Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File: ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier: 9yyFeRwtHPgRsmzbeDCCTKLz1qewcP+o5fzyEa0935M=
Subject key identifier: D6:07:53:E3:CF:41:47:24:B0:68:DB:C9:95:12:6C:79:24:BB:A6:AA
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial: 0199FDD9DE1C853172C4C400F242A7D8B973
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number: 16FA
Signing time: Sun 19 Oct 2025 19:02:17 +0000
Manifest this update: Sun 19 Oct 2025 19:02:17 +0000
Manifest next update: Mon 20 Oct 2025 19:02:17 +0000
Files and hashes: 1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: 600nDXSzq7ar3bkStk4n8dWjiqgerzHri7rVaSjwXgg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:de:1c:85:31:72:c4:c4:00:f2:42:a7:d8:b9:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
Validity
Not Before: Oct 19 19:02:17 2025 GMT
Not After : Oct 20 19:02:17 2025 GMT
Subject: CN=d60753e3cf414724b068dbc995126c7924bba6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5d:ce:92:3a:86:87:02:75:63:1b:8b:6b:cf:
9a:04:f7:95:1f:37:a9:dc:80:35:11:11:bb:1f:6b:
ca:e2:bb:5a:90:c6:a2:fd:7e:9d:be:38:2b:1c:a5:
72:9c:20:6c:95:5b:00:52:cb:68:36:7c:99:d4:80:
2e:ab:99:2f:fb:74:68:ec:a7:13:1e:56:02:e2:f4:
19:a0:8b:d4:9f:e3:5b:24:88:8b:a4:ff:f1:77:a1:
fb:1a:cd:ee:ea:b3:b7:c5:4e:52:d7:87:1f:8b:c3:
75:a7:78:e0:2e:5a:0c:bb:ef:67:04:4e:c3:ac:e6:
71:73:e7:c4:37:2f:40:95:c5:7e:e9:e5:77:c2:8c:
42:fb:67:e3:bc:ba:22:b3:15:88:6f:f1:c1:02:a1:
a7:b4:e0:25:ac:b3:ed:c6:ed:01:ba:ab:42:f5:ac:
cd:f5:f6:a1:e3:98:c5:1f:d5:5c:97:5a:3a:53:c0:
ae:20:7e:67:09:2f:a7:ff:ea:73:c1:80:94:b7:41:
cd:72:03:32:7b:e0:91:af:c2:5c:80:7b:e8:81:47:
e1:d6:b7:ed:26:0b:1e:58:4a:33:61:d1:ea:71:4a:
33:22:0c:d1:98:2e:cd:bd:d0:44:8d:b5:66:ce:31:
f1:03:35:b5:12:88:b4:89:d7:df:34:f4:21:04:b5:
16:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:07:53:E3:CF:41:47:24:B0:68:DB:C9:95:12:6C:79:24:BB:A6:AA
X509v3 Authority Key Identifier:
keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:db:66:78:19:31:a5:d7:99:5e:4c:60:2d:d7:61:cd:ec:bb:
23:24:e7:fe:82:f4:7c:34:01:e8:60:70:f7:de:bc:14:d3:61:
98:cc:f6:17:3b:b7:03:74:29:72:6f:92:ae:0e:75:6c:cb:ba:
fa:5e:87:0e:18:06:0a:c7:e6:30:e9:3c:5e:85:75:e6:06:52:
22:e8:73:d9:9b:a0:74:80:98:de:df:40:fe:24:ae:2a:9d:73:
d8:a0:0f:96:01:66:35:f9:37:a2:97:f2:b4:0b:96:b0:01:61:
e3:b3:72:47:de:bc:4b:50:b1:6a:84:48:d3:99:4c:7f:98:3a:
ef:73:fe:e8:16:76:c2:26:47:c6:61:a6:81:29:90:fd:10:9c:
c9:3e:7c:25:be:dd:91:f1:88:6a:84:12:d8:1e:3e:e6:02:15:
ed:01:b5:2b:63:4f:22:bc:1b:a9:ee:06:8b:c9:5e:04:a3:ed:
0b:4d:80:aa:b3:05:ad:76:2b:83:05:fb:24:b7:08:56:30:12:
39:0a:1a:02:0f:6d:db:96:5b:50:d1:12:3c:dc:e7:2a:48:ff:
64:be:77:b0:be:cd:c7:8d:c3:05:11:3c:52:88:29:91:84:7b:
3f:e3:38:cd:27:97:6b:e0:cc:42:54:53:1a:5d:bc:99:6f:6e:
90:5d:0e:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92d4chTFyxMQA8kKn2LlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjUxMDE5MTkwMjE3WhcNMjUxMDIwMTkwMjE3WjAzMTEwLwYDVQQD
EyhkNjA3NTNlM2NmNDE0NzI0YjA2OGRiYzk5NTEyNmM3OTI0YmJhNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V3OkjqGhwJ1YxuLa8+aBPeVHzep
3IA1ERG7H2vK4rtakMai/X6dvjgrHKVynCBslVsAUstoNnyZ1IAuq5kv+3Ro7KcT
HlYC4vQZoIvUn+NbJIiLpP/xd6H7Gs3u6rO3xU5S14cfi8N1p3jgLloMu+9nBE7D
rOZxc+fENy9AlcV+6eV3woxC+2fjvLoisxWIb/HBAqGntOAlrLPtxu0BuqtC9azN
9fah45jFH9Vcl1o6U8CuIH5nCS+n/+pzwYCUt0HNcgMye+CRr8JcgHvogUfh1rft
JgseWEozYdHqcUozIgzRmC7NvdBEjbVmzjHxAzW1Eoi0idffNPQhBLUW9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYHU+PPQUcksGjbyZUSbHkku6aqMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZttmeBkx
pdeZXkxgLddhzey7IyTn/oL0fDQB6GBw9968FNNhmMz2Fzu3A3Qpcm+Srg51bMu6
+l6HDhgGCsfmMOk8XoV15gZSIuhz2ZugdICY3t9A/iSuKp1z2KAPlgFmNfk3opfy
tAuWsAFh47NyR968S1CxaoRI05lMf5g673P+6BZ2wiZHxmGmgSmQ/RCcyT58Jb7d
kfGIaoQS2B4+5gIV7QG1K2NPIrwbqe4Gi8leBKPtC02AqrMFrXYrgwX7JLcIVjAS
OQoaAg9t25ZbUNESPNznKkj/ZL53sL7Nx43DBRE8UogpkYR7P+M4zSeXa+DMQlRT
Gl28mW9ukF0Olg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:13:06 2025 by rpki-client