
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
File: U70JkochUqhtYNljuH0BgXwA_FM.mft (raw, json)
Hash identifier: iRIvOuGyfs8QQELBvDNTEVtWACMIhQfeBAALyvmOKmw=
Subject key identifier: EF:DE:5E:DD:0E:CF:90:A5:47:EB:CA:DA:67:F8:42:C3:2C:8E:0F:0C
Authority key identifier: 53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
Certificate issuer: /CN=53bd0992872152a86d60d963b87d01817c00fc53
Certificate serial: 0199FD6B14B902C11E70A0A0296D29D17EA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
Manifest number: 16E3
Signing time: Sun 19 Oct 2025 17:01:17 +0000
Manifest this update: Sun 19 Oct 2025 17:01:17 +0000
Manifest next update: Mon 20 Oct 2025 17:01:17 +0000
Files and hashes: 1: 8hWTGCLXxSwODB2tKv40DFwDRSA.roa (hash: LnqtzTwP6Z/uj/Pahytsa4k9TTsa7E1q6xNsCMwJ/r4=)
2: KdlAk3dh27bShWAn4-0kWb61hVQ.roa (hash: ATJYV8SWOcnAG9fqVBljwxaiv5XnfJ4U40CX0lPgLrE=)
3: U70JkochUqhtYNljuH0BgXwA_FM.crl (hash: DiItqCu6RCbJjK8XnSHB6cLYDCuwZAuGwqHgC49zOxE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6b:14:b9:02:c1:1e:70:a0:a0:29:6d:29:d1:7e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bd0992872152a86d60d963b87d01817c00fc53
Validity
Not Before: Oct 19 17:01:17 2025 GMT
Not After : Oct 20 17:01:17 2025 GMT
Subject: CN=efde5edd0ecf90a547ebcada67f842c32c8e0f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:0e:e0:d2:bc:4d:f7:7c:6e:07:5c:9b:a0:
db:da:f4:37:1e:e7:03:35:8c:94:94:1d:58:10:4f:
3b:c2:11:b0:52:f2:9d:4c:71:a2:70:e6:40:6b:f8:
fa:d5:e1:e1:04:9d:fd:e0:3c:88:b5:90:66:61:c2:
7b:f6:a2:32:79:07:5f:53:2d:eb:2a:76:e8:29:94:
b7:e8:7c:a5:e2:32:c8:b3:cb:71:19:49:5c:1f:f9:
3e:19:3f:e5:52:38:46:53:0e:a0:64:1d:d4:ca:e4:
8f:9a:a8:e3:59:87:e2:33:ed:ac:db:50:f3:95:45:
2d:6f:e7:cf:8c:f5:9b:fd:51:46:e0:23:12:2b:22:
cd:8e:37:8a:65:1d:f5:fa:88:90:71:9e:ae:0a:45:
ac:c6:b5:4f:a7:50:49:b9:79:c4:6f:d3:ab:2d:07:
79:14:d8:cc:ba:b0:5b:a7:50:36:2d:37:d7:c2:39:
c2:7d:46:f5:30:2c:59:c8:bb:55:64:4d:04:83:a3:
d7:73:43:41:86:45:40:bd:aa:88:ac:32:04:b3:95:
e7:5f:f1:5e:85:0d:2e:5d:f5:89:fc:22:32:68:c0:
8b:91:04:1b:26:aa:8b:eb:e0:cb:35:41:dc:db:cd:
be:1a:8a:4d:d5:aa:21:98:7d:75:8b:af:ac:30:1b:
82:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:DE:5E:DD:0E:CF:90:A5:47:EB:CA:DA:67:F8:42:C3:2C:8E:0F:0C
X509v3 Authority Key Identifier:
keyid:53:BD:09:92:87:21:52:A8:6D:60:D9:63:B8:7D:01:81:7C:00:FC:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U70JkochUqhtYNljuH0BgXwA_FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6e264e-d6ce-42d5-b05d-e15f4f8409e6/1/U70JkochUqhtYNljuH0BgXwA_FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:8f:43:22:82:68:54:b9:08:bd:88:7f:c2:17:10:3b:a1:64:
76:8d:b1:a4:49:e3:35:81:84:80:44:46:b5:3b:a1:71:00:4f:
25:78:02:a8:51:d2:c8:d6:19:b6:41:1d:02:5c:4e:cb:f6:96:
6b:bd:ac:48:26:98:d8:b9:fc:a7:98:34:c7:84:20:85:35:8b:
2c:1f:eb:f9:15:75:54:6f:30:5b:67:d5:23:97:1a:fb:c7:2d:
01:5b:23:e5:57:bd:db:e4:c5:c4:34:a8:db:7f:62:f4:45:6b:
aa:1c:f8:29:ea:70:29:1a:79:35:c2:65:c8:96:e4:a7:8c:29:
40:1e:e1:ab:1d:b7:c5:39:1b:3e:00:dc:b2:30:61:8d:00:cc:
c1:aa:79:65:53:22:ff:f2:7a:0e:87:29:4c:a4:4a:74:4d:24:
42:f7:73:2f:c4:80:4c:43:57:5b:ce:2d:da:66:9f:4c:5c:d6:
4b:63:6f:d9:87:b1:99:bf:f6:ea:81:17:d9:9b:c5:a7:74:e7:
ca:06:6b:cb:7e:65:09:f1:35:24:b1:1f:44:ac:88:38:0c:5a:
b8:64:9f:94:3d:33:ca:6a:5c:32:1f:47:1d:d2:29:91:35:6b:
81:bf:52:de:80:d1:6d:64:7f:e3:04:d5:2c:4c:a6:30:51:36:
ed:23:56:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9axS5AsEecKCgKW0p0X6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmQwOTkyODcyMTUyYTg2ZDYwZDk2M2I4N2QwMTgxN2Mw
MGZjNTMwHhcNMjUxMDE5MTcwMTE3WhcNMjUxMDIwMTcwMTE3WjAzMTEwLwYDVQQD
EyhlZmRlNWVkZDBlY2Y5MGE1NDdlYmNhZGE2N2Y4NDJjMzJjOGUwZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH8O4NK8Tfd8bgdcm6Db2vQ3HucD
NYyUlB1YEE87whGwUvKdTHGicOZAa/j61eHhBJ394DyItZBmYcJ79qIyeQdfUy3r
KnboKZS36Hyl4jLIs8txGUlcH/k+GT/lUjhGUw6gZB3UyuSPmqjjWYfiM+2s21Dz
lUUtb+fPjPWb/VFG4CMSKyLNjjeKZR31+oiQcZ6uCkWsxrVPp1BJuXnEb9OrLQd5
FNjMurBbp1A2LTfXwjnCfUb1MCxZyLtVZE0Eg6PXc0NBhkVAvaqIrDIEs5XnX/Fe
hQ0uXfWJ/CIyaMCLkQQbJqqL6+DLNUHc282+GopN1aohmH11i6+sMBuCsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/eXt0Oz5ClR+vK2mf4QsMsjg8MMB8GA1UdIwQY
MBaAFFO9CZKHIVKobWDZY7h9AYF8APxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQt
ZTE1ZjRmODQwOWU2LzEvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZTI2NGUtZDZjZS00MmQ1LWIwNWQtZTE1ZjRmODQwOWU2
LzEvVTcwSmtvY2hVcWh0WU5sanVIMEJnWHdBX0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUI9DIoJo
VLkIvYh/whcQO6Fkdo2xpEnjNYGEgERGtTuhcQBPJXgCqFHSyNYZtkEdAlxOy/aW
a72sSCaY2Ln8p5g0x4QghTWLLB/r+RV1VG8wW2fVI5ca+8ctAVsj5Ve92+TFxDSo
239i9EVrqhz4KepwKRp5NcJlyJbkp4wpQB7hqx23xTkbPgDcsjBhjQDMwap5ZVMi
//J6DocpTKRKdE0kQvdzL8SATENXW84t2mafTFzWS2Nv2Yexmb/26oEX2ZvFp3Tn
ygZry35lCfE1JLEfRKyIOAxauGSflD0zympcMh9HHdIpkTVrgb9S3oDRbWR/4wTV
LEymMFE27SNWhA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:44:18 2025 by rpki-client