Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: HLRL30kzcJTRKugFu9bg1tiCEAkXVnh3k9vNEIYpL5k=
Subject key identifier: 3F:99:B9:7C:79:ED:2D:BE:5C:50:35:61:01:9B:9F:CD:F9:39:9B:D8
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 019A21E476CDDAE04EB63F13DF89D8731A05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 027B
Signing time: Sun 26 Oct 2025 19:00:11 +0000
Manifest this update: Sun 26 Oct 2025 19:00:11 +0000
Manifest next update: Mon 27 Oct 2025 19:00:11 +0000
Files and hashes: 1: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: kSwLOYGY/iUgdYLPWLza5T3OCHMY80CkMiT1F+tiJJs=)
2: cpRFayTuWEzodEO-QznXVMR-alE.roa (hash: wcJbOFjwwy8ZnD5yiXe5CzeprbHM7YA3HHhv8zEs++s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:e4:76:cd:da:e0:4e:b6:3f:13:df:89:d8:73:1a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Oct 26 19:00:11 2025 GMT
Not After : Oct 27 19:00:11 2025 GMT
Subject: CN=3f99b97c79ed2dbe5c503561019b9fcdf9399bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c1:39:1d:e2:ef:83:a2:3a:31:ef:bc:80:78:
60:29:2f:ee:2a:e8:3e:f8:e3:bc:ce:83:64:15:bd:
f9:08:b4:6c:63:78:e0:4b:6d:29:da:07:16:48:dd:
d6:38:88:95:a7:51:24:94:2c:bd:88:93:bc:b4:44:
cb:87:b9:ae:12:9f:01:58:15:30:6f:19:f6:1d:c4:
b5:34:75:6d:79:8b:8e:2c:9e:07:e0:76:34:ec:87:
f6:48:b6:a5:03:59:10:28:fa:71:85:b0:fb:2a:75:
5a:1b:e4:31:a8:e2:de:c6:e9:3a:56:cc:43:de:6a:
1c:05:ec:3d:48:d7:a1:13:ab:ad:82:2b:90:cf:49:
49:a0:87:43:04:cf:f2:dc:6f:25:3f:c6:55:a1:6f:
0f:d1:d3:2f:46:2a:e3:9f:47:30:b7:9f:d4:43:9c:
b8:f1:10:b2:07:15:ae:5e:12:7d:9a:09:c9:b4:8e:
4a:cd:d5:28:06:3b:89:c8:c9:e0:ba:82:7f:7b:76:
22:16:df:8b:5b:8e:34:e9:e8:3a:10:3b:84:f3:0a:
ee:8c:b2:f4:92:81:62:56:eb:8f:67:fc:55:24:cf:
0a:ce:e6:bf:4d:c5:84:25:2e:41:47:58:38:27:f1:
0f:d2:97:47:9e:87:15:ff:01:a7:e6:1d:ab:4c:bc:
bb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:99:B9:7C:79:ED:2D:BE:5C:50:35:61:01:9B:9F:CD:F9:39:9B:D8
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:cd:cf:ee:b3:35:e5:43:d8:94:a4:f7:d9:71:6b:98:91:89:
cc:70:fe:d0:73:03:dc:d9:f2:d2:37:89:d6:ed:18:92:55:6c:
76:44:73:7c:8d:0a:d0:a5:ca:68:cd:41:22:86:e7:74:3c:63:
10:77:d2:ff:30:f3:03:0a:c5:f7:4f:0f:89:4e:02:38:02:a4:
19:e2:01:56:33:0b:e9:62:43:39:b8:a4:9d:d4:9f:60:a0:dd:
d0:4f:f6:6c:d5:12:e5:cd:b4:81:9e:cb:d0:35:35:cf:af:e8:
20:3d:43:08:d8:f2:51:73:5b:91:46:54:68:73:e1:de:21:ac:
1a:fb:ca:25:83:c3:b5:4d:71:32:7f:e6:3a:50:1a:af:d9:d9:
58:0f:12:39:dc:f0:5b:90:17:e7:01:6b:7d:0f:5a:64:dc:90:
7a:cd:08:7a:d9:84:04:8a:61:17:04:19:75:ce:15:b3:35:c0:
cc:de:bf:20:84:00:0c:6f:f7:f5:d6:91:26:be:6a:81:55:c3:
05:70:63:8d:de:1d:cb:67:88:8b:33:12:1c:84:bb:43:a2:5a:
a4:2c:d5:75:11:4e:69:54:fd:32:28:46:79:92:31:8e:6c:4e:
e0:b6:49:3a:03:c2:c1:d4:9f:bc:fe:75:f7:53:ce:e6:8d:65:
10:7e:a6:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoh5HbN2uBOtj8T34nYcxoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjUxMDI2MTkwMDExWhcNMjUxMDI3MTkwMDExWjAzMTEwLwYDVQQD
EygzZjk5Yjk3Yzc5ZWQyZGJlNWM1MDM1NjEwMTliOWZjZGY5Mzk5YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48E5HeLvg6I6Me+8gHhgKS/uKug+
+OO8zoNkFb35CLRsY3jgS20p2gcWSN3WOIiVp1EklCy9iJO8tETLh7muEp8BWBUw
bxn2HcS1NHVteYuOLJ4H4HY07If2SLalA1kQKPpxhbD7KnVaG+QxqOLexuk6VsxD
3mocBew9SNehE6utgiuQz0lJoIdDBM/y3G8lP8ZVoW8P0dMvRirjn0cwt5/UQ5y4
8RCyBxWuXhJ9mgnJtI5KzdUoBjuJyMnguoJ/e3YiFt+LW4406eg6EDuE8wrujLL0
koFiVuuPZ/xVJM8Kzua/TcWEJS5BR1g4J/EP0pdHnocV/wGn5h2rTLy7DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+ZuXx57S2+XFA1YQGbn835OZvYMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANc3P7rM1
5UPYlKT32XFrmJGJzHD+0HMD3Nny0jeJ1u0YklVsdkRzfI0K0KXKaM1BIobndDxj
EHfS/zDzAwrF908PiU4COAKkGeIBVjML6WJDObikndSfYKDd0E/2bNUS5c20gZ7L
0DU1z6/oID1DCNjyUXNbkUZUaHPh3iGsGvvKJYPDtU1xMn/mOlAar9nZWA8SOdzw
W5AX5wFrfQ9aZNyQes0IetmEBIphFwQZdc4VszXAzN6/IIQADG/39daRJr5qgVXD
BXBjjd4dy2eIizMSHIS7Q6JapCzVdRFOaVT9MihGeZIxjmxO4LZJOgPCwdSfvP51
91PO5o1lEH6mKg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:42:11 2025 by rpki-client