Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft
File: tDuXodIfY3tUkTDwhXpoHMf2iEw.mft (raw, json)
Hash identifier: JOyZVQKygFBskUG4V5TR1AticJt29FyvaUJS0fiy/Yk=
Subject key identifier: 5F:0D:97:C2:98:EA:FA:7D:E2:2B:70:F2:C6:C5:B3:83:95:59:37:BB
Authority key identifier: B4:3B:97:A1:D2:1F:63:7B:54:91:30:F0:85:7A:68:1C:C7:F6:88:4C
Certificate issuer: /CN=b43b97a1d21f637b549130f0857a681cc7f6884c
Certificate serial: 019A2A43DB98257FD7D64783C8F31EB697BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft
Manifest number: 16FA
Signing time: Tue 28 Oct 2025 10:01:21 +0000
Manifest this update: Tue 28 Oct 2025 10:01:21 +0000
Manifest next update: Wed 29 Oct 2025 10:01:21 +0000
Files and hashes: 1: 3-CNHKGdJXMpTXntAh-s3qj--cM.roa (hash: 2BpPHYt1k/l10pBcIexz0ktK+xFvs5F87gVofFcEgls=)
2: tDuXodIfY3tUkTDwhXpoHMf2iEw.crl (hash: lpSBWtEBMskjGJXP3cDqFDlP2olmz6ZV03q8s0adMvo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:43:db:98:25:7f:d7:d6:47:83:c8:f3:1e:b6:97:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43b97a1d21f637b549130f0857a681cc7f6884c
Validity
Not Before: Oct 28 10:01:21 2025 GMT
Not After : Oct 29 10:01:21 2025 GMT
Subject: CN=5f0d97c298eafa7de22b70f2c6c5b383955937bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:73:40:e4:5e:cf:30:db:aa:67:b2:e3:89:5b:
45:28:fc:89:a1:28:de:d4:15:3f:4a:7a:3a:a0:79:
64:ed:78:df:21:1e:02:5c:93:c8:9a:76:4a:a5:a2:
ec:1e:a3:5e:df:40:3d:9a:f0:7d:89:e5:13:dc:e9:
f1:79:90:13:e3:91:a8:e4:4f:65:2c:ac:17:f7:13:
92:7f:af:ae:38:43:1f:10:ef:01:d4:af:3b:dc:24:
c4:19:36:ab:ad:21:22:5a:d4:59:6d:a8:19:1b:f7:
88:b5:f2:25:27:1b:a6:8d:7c:be:fb:85:88:7a:f7:
31:15:01:7f:c0:aa:9f:ae:8f:e8:0c:ed:23:d6:37:
f0:d2:bf:ae:bd:de:63:50:55:85:0a:26:51:8b:5d:
e5:9e:5f:d8:4f:14:72:8d:ce:b8:47:c2:71:df:69:
33:04:90:70:a9:7b:8b:ed:2f:14:4b:e4:cc:59:e2:
94:ac:d4:f7:f9:38:40:79:9c:1d:11:02:25:98:98:
f4:6b:37:19:21:14:52:df:c1:29:72:97:98:10:94:
93:8b:ec:83:21:47:30:75:eb:6f:dd:6f:ee:fe:1e:
7e:4b:5b:89:39:ec:8e:0b:71:23:32:5d:c6:8a:97:
f6:5d:6c:b4:88:ae:91:68:9f:17:fd:80:5d:81:ec:
c0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0D:97:C2:98:EA:FA:7D:E2:2B:70:F2:C6:C5:B3:83:95:59:37:BB
X509v3 Authority Key Identifier:
keyid:B4:3B:97:A1:D2:1F:63:7B:54:91:30:F0:85:7A:68:1C:C7:F6:88:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:3f:ce:c5:88:cf:88:4a:7c:49:98:4c:14:41:3e:1d:ef:19:
b7:77:67:16:c5:dc:2f:97:22:a1:02:eb:7a:b1:6e:a4:c3:33:
9e:d5:4b:41:1e:e4:84:fa:88:1a:fa:1a:de:47:ae:c4:0c:8b:
10:e0:00:32:17:ac:9b:11:38:51:d9:54:43:8c:c5:a5:01:27:
c7:f9:77:16:4c:c2:9e:87:db:74:7b:ee:1f:ce:6f:ac:02:fc:
00:cc:72:e1:31:1b:d2:1c:4b:10:57:90:eb:82:8a:69:10:79:
de:e3:62:88:f0:89:90:d9:e6:95:f5:7b:6a:17:42:53:dd:35:
82:f2:e0:ed:a6:71:c9:6f:88:41:90:e9:b4:fd:a8:78:b8:09:
29:b9:c8:77:1c:57:b7:aa:bc:3d:5d:11:f0:2a:cb:74:b3:e1:
42:0a:e0:33:bd:8f:37:20:43:c1:c4:7a:88:f8:63:de:f4:bb:
fc:21:97:79:41:17:82:97:90:d8:8c:ef:e0:a2:08:fa:ac:18:
ef:b9:74:46:0f:6d:ee:c4:61:51:d6:4a:3f:b3:3b:46:14:03:
c2:47:2b:f8:7b:2d:50:aa:54:6e:11:f4:54:7c:81:c8:c0:d6:
30:1b:98:d1:5b:6d:cb:26:0e:b1:0f:42:30:20:98:d2:9d:17:
6e:14:14:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqQ9uYJX/X1keDyPMetpe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2I5N2ExZDIxZjYzN2I1NDkxMzBmMDg1N2E2ODFjYzdm
Njg4NGMwHhcNMjUxMDI4MTAwMTIxWhcNMjUxMDI5MTAwMTIxWjAzMTEwLwYDVQQD
Eyg1ZjBkOTdjMjk4ZWFmYTdkZTIyYjcwZjJjNmM1YjM4Mzk1NTkzN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXNA5F7PMNuqZ7LjiVtFKPyJoSje
1BU/Sno6oHlk7XjfIR4CXJPImnZKpaLsHqNe30A9mvB9ieUT3OnxeZAT45Go5E9l
LKwX9xOSf6+uOEMfEO8B1K873CTEGTarrSEiWtRZbagZG/eItfIlJxumjXy++4WI
evcxFQF/wKqfro/oDO0j1jfw0r+uvd5jUFWFCiZRi13lnl/YTxRyjc64R8Jx32kz
BJBwqXuL7S8US+TMWeKUrNT3+ThAeZwdEQIlmJj0azcZIRRS38EpcpeYEJSTi+yD
IUcwdetv3W/u/h5+S1uJOeyOC3EjMl3Gipf2XWy0iK6RaJ8X/YBdgezAWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8Nl8KY6vp94itw8sbFs4OVWTe7MB8GA1UdIwQY
MBaAFLQ7l6HSH2N7VJEw8IV6aBzH9ohMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NDU0YWQtNmNmMy00ZWU1LWE0Yjkt
MDQ2NGU5NDVmMWNjLzEvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81NDU0YWQtNmNmMy00ZWU1LWE0YjktMDQ2NGU5NDVmMWNj
LzEvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFj/OxYjP
iEp8SZhMFEE+He8Zt3dnFsXcL5cioQLrerFupMMzntVLQR7khPqIGvoa3keuxAyL
EOAAMhesmxE4UdlUQ4zFpQEnx/l3FkzCnofbdHvuH85vrAL8AMxy4TEb0hxLEFeQ
64KKaRB53uNiiPCJkNnmlfV7ahdCU901gvLg7aZxyW+IQZDptP2oeLgJKbnIdxxX
t6q8PV0R8CrLdLPhQgrgM72PNyBDwcR6iPhj3vS7/CGXeUEXgpeQ2Izv4KII+qwY
77l0Rg9t7sRhUdZKP7M7RhQDwkcr+HstUKpUbhH0VHyByMDWMBuY0VttyyYOsQ9C
MCCY0p0XbhQUTQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 14:05:44 2025 by rpki-client