Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
File: 4toj07kw1MHzrHMGXXGmB8NdKQA.mft (raw, json)
Hash identifier: sXZP4Ac7Qw+Fttw2lz9FaYVjhmj4Anm6WoJihiy0//8=
Subject key identifier: 40:06:D3:43:BB:F7:3C:41:53:37:3D:A1:AD:0E:52:59:69:A4:F4:3F
Authority key identifier: E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00
Certificate issuer: /CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
Certificate serial: 019A033598BCA81462C92A058371359809B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
Manifest number: 16E9
Signing time: Mon 20 Oct 2025 20:00:35 +0000
Manifest this update: Mon 20 Oct 2025 20:00:35 +0000
Manifest next update: Tue 21 Oct 2025 20:00:35 +0000
Files and hashes: 1: 1-rU3n-MmX0x7vSSIglpKrM6p7wc.roa (hash: c73xh5XkAcPFRSo/oWqlfjE2NzFubQ+3BLO5+whFr6o=)
2: 4toj07kw1MHzrHMGXXGmB8NdKQA.crl (hash: PTrVV0xe/LQKU0XJv+8LEiuoGyTCo8QpwgKdDO0NUbQ=)
3: lAPGewAMTsg2zoYnnReshsfQhuc.roa (hash: cQriD0k+t33lYmHxMgkTAtEHjw/RaZJ3vs4rH148M98=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 20:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:35:98:bc:a8:14:62:c9:2a:05:83:71:35:98:09:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2da23d3b930d4c1f3ac73065d71a607c35d2900
Validity
Not Before: Oct 20 20:00:35 2025 GMT
Not After : Oct 21 20:00:35 2025 GMT
Subject: CN=4006d343bbf73c4153373da1ad0e525969a4f43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bd:87:1c:da:ca:e3:29:83:69:c9:0c:9a:1c:
72:04:3c:bd:11:db:14:b5:dd:8e:76:c5:96:8c:e3:
1f:22:3e:cc:68:b5:30:75:30:de:66:9a:41:cd:8e:
84:e7:40:1c:83:cf:87:3d:de:e8:23:a8:34:bc:f1:
4d:eb:60:68:61:8a:0c:34:45:28:e2:96:3c:c5:44:
ab:62:dc:40:0d:7a:ca:2c:8c:8f:b8:b7:3f:5f:b8:
e5:74:df:db:56:74:f8:7d:c1:48:bb:46:c6:2e:7c:
d3:9c:27:4f:1c:3f:4c:2f:9a:33:56:b8:c3:10:4e:
c3:6d:75:33:17:60:5b:14:5c:75:72:6d:a9:d8:9a:
6f:59:1e:bc:ab:25:04:e7:b6:cc:91:12:57:23:e1:
0a:5f:05:5b:5d:62:e2:31:2c:15:1d:ec:86:7e:ff:
5d:24:8c:b6:97:ca:07:ef:00:f7:f3:85:25:c0:36:
ab:2a:fb:6b:8a:b7:4d:0a:78:8f:01:3b:38:cd:e1:
bd:3f:b2:f9:1e:9f:a4:ba:50:09:f8:38:5d:81:ee:
24:24:88:93:1c:9a:40:c2:cc:92:1a:62:3f:80:2d:
b1:d2:63:98:aa:7e:9b:10:00:91:fc:ae:af:97:d3:
13:f4:61:97:45:c1:a6:1c:9e:cd:31:b9:23:ff:33:
25:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:06:D3:43:BB:F7:3C:41:53:37:3D:A1:AD:0E:52:59:69:A4:F4:3F
X509v3 Authority Key Identifier:
keyid:E2:DA:23:D3:B9:30:D4:C1:F3:AC:73:06:5D:71:A6:07:C3:5D:29:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4toj07kw1MHzrHMGXXGmB8NdKQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/deebb8-ae86-4694-a972-827a0ac04a9d/1/4toj07kw1MHzrHMGXXGmB8NdKQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:23:cc:bc:bb:85:ab:3b:07:86:f9:73:d6:e9:31:3f:c4:a1:
de:72:c6:b1:5b:91:1b:bc:7c:f1:fe:2c:08:cc:3d:32:2e:40:
12:cc:ae:54:aa:cd:93:c5:8e:ad:69:1f:d2:b2:f2:d9:24:c5:
01:50:fc:9a:44:cf:f9:bd:ed:53:20:3a:74:5c:a3:90:8e:f2:
63:88:ad:50:97:2a:c8:9b:70:dc:52:59:67:9f:35:1d:e3:a6:
df:f7:13:d5:8c:72:34:41:73:72:28:5f:a4:3e:c0:f0:5d:36:
19:f2:00:b1:c7:ed:f7:1a:cf:00:fb:9c:94:eb:9d:e2:9a:0a:
c2:4c:5f:09:51:13:a0:7b:9a:7d:7a:13:00:fa:ea:0e:ce:a3:
0b:ff:2d:1a:f8:36:2e:60:1d:1d:d2:cc:9e:5a:44:1e:f2:00:
bc:74:8d:b3:18:8b:ee:f6:4d:a4:d1:5d:db:d4:2c:0d:8d:bd:
3b:d7:ee:d9:9c:86:1e:c4:aa:f1:f8:ae:f5:fa:6a:cd:4a:1a:
6d:0b:0e:ca:b6:07:f8:44:30:01:01:cb:4e:85:bc:56:9e:60:
a4:9c:95:19:78:76:b9:26:35:37:ec:9c:3d:7b:b6:73:37:0b:
9a:78:0e:15:99:6a:b6:6f:73:66:06:7b:12:a4:c8:62:f2:c5:
d0:2d:35:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDNZi8qBRiySoFg3E1mAmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZGEyM2QzYjkzMGQ0YzFmM2FjNzMwNjVkNzFhNjA3YzM1
ZDI5MDAwHhcNMjUxMDIwMjAwMDM1WhcNMjUxMDIxMjAwMDM1WjAzMTEwLwYDVQQD
Eyg0MDA2ZDM0M2JiZjczYzQxNTMzNzNkYTFhZDBlNTI1OTY5YTRmNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r2HHNrK4ymDackMmhxyBDy9EdsU
td2OdsWWjOMfIj7MaLUwdTDeZppBzY6E50Acg8+HPd7oI6g0vPFN62BoYYoMNEUo
4pY8xUSrYtxADXrKLIyPuLc/X7jldN/bVnT4fcFIu0bGLnzTnCdPHD9ML5ozVrjD
EE7DbXUzF2BbFFx1cm2p2JpvWR68qyUE57bMkRJXI+EKXwVbXWLiMSwVHeyGfv9d
JIy2l8oH7wD384UlwDarKvtrirdNCniPATs4zeG9P7L5Hp+kulAJ+Dhdge4kJIiT
HJpAwsySGmI/gC2x0mOYqn6bEACR/K6vl9MT9GGXRcGmHJ7NMbkj/zMlTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAG00O79zxBUzc9oa0OUllppPQ/MB8GA1UdIwQY
MBaAFOLaI9O5MNTB86xzBl1xpgfDXSkAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzIt
ODI3YTBhYzA0YTlkLzEvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kZWViYjgtYWU4Ni00Njk0LWE5NzItODI3YTBhYzA0YTlk
LzEvNHRvajA3a3cxTUh6ckhNR1hYR21COE5kS1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWSPMvLuF
qzsHhvlz1ukxP8Sh3nLGsVuRG7x88f4sCMw9Mi5AEsyuVKrNk8WOrWkf0rLy2STF
AVD8mkTP+b3tUyA6dFyjkI7yY4itUJcqyJtw3FJZZ581HeOm3/cT1YxyNEFzcihf
pD7A8F02GfIAscft9xrPAPuclOud4poKwkxfCVEToHuafXoTAPrqDs6jC/8tGvg2
LmAdHdLMnlpEHvIAvHSNsxiL7vZNpNFd29QsDY29O9fu2ZyGHsSq8fiu9fpqzUoa
bQsOyrYH+EQwAQHLToW8Vp5gpJyVGXh2uSY1N+ycPXu2czcLmngOFZlqtm9zZgZ7
EqTIYvLF0C013g==
-----END CERTIFICATE-----
Generated at Tue Oct 21 05:52:53 2025 by rpki-client