Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.mft
File: TnzINx7SS6z2esqLkCzucGr8Yks.mft (raw, json)
Hash identifier: H6YbXovGbJhR9ETN/CZlmvzQGOGOXUto8XAbrqY2y/0=
Subject key identifier: B8:FB:D5:2C:AF:21:C9:07:3E:9D:0A:3B:4F:1F:1C:89:12:F6:0D:C4
Authority key identifier: 4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
Certificate issuer: /CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Certificate serial: 019A71EEBF381783D32EF0ACD048C257A216
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 08:01:03 +0000
Manifest this update: Tue 11 Nov 2025 08:01:03 +0000
Manifest next update: Wed 12 Nov 2025 08:01:03 +0000
Files and hashes: 1: AFXKRWkq4CEJ7e_q_TT8oCKNDgs.roa (hash: vvcSpEWzby7j1iGxx2OT88XWdiMYKYH4weh98eM4dfY=)
2: TnzINx7SS6z2esqLkCzucGr8Yks.crl (hash: dUfU10F6DgTrFForsGWfo11Kb7sUkqEbVKP92vCTZgc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.mft
rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:bf:38:17:83:d3:2e:f0:ac:d0:48:c2:57:a2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Validity
Not Before: Nov 11 08:01:03 2025 GMT
Not After : Nov 12 08:01:03 2025 GMT
Subject: CN=b8fbd52caf21c9073e9d0a3b4f1f1c8912f60dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:12:81:1a:ac:b3:a0:72:78:97:9e:43:50:41:
5c:0d:70:b9:60:ac:16:8f:25:69:8f:58:80:19:5c:
96:28:db:65:a9:a7:10:2a:85:08:58:da:59:ed:11:
88:f0:07:5d:50:84:d2:99:dc:0e:5a:f2:e8:6f:7b:
ca:de:dd:b2:81:d7:6e:82:8e:7f:fd:ff:b1:47:d1:
e6:f3:00:45:c9:66:15:cd:39:e2:90:28:5a:4e:7d:
d1:43:88:aa:20:8e:d2:1e:37:b2:80:71:26:ce:bd:
24:fb:16:80:e9:b5:80:0c:7d:83:63:53:1b:f0:91:
8e:9b:66:16:dd:e9:00:c5:07:9c:f8:06:b6:31:d8:
4e:fc:70:d3:9c:9e:cf:26:74:c2:03:c0:a8:54:d2:
7a:4f:d7:d3:b0:91:61:9b:56:df:34:f6:98:d1:8e:
0d:ff:98:7d:82:5e:b7:b3:c8:6f:29:df:1c:7f:e6:
c1:97:00:00:bd:a9:01:06:c3:f9:58:7f:fe:c7:82:
1c:43:71:ef:ee:e8:36:12:dc:b2:01:d3:a3:f2:75:
42:d8:75:f4:5c:ff:5d:ed:30:fa:34:ea:ba:4c:86:
f9:08:e9:11:f4:a8:06:dc:3f:df:63:0e:d2:4c:23:
f0:91:c2:25:45:8a:3a:20:cf:3c:3a:27:d2:82:18:
40:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:FB:D5:2C:AF:21:C9:07:3E:9D:0A:3B:4F:1F:1C:89:12:F6:0D:C4
X509v3 Authority Key Identifier:
keyid:4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:69:9d:8b:e9:04:c7:f0:b1:31:9d:e3:58:3f:87:6e:f8:72:
d1:37:54:c3:db:2f:72:8f:5e:e8:89:7b:f5:5d:15:5d:f9:d3:
ce:a0:54:66:b6:29:2b:d7:15:75:6b:a9:39:4a:a5:8c:c2:57:
ad:34:45:d8:10:db:58:fe:f3:f7:61:46:23:8c:f5:e2:ca:80:
62:7c:fa:76:01:17:c3:f6:ff:16:0a:6d:5c:2e:31:59:fb:ed:
b6:19:68:b3:41:cc:67:bd:3c:65:a0:8c:e1:21:7a:40:ed:c4:
76:f2:f0:9d:31:9d:46:c7:37:34:ed:1a:e4:b7:d6:9b:16:bf:
7b:5c:0a:c3:81:11:c2:59:b3:8d:40:66:e5:72:bb:c4:ca:ca:
a3:67:7e:d8:91:1a:f2:10:72:fe:2c:73:82:b2:cc:cb:da:ab:
0a:24:0e:ec:b3:94:f5:09:7e:29:b9:84:6e:e9:76:bd:91:f9:
64:f1:7d:95:fb:75:70:dd:80:76:47:57:7a:da:f9:f9:02:3f:
d1:c6:ac:85:3b:b9:02:a0:0e:87:5c:d8:05:56:f4:c2:b5:f2:
06:c7:79:f2:3f:1d:e8:ae:76:a1:a9:3e:71:3f:1b:6d:0e:02:
df:8e:47:de:f0:a4:e2:b5:17:78:38:36:0c:15:66:e2:3c:45:
07:18:d3:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7r84F4PTLvCs0EjCV6IWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2NjODM3MWVkMjRiYWNmNjdhY2E4YjkwMmNlZTcwNmFm
YzYyNGIwHhcNMjUxMTExMDgwMTAzWhcNMjUxMTEyMDgwMTAzWjAzMTEwLwYDVQQD
EyhiOGZiZDUyY2FmMjFjOTA3M2U5ZDBhM2I0ZjFmMWM4OTEyZjYwZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhKBGqyzoHJ4l55DUEFcDXC5YKwW
jyVpj1iAGVyWKNtlqacQKoUIWNpZ7RGI8AddUITSmdwOWvLob3vK3t2ygddugo5/
/f+xR9Hm8wBFyWYVzTnikChaTn3RQ4iqII7SHjeygHEmzr0k+xaA6bWADH2DY1Mb
8JGOm2YW3ekAxQec+Aa2MdhO/HDTnJ7PJnTCA8CoVNJ6T9fTsJFhm1bfNPaY0Y4N
/5h9gl63s8hvKd8cf+bBlwAAvakBBsP5WH/+x4IcQ3Hv7ug2EtyyAdOj8nVC2HX0
XP9d7TD6NOq6TIb5COkR9KgG3D/fYw7STCPwkcIlRYo6IM88OifSghhA5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLj71SyvIckHPp0KO08fHIkS9g3EMB8GA1UdIwQY
MBaAFE58yDce0kus9nrKi5As7nBq/GJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG56SU54N1NTNnoyZXNxTGtDenVjR3I4WWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wYjRjZGYtYjQ4Ni00YTU4LTgwMGQt
OGVkNWE3OWRlODM1LzEvVG56SU54N1NTNnoyZXNxTGtDenVjR3I4WWtzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wYjRjZGYtYjQ4Ni00YTU4LTgwMGQtOGVkNWE3OWRlODM1
LzEvVG56SU54N1NTNnoyZXNxTGtDenVjR3I4WWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtmmdi+kE
x/CxMZ3jWD+Hbvhy0TdUw9svco9e6Il79V0VXfnTzqBUZrYpK9cVdWupOUqljMJX
rTRF2BDbWP7z92FGI4z14sqAYnz6dgEXw/b/FgptXC4xWfvtthlos0HMZ708ZaCM
4SF6QO3EdvLwnTGdRsc3NO0a5LfWmxa/e1wKw4ERwlmzjUBm5XK7xMrKo2d+2JEa
8hBy/ixzgrLMy9qrCiQO7LOU9Ql+KbmEbul2vZH5ZPF9lft1cN2AdkdXetr5+QI/
0cashTu5AqAOh1zYBVb0wrXyBsd58j8d6K52oak+cT8bbQ4C345H3vCk4rUXeDg2
DBVm4jxFBxjTlA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:34 2025 by rpki-client