Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft
File: TgfHPboamfW7wV94xjkKqZwmmCQ.mft (raw, json)
Hash identifier: X4bIjWGf9Esj5/MwGEgKiiSu8vdHrNJeF9BBKc59idk=
Subject key identifier: B1:16:A3:C8:83:EE:41:09:7F:88:8D:3E:DE:A2:C0:AF:E9:5E:98:C4
Authority key identifier: 4E:07:C7:3D:BA:1A:99:F5:BB:C1:5F:78:C6:39:0A:A9:9C:26:98:24
Certificate issuer: /CN=4e07c73dba1a99f5bbc15f78c6390aa99c269824
Certificate serial: 019921B274B6BBFBB7AC5F2AB2C73B89327E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TgfHPboamfW7wV94xjkKqZwmmCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft
Manifest number: 1438
Signing time: Sun 07 Sep 2025 01:02:47 +0000
Manifest this update: Sun 07 Sep 2025 01:02:47 +0000
Manifest next update: Mon 08 Sep 2025 01:02:47 +0000
Files and hashes: 1: TgfHPboamfW7wV94xjkKqZwmmCQ.crl (hash: BzlXGlKhsoP/KmXVZjztHWM3MMjs7IC9Mrd7eIhezaI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/TgfHPboamfW7wV94xjkKqZwmmCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:02:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:b2:74:b6:bb:fb:b7:ac:5f:2a:b2:c7:3b:89:32:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e07c73dba1a99f5bbc15f78c6390aa99c269824
Validity
Not Before: Sep 7 01:02:47 2025 GMT
Not After : Sep 8 01:02:47 2025 GMT
Subject: CN=b116a3c883ee41097f888d3edea2c0afe95e98c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:78:f6:d6:a3:55:93:ba:6a:6d:56:c9:cd:
ed:a9:b5:4d:0b:54:4b:e8:80:6d:ce:01:e0:e9:19:
c2:be:60:30:dd:27:04:98:2f:5b:69:c5:fc:4f:84:
cb:bf:01:36:23:92:d8:37:86:f0:0e:0d:6d:4e:3f:
27:9a:e9:37:73:97:f2:44:e8:58:09:be:0b:d5:e4:
65:2a:c5:6a:75:91:dd:97:83:71:3e:7b:47:70:07:
73:f5:8f:96:02:2f:bf:5b:26:f2:e0:5c:94:f2:d0:
d7:b1:c0:a9:e2:dc:63:7f:22:6c:88:db:48:6d:59:
45:b8:d9:19:15:ef:7a:59:ef:b8:fa:08:87:1c:3c:
76:07:13:4d:18:f3:fd:e9:94:af:67:26:b3:90:42:
76:ad:f2:d3:be:30:be:3c:1c:64:bb:2d:0d:14:18:
bb:ff:84:f1:66:18:96:b2:c9:39:5f:65:c9:f9:31:
7d:d6:f3:cc:6c:5f:ad:4b:0f:2a:5e:b9:95:be:e9:
1c:f4:28:38:34:68:66:67:7c:7d:e6:23:b3:92:39:
d1:2d:f3:21:5c:a9:5e:93:3d:13:05:ff:47:61:06:
1a:4a:ff:68:73:38:d1:10:12:2b:8b:b9:a2:58:7a:
9c:72:a5:d7:41:aa:1f:a4:38:cb:06:e2:97:3a:75:
7d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:16:A3:C8:83:EE:41:09:7F:88:8D:3E:DE:A2:C0:AF:E9:5E:98:C4
X509v3 Authority Key Identifier:
keyid:4E:07:C7:3D:BA:1A:99:F5:BB:C1:5F:78:C6:39:0A:A9:9C:26:98:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TgfHPboamfW7wV94xjkKqZwmmCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/1f1e7b-5907-48c1-90fd-5602712baa5b/1/TgfHPboamfW7wV94xjkKqZwmmCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:39:da:87:1d:f2:97:42:1b:02:79:42:6c:34:99:9d:51:8e:
60:3c:ae:1f:21:a2:d8:e6:e1:82:14:43:51:f8:95:b6:be:f0:
78:f4:6b:d9:1d:e1:f2:1d:dc:6e:b0:e6:4e:e0:c3:d6:86:77:
ab:92:9e:87:30:4e:60:bc:d3:5c:0a:fa:ab:df:86:b9:90:b4:
06:15:6f:2c:48:e1:0d:41:32:2a:f0:25:0a:d8:50:df:20:e0:
85:f2:af:a2:dc:1d:11:e0:f9:e5:d2:5e:57:11:4b:f0:e6:ce:
34:7c:e1:b6:0a:f3:5d:16:f9:90:21:c3:75:f6:4e:72:71:7d:
27:b4:8f:e1:ca:05:f2:be:27:a1:ef:d7:42:c3:8c:0b:9d:de:
fa:6c:b4:18:0e:49:3b:87:e0:54:97:95:fe:42:eb:41:61:d0:
18:85:7b:db:b7:0e:48:0f:29:cb:b6:a7:fb:fa:dd:49:08:bf:
bc:6f:a2:98:1b:71:ed:2f:90:9e:7f:25:4a:46:ec:8e:40:61:
b2:d7:43:85:c4:f7:09:df:cf:e5:75:67:8d:db:d8:d3:d5:d7:
98:e7:02:19:e3:9b:1b:38:be:c6:c3:72:01:eb:13:27:11:46:
36:7c:75:50:48:eb:49:32:2c:ed:04:e0:0b:d6:80:c0:3b:85:
2c:e9:f2:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsnS2u/u3rF8qssc7iTJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMDdjNzNkYmExYTk5ZjViYmMxNWY3OGM2MzkwYWE5OWMy
Njk4MjQwHhcNMjUwOTA3MDEwMjQ3WhcNMjUwOTA4MDEwMjQ3WjAzMTEwLwYDVQQD
EyhiMTE2YTNjODgzZWU0MTA5N2Y4ODhkM2VkZWEyYzBhZmU5NWU5OGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF149tajVZO6am1Wyc3tqbVNC1RL
6IBtzgHg6RnCvmAw3ScEmC9bacX8T4TLvwE2I5LYN4bwDg1tTj8nmuk3c5fyROhY
Cb4L1eRlKsVqdZHdl4NxPntHcAdz9Y+WAi+/Wyby4FyU8tDXscCp4txjfyJsiNtI
bVlFuNkZFe96We+4+giHHDx2BxNNGPP96ZSvZyazkEJ2rfLTvjC+PBxkuy0NFBi7
/4TxZhiWssk5X2XJ+TF91vPMbF+tSw8qXrmVvukc9Cg4NGhmZ3x95iOzkjnRLfMh
XKlekz0TBf9HYQYaSv9oczjREBIri7miWHqccqXXQaofpDjLBuKXOnV9hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEWo8iD7kEJf4iNPt6iwK/pXpjEMB8GA1UdIwQY
MBaAFE4Hxz26Gpn1u8FfeMY5CqmcJpgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGdmSFBib2FtZlc3d1Y5NHhqa0txWndtbUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8xZjFlN2ItNTkwNy00OGMxLTkwZmQt
NTYwMjcxMmJhYTViLzEvVGdmSFBib2FtZlc3d1Y5NHhqa0txWndtbUNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8xZjFlN2ItNTkwNy00OGMxLTkwZmQtNTYwMjcxMmJhYTVi
LzEvVGdmSFBib2FtZlc3d1Y5NHhqa0txWndtbUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDnahx3y
l0IbAnlCbDSZnVGOYDyuHyGi2ObhghRDUfiVtr7wePRr2R3h8h3cbrDmTuDD1oZ3
q5KehzBOYLzTXAr6q9+GuZC0BhVvLEjhDUEyKvAlCthQ3yDghfKvotwdEeD55dJe
VxFL8ObONHzhtgrzXRb5kCHDdfZOcnF9J7SP4coF8r4noe/XQsOMC53e+my0GA5J
O4fgVJeV/kLrQWHQGIV727cOSA8py7an+/rdSQi/vG+imBtx7S+Qnn8lSkbsjkBh
stdDhcT3Cd/P5XVnjdvY09XXmOcCGeObGzi+xsNyAesTJxFGNnx1UEjrSTIs7QTg
C9aAwDuFLOnyhQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:09:27 2025 by rpki-client