Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: X86UOl4Nx6Q+EwrP7F504MSZKa4EaztfKBq0rbEZ3IQ=
Subject key identifier: A9:23:9D:79:56:B0:CC:8D:B0:58:73:85:AE:2A:FA:3D:29:41:F9:1F
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 019A7225D1FFB1B0B3A0404436561505B2CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 07E6
Signing time: Tue 11 Nov 2025 09:01:12 +0000
Manifest this update: Tue 11 Nov 2025 09:01:12 +0000
Manifest next update: Wed 12 Nov 2025 09:01:12 +0000
Files and hashes: 1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: cuUCy/CeD21Q84UZ4ekisA/QNhfv4cntEgrKtkM+Yik=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:d1:ff:b1:b0:b3:a0:40:44:36:56:15:05:b2:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Nov 11 09:01:12 2025 GMT
Not After : Nov 12 09:01:12 2025 GMT
Subject: CN=a9239d7956b0cc8db0587385ae2afa3d2941f91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b9:6a:69:35:04:42:1b:1d:9b:2e:8c:4e:79:
ce:eb:44:c9:93:27:19:77:d7:b0:ad:99:3d:b3:cd:
06:b3:c2:83:d8:c9:23:7f:c0:6c:b3:9a:4a:a7:5c:
c1:82:73:2b:ea:9c:41:99:9f:9f:d7:5c:83:ba:bd:
2f:fe:0c:04:26:c0:c5:35:c4:e5:e2:04:c5:86:7f:
d7:af:cf:2e:d9:30:eb:f3:ca:b0:f9:71:89:78:7d:
70:d4:f7:a0:d8:24:5f:23:55:52:e4:24:a4:a6:f6:
b5:04:5b:4a:68:22:97:99:f1:98:0b:ed:04:16:7e:
45:34:dc:22:52:d5:40:13:48:eb:e0:7b:ba:94:cc:
fd:9c:f5:dd:2c:c9:33:4b:3c:98:56:d3:6b:65:99:
89:62:21:10:9c:e9:aa:99:8d:13:c1:77:40:79:82:
d8:fb:bd:25:dd:a6:27:d1:0d:fc:e6:a4:55:6f:be:
2c:18:b7:d6:9a:81:f3:e6:e0:ed:7e:b1:0c:2d:9c:
aa:2d:fd:5d:bc:db:e9:63:3a:82:ca:7a:35:e0:87:
31:6a:a2:eb:f9:78:2e:9b:99:9e:d3:a9:ca:f7:81:
18:e8:98:85:49:dd:52:64:c1:45:ad:40:05:2e:76:
23:56:25:61:3f:06:11:00:12:37:9f:78:c3:44:8e:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:23:9D:79:56:B0:CC:8D:B0:58:73:85:AE:2A:FA:3D:29:41:F9:1F
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:85:50:9e:30:c7:f7:4d:1d:a4:02:1f:42:13:f7:83:76:41:
b9:77:55:e5:be:92:2d:1d:28:f3:60:4b:26:69:83:04:bf:cd:
ac:bb:5d:8a:13:4e:6f:d2:c9:3c:07:56:a1:86:00:b4:7b:e6:
12:3d:2f:7a:0c:af:72:00:b6:67:76:8c:25:9b:26:05:85:2e:
53:f5:10:da:fd:fe:1c:35:58:d8:d5:60:a2:fd:47:5f:9e:eb:
c7:9f:e2:f7:a8:59:10:c7:ec:74:06:d8:a0:3b:d9:ab:fe:09:
44:0d:cc:e7:5e:f9:04:42:bf:9c:0e:6e:62:eb:8c:ff:28:68:
b0:61:cb:c6:57:ba:22:d3:ec:19:b8:63:1a:45:e8:c1:ae:90:
87:f5:cf:27:62:18:ec:d4:b4:0a:ca:7f:a5:df:cc:80:b3:5a:
47:3b:e2:8d:bc:6b:71:f2:99:36:70:5a:b4:50:1f:36:68:f9:
f5:9a:2f:69:2d:d1:a9:4b:50:b3:ff:53:4e:34:63:50:9c:7c:
98:70:8b:80:ce:87:5f:1f:b3:e5:4b:62:bc:aa:b1:d1:01:17:
a7:e2:d5:b3:11:17:1b:5e:2f:32:3a:08:60:80:10:3a:70:77:
0e:71:50:2b:cf:14:99:0d:fe:05:fb:31:79:16:bc:a8:97:91:
03:a5:4d:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdH/sbCzoEBENlYVBbLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjUxMTExMDkwMTEyWhcNMjUxMTEyMDkwMTEyWjAzMTEwLwYDVQQD
EyhhOTIzOWQ3OTU2YjBjYzhkYjA1ODczODVhZTJhZmEzZDI5NDFmOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwblqaTUEQhsdmy6MTnnO60TJkycZ
d9ewrZk9s80Gs8KD2Mkjf8Bss5pKp1zBgnMr6pxBmZ+f11yDur0v/gwEJsDFNcTl
4gTFhn/Xr88u2TDr88qw+XGJeH1w1Peg2CRfI1VS5CSkpva1BFtKaCKXmfGYC+0E
Fn5FNNwiUtVAE0jr4Hu6lMz9nPXdLMkzSzyYVtNrZZmJYiEQnOmqmY0TwXdAeYLY
+70l3aYn0Q385qRVb74sGLfWmoHz5uDtfrEMLZyqLf1dvNvpYzqCyno14IcxaqLr
+Xgum5me06nK94EY6JiFSd1SZMFFrUAFLnYjViVhPwYRABI3n3jDRI7T0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkjnXlWsMyNsFhzha4q+j0pQfkfMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASYVQnjDH
900dpAIfQhP3g3ZBuXdV5b6SLR0o82BLJmmDBL/NrLtdihNOb9LJPAdWoYYAtHvm
Ej0vegyvcgC2Z3aMJZsmBYUuU/UQ2v3+HDVY2NVgov1HX57rx5/i96hZEMfsdAbY
oDvZq/4JRA3M5175BEK/nA5uYuuM/yhosGHLxle6ItPsGbhjGkXowa6Qh/XPJ2IY
7NS0Csp/pd/MgLNaRzvijbxrcfKZNnBatFAfNmj59ZovaS3RqUtQs/9TTjRjUJx8
mHCLgM6HXx+z5UtivKqx0QEXp+LVsxEXG14vMjoIYIAQOnB3DnFQK88UmQ3+Bfsx
eRa8qJeRA6VNug==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:37:01 2025 by rpki-client