Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File: tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier: an2Up8mV4YqCxVqbbWa4O8+IFK/1uRQvcV6KRaEBrk0=
Subject key identifier: 80:B1:F5:42:27:32:61:F3:E4:AE:E5:66:2B:BB:6F:BA:98:87:F6:CC
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer: /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial: 019A71B909CE40F4754DDD341A5FBDC9BC2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 07:02:23 +0000
Manifest this update: Tue 11 Nov 2025 07:02:23 +0000
Manifest next update: Wed 12 Nov 2025 07:02:23 +0000
Files and hashes: 1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: 2BAT2VUrEbgvj7M+aRfZAdnRGaUBz7kVA7PWabh7iFU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:09:ce:40:f4:75:4d:dd:34:1a:5f:bd:c9:bc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
Validity
Not Before: Nov 11 07:02:23 2025 GMT
Not After : Nov 12 07:02:23 2025 GMT
Subject: CN=80b1f542273261f3e4aee5662bbb6fba9887f6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:da:49:cf:23:36:96:cf:02:00:36:fa:30:
08:d6:61:f5:65:3f:85:de:73:d8:04:4a:a8:08:25:
f3:b8:55:7e:07:87:71:95:37:01:c3:df:fe:b9:2d:
5b:84:3c:90:4d:e9:09:e3:4d:9d:57:01:2c:5f:5e:
40:fd:44:af:13:24:20:5d:a3:5f:51:53:b0:a1:22:
d3:fe:2f:65:c9:cf:12:64:c4:ac:dc:d5:e0:80:aa:
ef:fe:fb:50:00:55:97:d8:bd:5b:41:18:67:b5:6d:
69:2c:ce:fc:23:79:cb:59:b3:01:0a:f4:02:73:85:
50:9b:b7:07:63:39:d7:4c:d0:82:c9:25:79:63:f5:
cd:ba:b4:3b:b6:d0:04:49:50:05:da:22:19:76:f7:
3e:f7:17:ae:be:c3:bf:30:a2:89:2d:de:b9:c0:d4:
aa:7a:83:0e:a1:73:58:67:a9:5d:a0:67:50:c4:ce:
e0:ab:c7:af:37:ea:3a:30:aa:60:80:9e:4c:e8:0a:
7a:b2:78:64:62:9d:6f:80:ba:f5:21:6e:1f:00:22:
7c:55:b2:e2:56:17:b8:36:fa:d4:97:00:27:1e:0d:
01:e6:ec:e7:56:17:e7:4a:c6:8a:87:1b:3a:96:59:
a1:e4:63:c8:f8:70:1e:6e:81:6d:82:df:bd:20:9f:
f9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B1:F5:42:27:32:61:F3:E4:AE:E5:66:2B:BB:6F:BA:98:87:F6:CC
X509v3 Authority Key Identifier:
keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:5c:a3:ea:b4:12:11:05:1a:e9:ce:8b:ef:bd:64:08:8f:c3:
f2:01:de:f9:4d:6b:c7:3f:f1:10:bb:6d:a7:64:f8:66:74:d5:
da:c9:42:ff:e7:ad:cd:a3:e9:1c:e5:eb:07:10:30:17:81:f8:
38:ad:50:b8:6b:02:80:af:a0:f5:e6:f2:9f:b8:17:1b:d8:9c:
cf:aa:a7:b4:c2:4c:50:6f:cc:ea:ca:8d:32:9d:2e:39:f3:12:
e8:2d:d9:ba:ac:9a:74:60:ce:d6:db:bb:2b:4e:22:9a:b3:b3:
8a:d6:b9:cb:6b:7f:76:07:64:a9:b8:28:48:53:be:5b:15:42:
b4:79:73:20:49:ae:3f:89:34:32:d0:d5:73:d4:e6:49:83:1d:
fa:94:b8:97:9a:03:03:27:f1:73:7f:ff:fe:70:2b:10:76:34:
05:b3:31:1d:0f:52:f3:47:60:12:07:78:22:32:31:4d:78:0e:
c6:87:7b:18:22:09:3d:b6:74:9e:2b:59:e2:8e:c0:94:a6:dd:
86:07:6e:1f:fe:81:c5:c6:29:14:29:5f:46:3f:1a:21:85:a8:
32:75:a2:72:c7:37:2f:a3:c9:d9:66:06:84:3d:da:06:c0:56:
a4:57:c5:7b:60:a0:bd:2f:69:ea:a5:24:c8:6d:7f:12:c2:51:
17:bc:bb:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQnOQPR1Td00Gl+9ybwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjUxMTExMDcwMjIzWhcNMjUxMTEyMDcwMjIzWjAzMTEwLwYDVQQD
Eyg4MGIxZjU0MjI3MzI2MWYzZTRhZWU1NjYyYmJiNmZiYTk4ODdmNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRfaSc8jNpbPAgA2+jAI1mH1ZT+F
3nPYBEqoCCXzuFV+B4dxlTcBw9/+uS1bhDyQTekJ402dVwEsX15A/USvEyQgXaNf
UVOwoSLT/i9lyc8SZMSs3NXggKrv/vtQAFWX2L1bQRhntW1pLM78I3nLWbMBCvQC
c4VQm7cHYznXTNCCySV5Y/XNurQ7ttAESVAF2iIZdvc+9xeuvsO/MKKJLd65wNSq
eoMOoXNYZ6ldoGdQxM7gq8evN+o6MKpggJ5M6Ap6snhkYp1vgLr1IW4fACJ8VbLi
Vhe4NvrUlwAnHg0B5uznVhfnSsaKhxs6llmh5GPI+HAeboFtgt+9IJ/5jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICx9UInMmHz5K7lZiu7b7qYh/bMMB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMFyj6rQS
EQUa6c6L771kCI/D8gHe+U1rxz/xELttp2T4ZnTV2slC/+etzaPpHOXrBxAwF4H4
OK1QuGsCgK+g9ebyn7gXG9icz6qntMJMUG/M6sqNMp0uOfMS6C3ZuqyadGDO1tu7
K04imrOzita5y2t/dgdkqbgoSFO+WxVCtHlzIEmuP4k0MtDVc9TmSYMd+pS4l5oD
Ayfxc3///nArEHY0BbMxHQ9S80dgEgd4IjIxTXgOxod7GCIJPbZ0nitZ4o7AlKbd
hgduH/6BxcYpFClfRj8aIYWoMnWicsc3L6PJ2WYGhD3aBsBWpFfFe2CgvS9p6qUk
yG1/EsJRF7y7GA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:32 2025 by rpki-client