Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/t6hswzTG4Oq4PyUr2D7ulWklykA.mft
File: t6hswzTG4Oq4PyUr2D7ulWklykA.mft (raw, json)
Hash identifier: lTSqEWvK+Jh4vNubdttJwfjbfIpjkMIEJZPHUHO1CZE=
Subject key identifier: 3B:9C:3B:EF:4F:DD:D0:8E:04:E8:3E:82:30:34:FE:34:A1:3E:54:59
Authority key identifier: B7:A8:6C:C3:34:C6:E0:EA:B8:3F:25:2B:D8:3E:EE:95:69:25:CA:40
Certificate issuer: /CN=b7a86cc334c6e0eab83f252bd83eee956925ca40
Certificate serial: 019A72266DCCFB99FDF070D877C4453D85D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6hswzTG4Oq4PyUr2D7ulWklykA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/t6hswzTG4Oq4PyUr2D7ulWklykA.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 09:01:52 +0000
Manifest this update: Tue 11 Nov 2025 09:01:52 +0000
Manifest next update: Wed 12 Nov 2025 09:01:52 +0000
Files and hashes: 1: YDZQqJLg6f9-JdbHT4bYmgUJjh0.roa (hash: cInsk0zvLYwt9OlQZPLFwtQxycESn1Vx2ttrJFC0hi8=)
2: t6hswzTG4Oq4PyUr2D7ulWklykA.crl (hash: q2DeKdIU7pjdcVDcwnXBQcoZtmL3q1b7WTcYYodoX/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/t6hswzTG4Oq4PyUr2D7ulWklykA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/t6hswzTG4Oq4PyUr2D7ulWklykA.mft
rsync://rpki.ripe.net/repository/DEFAULT/t6hswzTG4Oq4PyUr2D7ulWklykA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:6d:cc:fb:99:fd:f0:70:d8:77:c4:45:3d:85:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7a86cc334c6e0eab83f252bd83eee956925ca40
Validity
Not Before: Nov 11 09:01:52 2025 GMT
Not After : Nov 12 09:01:52 2025 GMT
Subject: CN=3b9c3bef4fddd08e04e83e823034fe34a13e5459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:da:a9:24:bd:12:a9:c4:89:ff:b1:ef:7f:56:
23:1b:a0:9e:c6:a0:72:2d:03:2d:d8:ab:8c:6b:9b:
39:87:02:fd:9f:64:a1:54:b7:13:b0:f7:49:f7:62:
92:50:fa:9d:e0:3e:c1:e2:7f:8c:b5:1c:b8:a0:76:
07:3b:d2:21:04:2f:ad:d6:c6:d5:a2:a7:ca:f0:db:
8c:8d:27:70:75:14:a8:aa:96:b7:d0:7a:93:5c:c1:
9d:4f:b4:c7:ef:8f:24:e2:92:c8:57:01:c2:33:7c:
12:92:30:2c:25:a1:c4:96:1b:f3:0c:f0:9e:7e:75:
9b:42:d1:48:9e:c9:3a:9d:80:8f:d3:59:a9:be:8a:
97:69:c3:1f:46:7c:3c:c1:07:e6:96:98:96:99:62:
45:11:87:c8:90:0d:c1:e6:0f:d8:c9:72:30:50:67:
3b:89:0e:07:b5:e2:f3:85:68:25:c8:80:34:f8:28:
e6:8a:5d:79:d3:cc:ca:cc:19:7d:3b:17:c3:25:b5:
26:36:51:fb:8f:3c:c8:4b:d0:01:5e:9d:c6:42:0d:
1b:1e:3c:47:12:65:97:12:43:35:14:1d:c0:01:35:
bf:fd:81:65:39:04:1d:07:b5:9e:33:62:1b:2d:c4:
6b:3f:4d:e3:49:ce:29:fa:e7:9a:bf:1a:3a:2c:fc:
9a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9C:3B:EF:4F:DD:D0:8E:04:E8:3E:82:30:34:FE:34:A1:3E:54:59
X509v3 Authority Key Identifier:
keyid:B7:A8:6C:C3:34:C6:E0:EA:B8:3F:25:2B:D8:3E:EE:95:69:25:CA:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6hswzTG4Oq4PyUr2D7ulWklykA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/t6hswzTG4Oq4PyUr2D7ulWklykA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5036be-138b-442e-963f-57cd72957b89/1/t6hswzTG4Oq4PyUr2D7ulWklykA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:45:dd:d5:02:4d:32:30:4f:f6:24:44:1c:3e:31:2e:48:b9:
58:37:c4:c7:18:b4:b4:ca:ed:35:15:bf:37:fa:ec:d8:fc:3a:
66:bc:6b:6b:e4:94:2e:6f:17:45:76:c2:28:b9:ba:0c:c7:cb:
07:e0:48:6c:ca:0a:59:db:79:2d:27:c3:7a:11:4a:6a:f4:44:
4a:06:01:cd:ab:6b:8d:2c:92:e3:f9:e5:97:3e:46:fd:b3:f8:
a3:68:af:f3:7b:a3:28:bc:1b:a0:91:6c:6b:29:c1:80:b6:01:
2a:ef:84:3e:c5:1e:a6:0c:58:12:11:c8:e8:ef:86:ec:b5:f4:
be:22:c8:e8:46:fa:2d:66:94:f6:60:b7:27:36:a4:26:30:74:
d3:c6:48:54:6c:99:20:83:d9:53:de:7c:e0:25:86:f5:a7:ab:
fe:20:71:a8:b7:c6:63:be:f6:cf:72:61:9f:8e:77:66:7a:00:
b1:ce:4d:a9:47:f7:11:e3:dc:f7:1b:3a:35:ff:c9:e9:c5:58:
41:df:2e:db:7b:05:64:ae:1e:a3:ff:dc:e1:b4:1c:db:f4:9c:
c7:ab:da:9f:3a:1b:ad:0f:d2:30:d8:06:01:df:cf:03:6d:fe:
5a:c9:56:fc:e0:70:04:85:d7:f8:8f:01:dc:34:4a:6a:44:50:
77:c1:cd:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJm3M+5n98HDYd8RFPYXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YTg2Y2MzMzRjNmUwZWFiODNmMjUyYmQ4M2VlZTk1Njky
NWNhNDAwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EygzYjljM2JlZjRmZGRkMDhlMDRlODNlODIzMDM0ZmUzNGExM2U1NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9qpJL0SqcSJ/7Hvf1YjG6CexqBy
LQMt2KuMa5s5hwL9n2ShVLcTsPdJ92KSUPqd4D7B4n+MtRy4oHYHO9IhBC+t1sbV
oqfK8NuMjSdwdRSoqpa30HqTXMGdT7TH748k4pLIVwHCM3wSkjAsJaHElhvzDPCe
fnWbQtFInsk6nYCP01mpvoqXacMfRnw8wQfmlpiWmWJFEYfIkA3B5g/YyXIwUGc7
iQ4HteLzhWglyIA0+Cjmil1508zKzBl9OxfDJbUmNlH7jzzIS9ABXp3GQg0bHjxH
EmWXEkM1FB3AATW//YFlOQQdB7WeM2IbLcRrP03jSc4p+ueavxo6LPyasQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDucO+9P3dCOBOg+gjA0/jShPlRZMB8GA1UdIwQY
MBaAFLeobMM0xuDquD8lK9g+7pVpJcpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZoc3d6VEc0T3E0UHlVcjJEN3VsV2tseWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81MDM2YmUtMTM4Yi00NDJlLTk2M2Yt
NTdjZDcyOTU3Yjg5LzEvdDZoc3d6VEc0T3E0UHlVcjJEN3VsV2tseWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81MDM2YmUtMTM4Yi00NDJlLTk2M2YtNTdjZDcyOTU3Yjg5
LzEvdDZoc3d6VEc0T3E0UHlVcjJEN3VsV2tseWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUXd1QJN
MjBP9iREHD4xLki5WDfExxi0tMrtNRW/N/rs2Pw6Zrxra+SULm8XRXbCKLm6DMfL
B+BIbMoKWdt5LSfDehFKavRESgYBzatrjSyS4/nllz5G/bP4o2iv83ujKLwboJFs
aynBgLYBKu+EPsUepgxYEhHI6O+G7LX0viLI6Eb6LWaU9mC3JzakJjB008ZIVGyZ
IIPZU9584CWG9aer/iBxqLfGY772z3Jhn453ZnoAsc5NqUf3EePc9xs6Nf/J6cVY
Qd8u23sFZK4eo//c4bQc2/Scx6vanzobrQ/SMNgGAd/PA23+WslW/OBwBIXX+I8B
3DRKakRQd8HNEA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:25 2025 by rpki-client