hx3zNwthVYwLBncg2mqzee88yVawW2pWo3X3WwDAmo+GfuWfGSX5yl1n
0iLxcgmeV943YCBpJmAeJJPQUEx01N7KBlGVQ3MBe/isc/lZGmbF2qW1lbTXKaMT
pVZJoKEvRkaDAPV4iSBCm8bq94CeLMpm49FGEDCQ2SQJQnW+14VYtAuWlcNUyAxo
a8JPGmnIYwXR/E2zm/fOKu9FARr+SER6Km6+0i6VtnsW5BWprfPdgSiCXuhCVx1K
ftBfXYgsIy/XFWmWmVDdmdEPq9vL9W5hTg11hejp+beHJG4RUR/Ljw2jWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuB2Wq0dV60rRpTQ/2Cj5CwpouDMB8GA1UdIwQY
MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt
MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2
LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJxrxw97y
AapfLaX6+p+krV8HaBKxgEMfr9zrBZ+qIjyL6Kv8yCcLnCHwtuEbtttbc8Gt5Vf6
WAz2ZA8j94UyfI5y+rsICxTK1gJIxPd2dALq8u5tDr9czkIfFfLPETWP/CC6bhvI
KUjfABu8Qr7oaqUK7q9G7wMsCgOEBa7QUiYrOviaYnbRNq3ENuFLdYNuYXW6IpTn
yqBswObS4VZW0GF/bLzwlgmEwiOJpvp2u2yOpcl0FlYt6uVgsZVKQWovsYjFER66
UhnbJ0ksjEizw3p2DncF4sFUEQEUeJzl+Mipq+sKz5AZT7BNcx2ey4+3DhrAI32E
P2V48j9E8xzWjA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:32:11 2025 by rpki-client