Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier: 9VBuW2xK+yeNY9qDwvfEwuhkD7ujH7ShbC9sAds+UVE=
Subject key identifier: 40:91:82:52:A6:4C:43:99:4E:51:B3:C7:44:8E:CC:99:2E:B6:1B:9E
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial: 0199FB0F4828458B3199AEACDE9B16ABC580
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number: 16E1
Signing time: Sun 19 Oct 2025 06:01:46 +0000
Manifest this update: Sun 19 Oct 2025 06:01:46 +0000
Manifest next update: Mon 20 Oct 2025 06:01:46 +0000
Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: uwy/VGlI0na78FUf7o3RKJAJqckvf9spcrq7gKq1dqc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:0f:48:28:45:8b:31:99:ae:ac:de:9b:16:ab:c5:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Validity
Not Before: Oct 19 06:01:46 2025 GMT
Not After : Oct 20 06:01:46 2025 GMT
Subject: CN=40918252a64c43994e51b3c7448ecc992eb61b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:79:94:20:02:75:8f:8c:86:91:9e:e3:4d:f6:
4c:d4:a6:92:29:d9:24:37:d1:37:86:01:2d:b6:6c:
8f:1f:8c:df:9e:57:53:ff:2d:3f:57:cd:94:e2:8a:
1d:19:63:0b:a9:af:c6:d6:78:e9:c2:5a:d0:1b:87:
56:66:6b:27:d6:ce:2a:48:62:d4:f2:4d:5c:a6:3b:
33:12:5e:a4:fc:d8:df:bd:b0:be:b2:c7:10:05:ab:
d6:e3:35:60:1e:81:ec:9a:44:de:9f:5b:20:07:12:
78:41:dc:a8:eb:8e:20:20:e8:90:3b:42:41:7c:6a:
71:a0:0d:6a:9c:ec:ce:e3:48:fd:96:66:b9:d8:97:
0f:23:7c:e4:e4:79:9e:df:b7:2c:b4:f0:a4:59:6c:
cd:05:65:fe:35:66:a4:0f:90:ae:9a:37:3d:cf:7f:
6c:00:2a:21:6d:c3:b9:a0:ed:c2:06:10:ed:19:df:
52:e0:5f:d7:15:f4:56:54:20:a5:ab:09:70:ce:9c:
ae:7f:01:0e:b8:62:29:6e:a9:0f:69:7f:1a:d9:4a:
ff:a8:0b:dd:49:eb:3c:d6:84:b8:a8:d2:30:85:27:
70:39:2d:e0:8b:2a:bd:cb:9a:ec:70:a4:5d:f2:92:
76:2c:6d:37:f8:14:eb:5d:e7:75:ef:55:1e:e1:ba:
d9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:91:82:52:A6:4C:43:99:4E:51:B3:C7:44:8E:CC:99:2E:B6:1B:9E
X509v3 Authority Key Identifier:
keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:86:aa:1b:04:c5:3c:0e:96:07:2b:57:bc:92:dd:c5:d5:d7:
7f:c0:bc:87:b2:97:97:53:b0:54:b4:33:4b:eb:7d:14:a1:71:
03:74:96:d6:54:e8:62:31:11:e4:eb:be:66:e0:4c:37:9e:b6:
14:72:26:b6:7d:d0:51:be:39:f2:78:44:1c:2a:7c:31:7b:57:
c4:a0:2c:9f:d2:3b:66:17:0e:3e:03:cd:46:64:c4:f0:e1:56:
4a:f7:d3:0f:5e:ae:39:6d:13:c2:81:7b:d5:ec:ed:46:49:79:
1f:dd:d1:28:22:8e:03:34:c0:53:b0:e9:01:57:46:e4:66:8f:
ce:1e:28:4e:ac:d2:57:85:06:b5:fc:b7:73:65:da:25:32:db:
f8:35:dc:e9:af:46:b5:56:5e:68:fe:84:7c:49:02:60:67:bf:
f5:26:0e:2c:35:23:cf:86:49:97:86:55:7f:b5:53:7f:b1:f0:
93:f9:21:fd:9a:95:95:98:6b:be:d4:85:76:42:64:39:06:55:
8d:5f:69:9a:12:db:61:0a:92:cf:b1:73:f6:9b:8c:27:ba:7e:
14:64:ec:d8:ee:9e:68:1f:c7:38:05:0a:8e:2f:3c:40:e8:50:
67:fb:a9:4b:27:dd:25:44:05:50:9a:b5:60:af:a4:49:ee:e9:
ac:80:f9:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7D0goRYsxma6s3psWq8WAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUxMDE5MDYwMTQ2WhcNMjUxMDIwMDYwMTQ2WjAzMTEwLwYDVQQD
Eyg0MDkxODI1MmE2NGM0Mzk5NGU1MWIzYzc0NDhlY2M5OTJlYjYxYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHmUIAJ1j4yGkZ7jTfZM1KaSKdkk
N9E3hgEttmyPH4zfnldT/y0/V82U4oodGWMLqa/G1njpwlrQG4dWZmsn1s4qSGLU
8k1cpjszEl6k/NjfvbC+sscQBavW4zVgHoHsmkTen1sgBxJ4Qdyo644gIOiQO0JB
fGpxoA1qnOzO40j9lma52JcPI3zk5Hme37cstPCkWWzNBWX+NWakD5Cumjc9z39s
ACohbcO5oO3CBhDtGd9S4F/XFfRWVCClqwlwzpyufwEOuGIpbqkPaX8a2Ur/qAvd
Ses81oS4qNIwhSdwOS3giyq9y5rscKRd8pJ2LG03+BTrXed171Ue4brZyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECRglKmTEOZTlGzx0SOzJkuthueMB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi4aqGwTF
PA6WBytXvJLdxdXXf8C8h7KXl1OwVLQzS+t9FKFxA3SW1lToYjER5Ou+ZuBMN562
FHImtn3QUb458nhEHCp8MXtXxKAsn9I7ZhcOPgPNRmTE8OFWSvfTD16uOW0TwoF7
1eztRkl5H93RKCKOAzTAU7DpAVdG5GaPzh4oTqzSV4UGtfy3c2XaJTLb+DXc6a9G
tVZeaP6EfEkCYGe/9SYOLDUjz4ZJl4ZVf7VTf7Hwk/kh/ZqVlZhrvtSFdkJkOQZV
jV9pmhLbYQqSz7Fz9puMJ7p+FGTs2O6eaB/HOAUKji88QOhQZ/upSyfdJUQFUJq1
YK+kSe7prID5tg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:33:44 2025 by rpki-client