Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.mft
File: tGMgGICYUgw2Ynf3SaT3eh1ERDk.mft (raw, json)
Hash identifier: 1ih5XdXGo0ACHjw9H0EUCWf3RtTKiuHlsITudi2wUfo=
Subject key identifier: 35:41:53:2C:DF:A1:8E:33:80:CD:C0:27:86:B1:93:2F:08:9E:A8:25
Authority key identifier: B4:63:20:18:80:98:52:0C:36:62:77:F7:49:A4:F7:7A:1D:44:44:39
Certificate issuer: /CN=b46320188098520c366277f749a4f77a1d444439
Certificate serial: 019A71B78E82D241BC6551F3BBECD9A9E425
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:00:46 +0000
Manifest this update: Tue 11 Nov 2025 07:00:46 +0000
Manifest next update: Wed 12 Nov 2025 07:00:46 +0000
Files and hashes: 1: 1c-Abo0LxBVDDE4sBrG9JS_ePzI.roa (hash: rxDs0I1CVbIWmreeYb6ePZfwtg9Spev7LU71wCrsp/4=)
2: tGMgGICYUgw2Ynf3SaT3eh1ERDk.crl (hash: xy6+W/RVJfC1jXKhDl+MDYC9Qb4jYsUSMBxiyJs9ZXg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:8e:82:d2:41:bc:65:51:f3:bb:ec:d9:a9:e4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b46320188098520c366277f749a4f77a1d444439
Validity
Not Before: Nov 11 07:00:46 2025 GMT
Not After : Nov 12 07:00:46 2025 GMT
Subject: CN=3541532cdfa18e3380cdc02786b1932f089ea825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ad:25:2f:9b:74:a5:83:9f:f5:bd:1c:20:3b:
2d:6e:97:5e:f3:5f:5d:2d:f0:b8:50:a4:1e:ed:e7:
2d:a3:2b:60:b3:35:24:67:52:fb:dc:29:19:0d:9f:
8d:43:01:d0:e0:82:d1:4c:cf:71:f2:58:7d:5d:59:
f9:56:63:55:91:d3:79:4b:0c:60:4f:cc:1e:23:dc:
10:08:70:6a:c6:e8:f4:b9:de:b1:e2:31:9d:79:4b:
4d:e5:57:68:dd:65:cf:f7:41:28:f4:b6:98:d5:ad:
37:df:7d:de:cb:ec:1e:cb:8e:da:74:c0:5d:9f:0d:
57:d2:03:3d:33:7f:2e:32:00:98:3f:07:08:8b:75:
70:09:1c:08:c3:e1:90:38:92:0b:4a:4a:37:68:ef:
25:77:38:79:a6:a1:5a:a8:d5:f1:22:5b:cc:76:09:
10:90:51:cd:60:ba:f1:30:c0:af:35:ed:b3:d9:6c:
20:63:35:82:cb:85:80:ed:0d:c3:64:1c:1f:bc:f3:
6a:bb:7c:e8:a1:54:6c:1f:7f:e9:b9:90:38:0a:1e:
99:78:d7:b8:ac:d7:23:3f:17:02:ef:d1:57:66:0b:
c4:3f:ac:0b:5a:ae:ab:00:94:14:e6:02:92:df:b5:
1f:a9:60:44:5c:87:3f:18:b2:47:c0:d4:1e:17:b7:
6c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:41:53:2C:DF:A1:8E:33:80:CD:C0:27:86:B1:93:2F:08:9E:A8:25
X509v3 Authority Key Identifier:
keyid:B4:63:20:18:80:98:52:0C:36:62:77:F7:49:A4:F7:7A:1D:44:44:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:2b:6c:e6:b9:eb:74:b6:78:91:47:a1:74:b8:f4:6c:04:46:
73:1b:c8:9c:6b:dd:5b:e6:12:b5:02:f4:df:6c:29:ae:94:60:
59:37:69:ca:0a:ee:12:df:32:67:2a:cc:bb:ae:a8:2f:d1:ae:
d8:87:c4:1f:91:c6:17:32:b0:79:3f:88:56:d9:0c:4f:a8:d0:
8b:db:12:1a:ba:58:86:91:6e:8e:4c:57:fa:50:0e:0e:a1:4b:
5d:d3:17:cb:23:93:89:d3:f7:ee:68:f7:35:13:19:61:e9:0c:
c7:dd:3e:78:2a:0d:2d:eb:da:d2:42:60:7f:54:43:a3:94:95:
cd:73:cb:2f:a8:7c:b9:cd:86:0c:05:5c:45:92:4d:5f:1b:33:
ff:2c:a1:fe:4b:7e:94:01:26:8d:83:64:d9:58:46:3c:11:aa:
1c:09:d8:62:a3:b1:2e:eb:fb:20:b1:2f:ca:6a:ec:77:b6:7f:
eb:7a:a7:ee:a9:9d:3c:04:f7:c2:f1:16:af:2a:d2:09:50:b1:
e3:a4:42:f3:5a:39:23:10:46:cf:7c:9c:43:a0:a3:ac:19:a4:
fb:3f:a7:31:3a:52:a4:64:e9:55:9d:b2:57:c2:80:e1:a7:3f:
e2:3e:ca:11:97:15:c4:3d:e3:71:7f:b9:36:1f:d5:8c:55:e0:
59:45:fe:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt46C0kG8ZVHzu+zZqeQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjMyMDE4ODA5ODUyMGMzNjYyNzdmNzQ5YTRmNzdhMWQ0
NDQ0MzkwHhcNMjUxMTExMDcwMDQ2WhcNMjUxMTEyMDcwMDQ2WjAzMTEwLwYDVQQD
EygzNTQxNTMyY2RmYTE4ZTMzODBjZGMwMjc4NmIxOTMyZjA4OWVhODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq0lL5t0pYOf9b0cIDstbpde819d
LfC4UKQe7ectoytgszUkZ1L73CkZDZ+NQwHQ4ILRTM9x8lh9XVn5VmNVkdN5Swxg
T8weI9wQCHBqxuj0ud6x4jGdeUtN5Vdo3WXP90Eo9LaY1a03333ey+wey47adMBd
nw1X0gM9M38uMgCYPwcIi3VwCRwIw+GQOJILSko3aO8ldzh5pqFaqNXxIlvMdgkQ
kFHNYLrxMMCvNe2z2WwgYzWCy4WA7Q3DZBwfvPNqu3zooVRsH3/puZA4Ch6ZeNe4
rNcjPxcC79FXZgvEP6wLWq6rAJQU5gKS37UfqWBEXIc/GLJHwNQeF7dsrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVBUyzfoY4zgM3AJ4axky8InqglMB8GA1UdIwQY
MBaAFLRjIBiAmFIMNmJ390mk93odREQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdNZ0dJQ1lVZ3cyWW5mM1NhVDNlaDFFUkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC80YWNiODMtZjk0MC00NzY2LWJjYTkt
NjA4ZTdkNzc5YmM3LzEvdEdNZ0dJQ1lVZ3cyWW5mM1NhVDNlaDFFUkRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC80YWNiODMtZjk0MC00NzY2LWJjYTktNjA4ZTdkNzc5YmM3
LzEvdEdNZ0dJQ1lVZ3cyWW5mM1NhVDNlaDFFUkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADCts5rnr
dLZ4kUehdLj0bARGcxvInGvdW+YStQL032wprpRgWTdpygruEt8yZyrMu66oL9Gu
2IfEH5HGFzKweT+IVtkMT6jQi9sSGrpYhpFujkxX+lAODqFLXdMXyyOTidP37mj3
NRMZYekMx90+eCoNLeva0kJgf1RDo5SVzXPLL6h8uc2GDAVcRZJNXxsz/yyh/kt+
lAEmjYNk2VhGPBGqHAnYYqOxLuv7ILEvymrsd7Z/63qn7qmdPAT3wvEWryrSCVCx
46RC81o5IxBGz3ycQ6CjrBmk+z+nMTpSpGTpVZ2yV8KA4ac/4j7KEZcVxD3jcX+5
Nh/VjFXgWUX+pA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:29 2025 by rpki-client