Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
File: Tm32g40DOAFB635O5V3AXYcGHck.mft (raw, json)
Hash identifier: 1xiCMw6E7viBzvken0iY3xol71x7p/UppD6AsD77aWg=
Subject key identifier: 4F:A2:23:74:19:D2:9F:AB:1E:0B:D7:0E:AA:D8:DA:7C:4B:07:55:EB
Authority key identifier: 4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9
Certificate issuer: /CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9
Certificate serial: 019A725C3D1E4F948DA40D0735056C073DA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
Manifest number: 116D
Signing time: Tue 11 Nov 2025 10:00:38 +0000
Manifest this update: Tue 11 Nov 2025 10:00:38 +0000
Manifest next update: Wed 12 Nov 2025 10:00:38 +0000
Files and hashes: 1: 6zGLvq4k5vmzCBWK5uxpgKx-SpM.roa (hash: d72RjXOy3TrPnzNgu1Y/cwJXn9F8xvKoAfaZ+LW3oR4=)
2: Tm32g40DOAFB635O5V3AXYcGHck.crl (hash: f3QfB29qh0grbRYm/JihLYKmFfiizhq/M3hbOcT62o4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:3d:1e:4f:94:8d:a4:0d:07:35:05:6c:07:3d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9
Validity
Not Before: Nov 11 10:00:38 2025 GMT
Not After : Nov 12 10:00:38 2025 GMT
Subject: CN=4fa2237419d29fab1e0bd70eaad8da7c4b0755eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:32:3f:a2:50:e2:4f:af:0d:94:e6:63:27:
67:e6:87:a5:24:ba:f4:98:97:c2:06:a6:ca:4b:b7:
7e:c0:1c:17:17:71:e2:28:fb:d3:c5:50:f8:00:70:
c7:e5:fd:f5:4c:b2:a0:0e:6b:25:af:43:af:18:d9:
b8:78:78:e2:c0:4b:4f:fb:64:ae:fb:7c:ed:92:76:
9a:fc:8a:16:72:ee:ac:20:0f:a8:32:6b:46:3f:ba:
62:96:64:f4:d0:2d:21:7d:09:b9:ca:3c:af:b3:72:
c3:94:e2:34:c5:62:68:74:54:a4:4d:07:1d:3e:f8:
00:ac:31:d0:e2:de:a2:d2:17:44:8a:c3:60:1d:47:
6f:46:b9:8c:27:dd:3b:98:87:f1:76:c8:1c:aa:bd:
28:ce:77:30:a7:bb:1e:09:de:25:db:dd:d2:36:82:
9d:5b:49:c8:d0:18:8a:c0:41:f9:c9:c4:90:f7:40:
6d:61:c7:c1:1f:3f:ba:35:df:89:56:fb:36:b7:f8:
16:2b:4b:14:c6:20:51:b3:5c:f6:35:e4:5b:f4:53:
f3:8d:51:c7:94:68:82:ce:54:15:d2:16:dc:26:19:
a1:3f:b9:02:78:4a:db:55:be:34:55:61:30:d1:8d:
dc:ff:0d:9e:f8:3f:f5:a9:04:6c:65:54:c8:28:4f:
92:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A2:23:74:19:D2:9F:AB:1E:0B:D7:0E:AA:D8:DA:7C:4B:07:55:EB
X509v3 Authority Key Identifier:
keyid:4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:e4:13:0d:43:66:7b:06:1f:a2:33:81:63:cd:b5:bc:9b:96:
c2:8d:99:9b:c5:54:fc:70:69:2a:03:0a:5e:18:8c:d1:47:74:
3f:e9:93:67:73:be:7a:a5:d1:7f:bf:60:b0:b2:51:42:6b:d6:
6a:02:62:30:12:3f:df:b3:27:fe:25:16:f9:57:a6:56:5b:81:
ee:c4:b4:86:cb:b7:93:b7:70:77:1e:af:ae:56:92:63:83:36:
30:62:49:cc:ba:e4:25:29:5f:25:d5:d5:59:31:f3:62:11:9b:
d3:0a:2e:3c:d4:72:72:a2:01:ac:26:b5:d1:cf:9b:ae:46:76:
9a:a4:b3:90:e0:31:bc:f9:bc:4a:44:05:e0:e5:5a:a2:60:e4:
94:47:83:02:7f:a6:0f:21:74:4a:e9:37:85:33:d4:90:9b:f4:
68:83:b8:0d:98:eb:21:ea:26:1a:71:57:43:b9:a8:13:ac:99:
31:57:68:ac:45:2a:e3:0e:0c:9c:5b:b6:c4:0a:2d:d9:64:ad:
01:6d:cc:aa:d2:c0:7c:c6:cd:89:90:64:9d:59:b4:ca:43:9d:
cb:24:47:21:09:f1:f4:c2:9e:4a:e1:f1:11:d1:d7:26:5e:6e:
80:31:7c:87:7b:87:cd:76:5c:2d:1e:8d:11:35:57:6e:3b:6a:
b8:ee:c7:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXD0eT5SNpA0HNQVsBz2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNmRmNjgzOGQwMzM4MDE0MWViN2U0ZWU1NWRjMDVkODcw
NjFkYzkwHhcNMjUxMTExMTAwMDM4WhcNMjUxMTEyMTAwMDM4WjAzMTEwLwYDVQQD
Eyg0ZmEyMjM3NDE5ZDI5ZmFiMWUwYmQ3MGVhYWQ4ZGE3YzRiMDc1NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBAyP6JQ4k+vDZTmYydn5oelJLr0
mJfCBqbKS7d+wBwXF3HiKPvTxVD4AHDH5f31TLKgDmslr0OvGNm4eHjiwEtP+2Su
+3ztknaa/IoWcu6sIA+oMmtGP7pilmT00C0hfQm5yjyvs3LDlOI0xWJodFSkTQcd
PvgArDHQ4t6i0hdEisNgHUdvRrmMJ907mIfxdsgcqr0ozncwp7seCd4l293SNoKd
W0nI0BiKwEH5ycSQ90BtYcfBHz+6Nd+JVvs2t/gWK0sUxiBRs1z2NeRb9FPzjVHH
lGiCzlQV0hbcJhmhP7kCeErbVb40VWEw0Y3c/w2e+D/1qQRsZVTIKE+SowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+iI3QZ0p+rHgvXDqrY2nxLB1XrMB8GA1UdIwQY
MBaAFE5t9oONAzgBQet+TuVdwF2HBh3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2Qt
MzE4MzYyMDA0ZThhLzEvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2QtMzE4MzYyMDA0ZThh
LzEvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjuQTDUNm
ewYfojOBY821vJuWwo2Zm8VU/HBpKgMKXhiM0Ud0P+mTZ3O+eqXRf79gsLJRQmvW
agJiMBI/37Mn/iUW+VemVluB7sS0hsu3k7dwdx6vrlaSY4M2MGJJzLrkJSlfJdXV
WTHzYhGb0wouPNRycqIBrCa10c+brkZ2mqSzkOAxvPm8SkQF4OVaomDklEeDAn+m
DyF0Suk3hTPUkJv0aIO4DZjrIeomGnFXQ7moE6yZMVdorEUq4w4MnFu2xAot2WSt
AW3MqtLAfMbNiZBknVm0ykOdyyRHIQnx9MKeSuHxEdHXJl5ugDF8h3uHzXZcLR6N
ETVXbjtquO7HKQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:45 2025 by rpki-client