Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/6c0b54-b06e-4d44-8120-370b8688feaf/1/tUSbCOpqJn33NmpolcfJJMLxkm0.mft
File: tUSbCOpqJn33NmpolcfJJMLxkm0.mft (raw, json)
Hash identifier: fRg3eF/4ir+2kbXA5DCAiXkQqT4V0BevuXOfYJGU21Y=
Subject key identifier: 45:33:95:F7:A1:38:77:A1:79:58:5A:37:BE:CE:7E:C6:D6:6B:DF:5B
Authority key identifier: B5:44:9B:08:EA:6A:26:7D:F7:36:6A:68:95:C7:C9:24:C2:F1:92:6D
Certificate issuer: /CN=b5449b08ea6a267df7366a6895c7c924c2f1926d
Certificate serial: 0199239EDC4712BA3564CB776D145C63021C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUSbCOpqJn33NmpolcfJJMLxkm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/6c0b54-b06e-4d44-8120-370b8688feaf/1/tUSbCOpqJn33NmpolcfJJMLxkm0.mft
Manifest number: 0212
Signing time: Sun 07 Sep 2025 10:00:37 +0000
Manifest this update: Sun 07 Sep 2025 10:00:37 +0000
Manifest next update: Mon 08 Sep 2025 10:00:37 +0000
Files and hashes: 1: 12VZdcmHAZ40OHT9mrIrMjn0594.roa (hash: ET8sgbp54z2ReDcdD/bnaoyAnFdtN16gcR5nsUzXKcM=)
2: tUSbCOpqJn33NmpolcfJJMLxkm0.crl (hash: uLpW7/1H1XkHwyv3K8NI4E73c+wbQw08gSL70ByKftc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/6c0b54-b06e-4d44-8120-370b8688feaf/1/tUSbCOpqJn33NmpolcfJJMLxkm0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/6c0b54-b06e-4d44-8120-370b8688feaf/1/tUSbCOpqJn33NmpolcfJJMLxkm0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tUSbCOpqJn33NmpolcfJJMLxkm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:9e:dc:47:12:ba:35:64:cb:77:6d:14:5c:63:02:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5449b08ea6a267df7366a6895c7c924c2f1926d
Validity
Not Before: Sep 7 10:00:37 2025 GMT
Not After : Sep 8 10:00:37 2025 GMT
Subject: CN=453395f7a13877a179585a37bece7ec6d66bdf5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5f:36:e0:16:fe:2a:84:d6:12:6b:f4:e5:85:
b4:69:70:46:94:37:25:3b:9f:3d:c0:d3:4d:8c:aa:
01:bc:3b:5c:99:20:61:47:dd:e4:a4:3b:ad:51:fd:
9b:75:fd:90:08:86:f1:dc:27:ca:bf:a2:a5:96:e1:
d0:4d:9e:8a:ef:96:1b:b6:79:22:eb:be:73:3e:06:
4e:26:90:9b:1e:ae:04:64:f0:54:d6:c8:90:2e:53:
4f:7b:dc:7c:87:32:d4:a2:f6:8b:47:a5:70:a3:e6:
33:74:d7:ac:8d:5d:4a:32:22:7c:50:d3:26:91:69:
f1:5c:24:d7:ad:4e:0d:89:a9:a8:b6:c0:9d:18:16:
a4:20:a2:63:e0:a7:db:eb:18:73:c5:f1:fc:8e:76:
1c:26:d1:ad:30:c1:b6:7c:5b:46:43:f6:07:26:de:
6e:a0:5f:df:de:be:24:68:10:04:70:8e:07:3a:04:
d0:4d:b4:43:ad:25:4e:27:f5:a3:f7:58:5b:0b:a5:
e3:d9:db:0b:06:8e:4f:4e:e6:93:fc:75:a9:55:06:
f5:89:5c:4f:d3:5b:d3:92:9c:49:3d:80:f0:00:e0:
18:3d:13:fb:6f:bd:8a:97:e2:d2:1d:5c:74:d4:f3:
84:e4:54:86:5f:99:37:52:11:ae:e6:63:c4:28:a2:
eb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:33:95:F7:A1:38:77:A1:79:58:5A:37:BE:CE:7E:C6:D6:6B:DF:5B
X509v3 Authority Key Identifier:
keyid:B5:44:9B:08:EA:6A:26:7D:F7:36:6A:68:95:C7:C9:24:C2:F1:92:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUSbCOpqJn33NmpolcfJJMLxkm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6c0b54-b06e-4d44-8120-370b8688feaf/1/tUSbCOpqJn33NmpolcfJJMLxkm0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6c0b54-b06e-4d44-8120-370b8688feaf/1/tUSbCOpqJn33NmpolcfJJMLxkm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:72:40:8c:ef:57:23:9e:7e:e5:15:69:57:26:7f:d7:10:14:
23:a3:21:c7:9d:de:56:c2:89:57:f8:78:6d:35:a7:f0:09:c1:
97:77:aa:3a:a9:11:57:b8:7c:72:02:9f:b4:53:d8:2d:4a:4b:
00:5a:4e:b4:ef:3f:f2:72:08:a1:e6:fb:54:63:6d:94:28:93:
b4:58:52:7e:3c:49:aa:43:3b:c5:40:6d:f5:0e:07:59:4a:85:
ba:41:2c:db:62:b1:02:be:24:08:eb:ad:ea:ad:18:76:8d:28:
e0:b6:48:7e:d5:67:90:45:7d:e9:bd:7e:c6:f3:bd:a3:30:63:
b6:8b:f8:5a:e2:dd:0d:2c:9a:3f:03:6f:2f:35:98:63:8e:12:
e0:b7:34:3e:c8:d5:b3:3a:85:d6:1c:1d:e6:bd:5b:fa:0e:34:
61:f1:72:3d:5b:39:b9:f0:fe:92:15:47:90:40:02:80:cd:2c:
f1:d1:48:3d:dc:08:52:7a:50:24:53:1e:a8:2d:6e:77:58:2a:
98:ac:85:af:07:85:f8:2f:c6:c9:26:4c:6a:e0:7a:b4:cc:45:
a4:4d:c1:ed:7a:4e:dd:e9:fe:63:b0:db:82:23:03:c1:09:a5:
86:14:08:3c:7a:4f:42:e5:f5:52:05:6a:bc:45:14:2f:76:95:
2d:96:65:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjntxHEro1ZMt3bRRcYwIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDQ5YjA4ZWE2YTI2N2RmNzM2NmE2ODk1YzdjOTI0YzJm
MTkyNmQwHhcNMjUwOTA3MTAwMDM3WhcNMjUwOTA4MTAwMDM3WjAzMTEwLwYDVQQD
Eyg0NTMzOTVmN2ExMzg3N2ExNzk1ODVhMzdiZWNlN2VjNmQ2NmJkZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV824Bb+KoTWEmv05YW0aXBGlDcl
O589wNNNjKoBvDtcmSBhR93kpDutUf2bdf2QCIbx3CfKv6KlluHQTZ6K75Ybtnki
675zPgZOJpCbHq4EZPBU1siQLlNPe9x8hzLUovaLR6Vwo+YzdNesjV1KMiJ8UNMm
kWnxXCTXrU4NiamotsCdGBakIKJj4Kfb6xhzxfH8jnYcJtGtMMG2fFtGQ/YHJt5u
oF/f3r4kaBAEcI4HOgTQTbRDrSVOJ/Wj91hbC6Xj2dsLBo5PTuaT/HWpVQb1iVxP
01vTkpxJPYDwAOAYPRP7b72Kl+LSHVx01POE5FSGX5k3UhGu5mPEKKLrXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUzlfehOHeheVhaN77OfsbWa99bMB8GA1UdIwQY
MBaAFLVEmwjqaiZ99zZqaJXHySTC8ZJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVTYkNPcHFKbjMzTm1wb2xjZkpKTUx4a20wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82YzBiNTQtYjA2ZS00ZDQ0LTgxMjAt
MzcwYjg2ODhmZWFmLzEvdFVTYkNPcHFKbjMzTm1wb2xjZkpKTUx4a20wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82YzBiNTQtYjA2ZS00ZDQ0LTgxMjAtMzcwYjg2ODhmZWFm
LzEvdFVTYkNPcHFKbjMzTm1wb2xjZkpKTUx4a20wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWnJAjO9X
I55+5RVpVyZ/1xAUI6Mhx53eVsKJV/h4bTWn8AnBl3eqOqkRV7h8cgKftFPYLUpL
AFpOtO8/8nIIoeb7VGNtlCiTtFhSfjxJqkM7xUBt9Q4HWUqFukEs22KxAr4kCOut
6q0Ydo0o4LZIftVnkEV96b1+xvO9ozBjtov4WuLdDSyaPwNvLzWYY44S4Lc0PsjV
szqF1hwd5r1b+g40YfFyPVs5ufD+khVHkEACgM0s8dFIPdwIUnpQJFMeqC1ud1gq
mKyFrweF+C/GySZMauB6tMxFpE3B7XpO3en+Y7DbgiMDwQmlhhQIPHpPQuX1UgVq
vEUUL3aVLZZl2g==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:25:03 2025 by rpki-client