Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
File: tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft (raw, json)
Hash identifier: UnPDkNnLHEvMRH5gN1iZh4ceWT8/x8Q2UIQ4JQ3UdYE=
Subject key identifier: 1C:20:F5:37:90:01:92:83:44:CC:1B:1C:46:C2:8A:50:54:33:2B:88
Authority key identifier: B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
Certificate issuer: /CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Certificate serial: 019A7225A2A55E6E0C4B5C676F8F4CBF1EF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 09:01:00 +0000
Manifest this update: Tue 11 Nov 2025 09:01:00 +0000
Manifest next update: Wed 12 Nov 2025 09:01:00 +0000
Files and hashes: 1: A19KF2VhmqgRITxahuDcRts8KJs.roa (hash: YirbVHhxW1CKNUwQAz3dz5QapLv5A3zZT5MHBNEVZ34=)
2: tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl (hash: 0/WXuXmq8wgdwhVltdMxW1rpJwsnupPu9OIBSsXDLgQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:a2:a5:5e:6e:0c:4b:5c:67:6f:8f:4c:bf:1e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Validity
Not Before: Nov 11 09:01:00 2025 GMT
Not After : Nov 12 09:01:00 2025 GMT
Subject: CN=1c20f5379001928344cc1b1c46c28a5054332b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:be:1e:f2:58:b1:bc:11:fc:e7:a6:30:59:35:
3b:a4:00:a4:34:52:2e:95:b5:3f:32:18:bf:2c:95:
eb:0d:5c:8e:44:0b:e1:49:ca:d0:d0:e8:50:50:6d:
f2:c1:54:ec:0d:89:a0:fb:6a:a5:06:f0:57:80:a9:
3e:fa:9b:13:f7:a6:52:f5:22:8f:0a:f4:5d:c1:67:
e7:7f:f3:3f:fa:c2:de:a6:99:6b:52:c9:a2:31:87:
18:60:b2:a1:c3:aa:0d:1b:f9:d5:fd:4e:ce:ec:99:
50:6a:ed:94:51:c0:1b:e2:e8:e2:1d:b5:09:0e:38:
34:51:7c:bb:41:ee:14:9c:13:c2:4e:72:e9:04:45:
4e:93:b7:b6:18:76:5c:9f:4f:09:b7:dc:91:02:1d:
d4:ef:2c:8b:fe:49:15:ee:69:37:e2:5c:54:d8:45:
ef:93:7b:e1:f1:2a:09:ce:db:9f:ad:68:18:48:87:
a4:ad:af:6f:d7:03:57:58:58:4f:80:02:6b:1d:05:
d3:57:64:70:01:52:4b:df:72:4c:48:44:9b:9e:68:
e9:fe:50:c6:a8:05:20:08:06:d7:1a:e5:c9:ac:12:
11:3a:f6:35:b9:ea:09:e7:a8:ef:f8:4c:88:cd:e6:
36:3d:f6:cb:18:db:ed:d4:8c:74:66:1b:52:1f:16:
9d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:20:F5:37:90:01:92:83:44:CC:1B:1C:46:C2:8A:50:54:33:2B:88
X509v3 Authority Key Identifier:
keyid:B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:a6:d1:e3:c0:a0:44:11:89:2a:4f:13:71:1b:44:de:6f:30:
21:e3:c9:d1:03:c0:b4:0e:e6:75:30:0f:56:28:c3:fb:cb:03:
40:ad:ee:20:5b:8f:8c:a2:57:83:7b:c0:6e:84:e6:69:74:e9:
5b:88:74:cd:87:1f:cc:51:fc:c2:b9:b3:55:28:f3:ce:dd:1d:
65:2a:3a:2d:d8:44:3b:64:07:5f:67:ea:54:d9:6b:98:ee:90:
83:7e:1d:ae:b3:ac:bf:04:1e:25:81:c0:ea:8c:2a:a8:c5:1a:
37:ba:05:68:dd:27:d0:8a:fc:50:3c:51:b5:77:c2:c8:2a:15:
32:3c:ed:5e:37:0a:9d:59:66:3c:5b:48:01:69:93:0a:0a:b7:
89:19:08:87:04:f5:5f:c8:6a:23:0a:ea:93:06:90:ad:46:9b:
40:72:7a:97:b4:66:ca:87:4c:7f:26:8c:25:66:e6:bc:35:71:
38:39:3c:4b:4a:7e:5a:9b:f2:66:d9:70:ce:68:75:bd:1a:97:
30:7b:18:ca:a8:92:cf:39:df:6a:59:1a:43:f1:f8:bf:94:0d:
4b:0a:60:bb:d4:30:ea:6b:0d:42:db:86:03:96:75:73:5c:9b:
82:6a:16:38:40:d0:33:f4:2f:ce:30:4f:f8:81:24:7e:c4:5c:
f2:20:c8:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJaKlXm4MS1xnb49Mvx7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZjBmODM4YWZiYzEzMjI2ODA1NDRlZDFjOWM1YTJiMDk5
NjVkOWYwHhcNMjUxMTExMDkwMTAwWhcNMjUxMTEyMDkwMTAwWjAzMTEwLwYDVQQD
EygxYzIwZjUzNzkwMDE5MjgzNDRjYzFiMWM0NmMyOGE1MDU0MzMyYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL4e8lixvBH856YwWTU7pACkNFIu
lbU/Mhi/LJXrDVyORAvhScrQ0OhQUG3ywVTsDYmg+2qlBvBXgKk++psT96ZS9SKP
CvRdwWfnf/M/+sLepplrUsmiMYcYYLKhw6oNG/nV/U7O7JlQau2UUcAb4ujiHbUJ
Djg0UXy7Qe4UnBPCTnLpBEVOk7e2GHZcn08Jt9yRAh3U7yyL/kkV7mk34lxU2EXv
k3vh8SoJztufrWgYSIekra9v1wNXWFhPgAJrHQXTV2RwAVJL33JMSESbnmjp/lDG
qAUgCAbXGuXJrBIROvY1ueoJ56jv+EyIzeY2PfbLGNvt1Ix0ZhtSHxadJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwg9TeQAZKDRMwbHEbCilBUMyuIMB8GA1UdIwQY
MBaAFLXw+DivvBMiaAVE7RycWisJll2fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEt
YTUyZGM5YzIyMDdjLzEvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEtYTUyZGM5YzIyMDdj
LzEvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALKbR48Cg
RBGJKk8TcRtE3m8wIePJ0QPAtA7mdTAPVijD+8sDQK3uIFuPjKJXg3vAboTmaXTp
W4h0zYcfzFH8wrmzVSjzzt0dZSo6LdhEO2QHX2fqVNlrmO6Qg34drrOsvwQeJYHA
6owqqMUaN7oFaN0n0Ir8UDxRtXfCyCoVMjztXjcKnVlmPFtIAWmTCgq3iRkIhwT1
X8hqIwrqkwaQrUabQHJ6l7RmyodMfyaMJWbmvDVxODk8S0p+WpvyZtlwzmh1vRqX
MHsYyqiSzznfalkaQ/H4v5QNSwpgu9Qw6msNQtuGA5Z1c1ybgmoWOEDQM/QvzjBP
+IEkfsRc8iDIKA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:33:13 2025 by rpki-client