Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
File: u41koNwhmWscmeaMyVFpTik-3v4.mft (raw, json)
Hash identifier: n0zZd6Dh2VKDanEmij8N7UlR/CLklLlriagvFbmH81Y=
Subject key identifier: 97:1B:D7:AF:93:74:75:FF:1E:FC:97:36:68:C3:5B:E4:DB:BB:D7:F0
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 0199FB46108970C9DF3C7A827A1E0AACCFB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
Manifest number: 16EB
Signing time: Sun 19 Oct 2025 07:01:36 +0000
Manifest this update: Sun 19 Oct 2025 07:01:36 +0000
Manifest next update: Mon 20 Oct 2025 07:01:36 +0000
Files and hashes: 1: C_0ORiP6GTff8xYOZ4mMicSAww8.roa (hash: HUAyzCwf6jl6lX3eg8riTN4+Y+lTTc8+dOFl1EBg7WI=)
2: YWaaNJeo7smBlwI_T0SxJ5KX4-g.roa (hash: QZs858olOtlmGTBOleulDcnrJGCjiCkhUKDy6SCkdvE=)
3: u41koNwhmWscmeaMyVFpTik-3v4.crl (hash: 3d6imE45P9JXfoM83uIXZgyb4ZJaGx3uhTw73g8SISU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:46:10:89:70:c9:df:3c:7a:82:7a:1e:0a:ac:cf:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Oct 19 07:01:36 2025 GMT
Not After : Oct 20 07:01:36 2025 GMT
Subject: CN=971bd7af937475ff1efc973668c35be4dbbbd7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:9b:15:10:ac:37:d6:49:65:b4:c5:bd:a9:
21:49:55:35:0a:a7:7a:b9:a2:88:53:b2:35:cf:1c:
4d:bb:bd:5d:a2:f1:ea:ad:48:c5:93:c9:22:fa:69:
7f:ac:57:68:31:75:c4:62:84:84:43:51:f9:44:15:
57:db:fe:f5:a9:7a:cf:d9:18:8e:d1:11:d9:c4:ed:
88:d2:b1:24:c1:ba:f6:64:84:61:77:dd:04:a0:9f:
29:af:a3:e2:27:89:41:37:4b:97:84:3c:d7:d1:ab:
c4:97:3e:95:7c:df:32:bb:ae:e8:89:16:d1:75:c7:
a2:eb:34:32:2c:f5:25:3f:33:55:f7:01:2a:a0:5e:
44:44:57:64:11:d7:1b:6f:a6:45:67:e1:3b:25:63:
6f:1f:cf:7a:41:c3:e3:9a:52:9f:b1:c6:d7:c1:87:
61:db:41:28:8e:e7:ee:ae:41:19:66:39:3c:84:79:
ae:aa:71:d1:d3:14:82:02:8e:8d:59:27:be:88:12:
54:e6:21:0f:e4:31:11:68:c5:d0:c1:02:5d:90:67:
ed:b2:0e:d3:58:21:a1:6d:59:a8:f0:1d:29:fe:8a:
04:b9:47:fb:c6:0e:19:81:45:ff:b2:93:60:e2:27:
ca:21:cd:fe:fc:b5:f4:63:81:e1:9b:78:9e:92:b8:
51:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1B:D7:AF:93:74:75:FF:1E:FC:97:36:68:C3:5B:E4:DB:BB:D7:F0
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:53:74:f3:8e:77:8a:66:8e:68:11:c0:97:68:60:4e:af:19:
e9:d9:7c:ba:0c:02:95:da:7b:c7:49:d1:2e:0f:87:a1:ca:cc:
b6:a0:bf:28:17:5c:e8:17:5f:4f:74:58:b1:42:b9:38:c4:46:
77:3b:d9:35:8a:54:39:82:dc:9e:18:4b:f6:7c:6d:d4:1f:88:
7c:ba:17:7a:3f:80:e5:f4:c9:98:00:87:d9:ac:73:2a:20:85:
64:4f:3a:09:da:b2:ec:d0:d8:5d:48:7c:9f:a0:bd:8f:b8:e2:
35:ac:02:c4:60:10:d9:05:6d:39:38:d2:b3:03:8b:1c:f6:dc:
5c:f1:c0:8f:5f:c2:d3:4b:f1:b1:e7:40:ad:7c:44:66:72:5a:
c6:6c:48:de:ec:d7:d3:5a:56:b9:57:ff:04:f0:7f:95:3d:83:
bf:66:3c:97:17:cb:5b:d7:e1:08:a0:9a:96:4d:00:91:e8:70:
69:18:de:d8:27:07:0b:12:7d:9b:6d:11:aa:a4:e7:34:87:4e:
29:0c:25:f7:09:0b:f9:33:a6:4b:c8:aa:9a:8d:a7:90:67:9b:
e7:9a:d6:4e:62:3c:25:9c:8a:5a:b6:d1:4f:5a:04:53:81:29:
4e:d1:11:82:dc:8d:a2:66:89:d7:5e:17:7a:5c:65:77:90:c3:
e3:3d:e8:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RhCJcMnfPHqCeh4KrM+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjUxMDE5MDcwMTM2WhcNMjUxMDIwMDcwMTM2WjAzMTEwLwYDVQQD
Eyg5NzFiZDdhZjkzNzQ3NWZmMWVmYzk3MzY2OGMzNWJlNGRiYmJkN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozybFRCsN9ZJZbTFvakhSVU1Cqd6
uaKIU7I1zxxNu71dovHqrUjFk8ki+ml/rFdoMXXEYoSEQ1H5RBVX2/71qXrP2RiO
0RHZxO2I0rEkwbr2ZIRhd90EoJ8pr6PiJ4lBN0uXhDzX0avElz6VfN8yu67oiRbR
dcei6zQyLPUlPzNV9wEqoF5ERFdkEdcbb6ZFZ+E7JWNvH896QcPjmlKfscbXwYdh
20EojufurkEZZjk8hHmuqnHR0xSCAo6NWSe+iBJU5iEP5DERaMXQwQJdkGftsg7T
WCGhbVmo8B0p/ooEuUf7xg4ZgUX/spNg4ifKIc3+/LX0Y4Hhm3iekrhRRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcb16+TdHX/HvyXNmjDW+Tbu9fwMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASlN08453
imaOaBHAl2hgTq8Z6dl8ugwCldp7x0nRLg+HocrMtqC/KBdc6BdfT3RYsUK5OMRG
dzvZNYpUOYLcnhhL9nxt1B+IfLoXej+A5fTJmACH2axzKiCFZE86Cdqy7NDYXUh8
n6C9j7jiNawCxGAQ2QVtOTjSswOLHPbcXPHAj1/C00vxsedArXxEZnJaxmxI3uzX
01pWuVf/BPB/lT2Dv2Y8lxfLW9fhCKCalk0AkehwaRje2CcHCxJ9m20RqqTnNIdO
KQwl9wkL+TOmS8iqmo2nkGeb55rWTmI8JZyKWrbRT1oEU4EpTtERgtyNomaJ114X
elxld5DD4z3oZw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:30:30 2025 by rpki-client