Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
File: TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft (raw, json)
Hash identifier: roj2rt00qvrigmi6pLc9VGQXTvPH+GDxd8CdRKa+8IA=
Subject key identifier: 6A:FD:7F:2A:0C:A1:40:C9:58:AB:EA:4F:95:40:57:5C:54:B4:9D:96
Authority key identifier: 4D:F1:81:1F:39:97:B9:50:AC:89:E4:10:EA:3E:F0:18:A6:73:D5:FC
Certificate issuer: /CN=4df1811f3997b950ac89e410ea3ef018a673d5fc
Certificate serial: 019A71B82D9CD18553C568C6DC2DAAE97900
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
Manifest number: 06DE
Signing time: Tue 11 Nov 2025 07:01:26 +0000
Manifest this update: Tue 11 Nov 2025 07:01:26 +0000
Manifest next update: Wed 12 Nov 2025 07:01:26 +0000
Files and hashes: 1: 4m_ZlqWE1YEBP4kWtbELic7ECzg.roa (hash: t8PO7dqvDfBV4dwcfBXHsLynSbU2oXoJqnNbzqZG81g=)
2: TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl (hash: h+/uWgLRWkPBE2zH9J12qzcv8dPju+wzhwOrhj/Wsyc=)
3: risExVobQciJpjckh7R5a6pHayQ.roa (hash: smtSJjRXs0E72dzCfhCCARBzkZPKWKCqhHgp8E/C6HY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:2d:9c:d1:85:53:c5:68:c6:dc:2d:aa:e9:79:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df1811f3997b950ac89e410ea3ef018a673d5fc
Validity
Not Before: Nov 11 07:01:26 2025 GMT
Not After : Nov 12 07:01:26 2025 GMT
Subject: CN=6afd7f2a0ca140c958abea4f9540575c54b49d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:15:d2:6b:0c:16:e1:bf:f2:56:cc:97:b0:8c:
db:f7:f9:81:2f:ed:40:77:79:27:64:25:94:c6:76:
9e:07:1e:1b:fd:58:8c:54:06:62:9d:78:18:53:27:
a4:0f:ff:92:1a:83:51:1a:fb:7d:1e:7e:6f:94:52:
f6:67:7d:da:e2:1c:2d:3f:7e:50:a6:0e:6b:3f:87:
9f:38:37:8a:a5:79:19:78:0a:52:50:43:32:51:4d:
af:6c:5a:0f:64:ca:e1:df:87:c6:92:12:46:92:76:
cd:65:91:97:2e:78:2f:f2:87:b0:12:92:d6:4b:87:
d3:b1:33:ce:fa:4a:c3:fc:34:d4:1e:b8:6a:a2:bd:
0a:f4:d5:12:8f:db:12:44:32:fb:0e:c1:f1:7a:f4:
d8:32:e4:a6:0a:b4:30:12:14:7e:ba:20:de:d8:3a:
ab:1f:5d:21:f9:2c:f4:03:89:39:23:8f:a4:b8:2d:
d6:99:00:cb:ab:9e:3b:1b:d9:85:82:39:e3:d1:ea:
d4:39:e4:4e:1a:b0:3e:7a:03:7c:36:cb:d7:ac:31:
1f:e3:dd:96:df:21:05:a7:0d:a1:d2:6c:91:50:b6:
b0:32:fa:69:ab:5e:ae:d9:f1:32:7a:3a:ac:10:c4:
05:15:85:44:6e:1e:fc:a7:68:f4:80:80:04:02:fd:
78:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FD:7F:2A:0C:A1:40:C9:58:AB:EA:4F:95:40:57:5C:54:B4:9D:96
X509v3 Authority Key Identifier:
keyid:4D:F1:81:1F:39:97:B9:50:AC:89:E4:10:EA:3E:F0:18:A6:73:D5:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfGBHzmXuVCsieQQ6j7wGKZz1fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3fe931-7dd6-443b-aade-d9a61937a1e5/1/TfGBHzmXuVCsieQQ6j7wGKZz1fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:79:0c:34:4e:54:93:eb:ec:74:ab:65:9b:84:16:ba:c7:28:
88:e7:42:90:7e:5f:54:c0:af:a7:42:09:42:86:53:aa:03:83:
64:37:67:c6:68:6c:ca:60:ff:14:79:3e:a5:77:9f:5d:25:d9:
35:3e:72:81:75:e4:83:f8:5f:36:57:39:7a:6b:26:93:0e:58:
2e:c8:7e:a9:f5:c3:4d:8c:fc:0e:9e:4a:11:8d:0e:d4:a3:ef:
37:3b:f7:f4:7f:cc:b6:ab:76:37:b5:6e:3c:bb:88:32:28:16:
8b:40:bb:36:63:b8:8d:4d:00:53:93:11:30:b8:79:7c:d9:22:
2a:97:a1:f6:c1:8d:6f:6b:ac:a5:54:16:cb:1c:5b:c9:89:7e:
db:cd:e7:ea:09:9e:32:d8:63:62:75:a1:5a:72:90:46:f8:99:
8c:da:77:6f:66:9d:23:2a:45:87:8f:3a:87:9f:fc:b5:6d:ce:
13:86:90:fe:18:04:38:2b:53:33:48:f8:0d:3d:96:6a:c4:95:
60:25:0c:b9:76:43:1e:9b:e6:cc:30:b3:59:c4:42:30:eb:aa:
e8:c6:52:fc:ec:5e:af:30:77:99:e7:14:70:6f:69:51:81:7e:
24:f6:3c:48:c2:f3:e6:a3:e0:c5:a8:1e:c9:39:69:ea:a1:43:
88:40:6f:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuC2c0YVTxWjG3C2q6XkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjE4MTFmMzk5N2I5NTBhYzg5ZTQxMGVhM2VmMDE4YTY3
M2Q1ZmMwHhcNMjUxMTExMDcwMTI2WhcNMjUxMTEyMDcwMTI2WjAzMTEwLwYDVQQD
Eyg2YWZkN2YyYTBjYTE0MGM5NThhYmVhNGY5NTQwNTc1YzU0YjQ5ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RXSawwW4b/yVsyXsIzb9/mBL+1A
d3knZCWUxnaeBx4b/ViMVAZinXgYUyekD/+SGoNRGvt9Hn5vlFL2Z33a4hwtP35Q
pg5rP4efODeKpXkZeApSUEMyUU2vbFoPZMrh34fGkhJGknbNZZGXLngv8oewEpLW
S4fTsTPO+krD/DTUHrhqor0K9NUSj9sSRDL7DsHxevTYMuSmCrQwEhR+uiDe2Dqr
H10h+Sz0A4k5I4+kuC3WmQDLq547G9mFgjnj0erUOeROGrA+egN8NsvXrDEf492W
3yEFpw2h0myRULawMvppq16u2fEyejqsEMQFFYVEbh78p2j0gIAEAv14TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGr9fyoMoUDJWKvqT5VAV1xUtJ2WMB8GA1UdIwQY
MBaAFE3xgR85l7lQrInkEOo+8Bimc9X8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zZmU5MzEtN2RkNi00NDNiLWFhZGUt
ZDlhNjE5MzdhMWU1LzEvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zZmU5MzEtN2RkNi00NDNiLWFhZGUtZDlhNjE5MzdhMWU1
LzEvVGZHQkh6bVh1VkNzaWVRUTZqN3dHS1p6MWZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb3kMNE5U
k+vsdKtlm4QWuscoiOdCkH5fVMCvp0IJQoZTqgODZDdnxmhsymD/FHk+pXefXSXZ
NT5ygXXkg/hfNlc5emsmkw5YLsh+qfXDTYz8Dp5KEY0O1KPvNzv39H/Mtqt2N7Vu
PLuIMigWi0C7NmO4jU0AU5MRMLh5fNkiKpeh9sGNb2uspVQWyxxbyYl+283n6gme
MthjYnWhWnKQRviZjNp3b2adIypFh486h5/8tW3OE4aQ/hgEOCtTM0j4DT2WasSV
YCUMuXZDHpvmzDCzWcRCMOuq6MZS/OxerzB3mecUcG9pUYF+JPY8SMLz5qPgxage
yTlp6qFDiEBvHA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:49:31 2025 by rpki-client