Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
File: TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft (raw, json)
Hash identifier: N99mNxR/t6/uivHwd7heYi/gM6h6ZHIGsTaxQlD8CGA=
Subject key identifier: 4C:31:32:3E:57:12:44:A4:73:76:07:C4:4A:21:21:9D:11:CD:55:12
Authority key identifier: 4D:F1:81:1F:39:97:B9:50:AC:89:E4:10:EA:3E:F0:18:A6:73:D5:FC
Certificate issuer: /CN=4df1811f3997b950ac89e410ea3ef018a673d5fc
Certificate serial: 0199350204A82BC56FC0818BC33AF06FC542
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
Manifest number: 063A
Signing time: Wed 10 Sep 2025 19:02:28 +0000
Manifest this update: Wed 10 Sep 2025 19:02:28 +0000
Manifest next update: Thu 11 Sep 2025 19:02:28 +0000
Files and hashes: 1: 4m_ZlqWE1YEBP4kWtbELic7ECzg.roa (hash: t8PO7dqvDfBV4dwcfBXHsLynSbU2oXoJqnNbzqZG81g=)
2: TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl (hash: wVNO/QQP1+rvN4/Q3D3qcA9BNkkcRGv4+CF+18v1x0M=)
3: risExVobQciJpjckh7R5a6pHayQ.roa (hash: smtSJjRXs0E72dzCfhCCARBzkZPKWKCqhHgp8E/C6HY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 19:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:35:02:04:a8:2b:c5:6f:c0:81:8b:c3:3a:f0:6f:c5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df1811f3997b950ac89e410ea3ef018a673d5fc
Validity
Not Before: Sep 10 19:02:28 2025 GMT
Not After : Sep 11 19:02:28 2025 GMT
Subject: CN=4c31323e571244a4737607c44a21219d11cd5512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c8:db:32:06:1a:8f:47:15:d0:15:5a:ba:fc:
ff:5a:14:9c:ae:bb:74:1a:f2:db:8f:b4:ee:a6:a6:
22:52:fb:25:ef:b6:09:99:5d:54:27:78:e2:c1:9b:
52:7f:54:87:69:d6:13:36:97:9f:df:6b:7b:5e:e3:
6c:c7:31:4f:19:8c:c9:92:89:19:da:c1:69:7c:37:
00:f9:9b:45:16:5d:33:ab:61:49:80:5f:a0:37:a0:
2b:53:df:97:c9:b6:f5:47:65:ac:b7:6b:21:5e:ae:
68:86:5d:18:93:6c:c4:59:1b:86:1f:5f:b0:7c:5a:
00:ac:22:fe:58:33:7d:87:9d:e2:7e:7c:8c:f8:9a:
bf:83:1f:8d:a2:8c:c9:f4:fc:51:c7:4c:e8:5a:7d:
66:3d:6d:3d:e4:a9:73:6f:0f:3c:19:5e:74:cb:bc:
1b:e6:c7:7a:02:7b:b4:8c:94:2f:41:1a:36:63:2c:
df:bf:54:4b:f1:41:36:3f:81:8e:c9:61:fe:50:b3:
0a:33:7d:36:16:de:d7:8a:1b:e2:68:9a:44:79:b3:
cd:7e:f7:3b:f1:78:fb:23:9b:6a:a3:41:04:51:d4:
f6:a1:7e:8d:a4:ab:c8:59:0a:6d:93:07:27:c1:4e:
07:e8:27:f9:90:a2:ef:4d:25:dc:e9:a8:5a:df:8a:
c4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:31:32:3E:57:12:44:A4:73:76:07:C4:4A:21:21:9D:11:CD:55:12
X509v3 Authority Key Identifier:
keyid:4D:F1:81:1F:39:97:B9:50:AC:89:E4:10:EA:3E:F0:18:A6:73:D5:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:63:5b:38:98:0e:6c:b8:be:3e:e5:54:d8:de:c2:8c:b3:12:
66:c1:50:84:2b:38:b8:3e:9c:53:ad:30:31:89:02:71:6d:c9:
98:95:35:18:d4:50:0c:a4:2f:6b:39:4c:70:7f:af:b5:7e:93:
72:c3:be:7e:4a:ff:ba:9b:2a:7d:24:dc:ea:62:66:9e:6b:d5:
dd:f4:3e:01:de:bf:24:00:9f:e7:56:4e:35:03:be:61:98:9f:
d9:1d:13:f1:7c:70:81:7f:d3:75:df:af:29:fe:3f:00:65:81:
2c:ab:33:4d:63:e5:fd:01:ef:0c:a7:e7:93:1e:23:43:6a:a3:
d7:ed:77:8c:7f:9e:77:73:c7:79:84:ee:a7:62:9e:40:58:7a:
60:df:15:c6:f8:9d:90:e6:5c:cf:e2:80:02:6a:c0:c6:72:22:
3a:88:7b:fa:29:fd:29:eb:38:6d:e2:54:c1:fb:75:e7:ea:ed:
2e:f6:3f:17:57:46:61:03:d2:f4:8c:90:e1:93:63:42:da:fd:
98:f8:c3:91:e2:83:42:df:f0:3a:60:be:d0:fd:24:29:86:75:
ad:94:16:b3:8d:1d:6f:b1:ff:06:e0:17:f9:6d:19:16:0f:55:
1a:37:2a:99:f7:c2:92:d5:e4:d5:b4:ff:18:ae:8a:da:e1:f4:
cf:cc:ac:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk1AgSoK8VvwIGLwzrwb8VCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjE4MTFmMzk5N2I5NTBhYzg5ZTQxMGVhM2VmMDE4YTY3
M2Q1ZmMwHhcNMjUwOTEwMTkwMjI4WhcNMjUwOTExMTkwMjI4WjAzMTEwLwYDVQQD
Eyg0YzMxMzIzZTU3MTI0NGE0NzM3NjA3YzQ0YTIxMjE5ZDExY2Q1NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8jbMgYaj0cV0BVauvz/WhScrrt0
GvLbj7TupqYiUvsl77YJmV1UJ3jiwZtSf1SHadYTNpef32t7XuNsxzFPGYzJkokZ
2sFpfDcA+ZtFFl0zq2FJgF+gN6ArU9+Xybb1R2Wst2shXq5ohl0Yk2zEWRuGH1+w
fFoArCL+WDN9h53ifnyM+Jq/gx+NoozJ9PxRx0zoWn1mPW095Klzbw88GV50y7wb
5sd6Anu0jJQvQRo2Yyzfv1RL8UE2P4GOyWH+ULMKM302Ft7XihviaJpEebPNfvc7
8Xj7I5tqo0EEUdT2oX6NpKvIWQptkwcnwU4H6Cf5kKLvTSXc6aha34rEGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwxMj5XEkSkc3YHxEohIZ0RzVUSMB8GA1UdIwQY
MBaAFE3xgR85l7lQrInkEOo+8Bimc9X8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zZmU5MzEtN2RkNi00NDNiLWFhZGUt
ZDlhNjE5MzdhMWU1LzEvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zZmU5MzEtN2RkNi00NDNiLWFhZGUtZDlhNjE5MzdhMWU1
LzEvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXWNbOJgO
bLi+PuVU2N7CjLMSZsFQhCs4uD6cU60wMYkCcW3JmJU1GNRQDKQvazlMcH+vtX6T
csO+fkr/upsqfSTc6mJmnmvV3fQ+Ad6/JACf51ZONQO+YZif2R0T8XxwgX/Tdd+v
Kf4/AGWBLKszTWPl/QHvDKfnkx4jQ2qj1+13jH+ed3PHeYTup2KeQFh6YN8Vxvid
kOZcz+KAAmrAxnIiOoh7+in9Kes4beJUwft15+rtLvY/F1dGYQPS9IyQ4ZNjQtr9
mPjDkeKDQt/wOmC+0P0kKYZ1rZQWs40db7H/BuAX+W0ZFg9VGjcqmffCktXk1bT/
GK6K2uH0z8ysSw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 22:50:35 2025 by rpki-client