Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
File: tMflb0aH6hstd2PQiI0QUCNbV0s.mft (raw, json)
Hash identifier: qx83/zpe16c7S0/3pn+NDAydwVPFw0fpuVw8jn+2zDI=
Subject key identifier: 6C:E2:46:4B:51:9D:C9:60:10:6C:1C:4F:BF:67:94:D5:EA:14:87:C5
Authority key identifier: B4:C7:E5:6F:46:87:EA:1B:2D:77:63:D0:88:8D:10:50:23:5B:57:4B
Certificate issuer: /CN=b4c7e56f4687ea1b2d7763d0888d1050235b574b
Certificate serial: 019A42F06B635CD0F2FE50975D2A09300719
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
Manifest number: 1698
Signing time: Sun 02 Nov 2025 05:00:43 +0000
Manifest this update: Sun 02 Nov 2025 05:00:43 +0000
Manifest next update: Mon 03 Nov 2025 05:00:43 +0000
Files and hashes: 1: fVF1mzV7lYVHRMo8LnZ24vMBIsw.roa (hash: xj9vjyKVHbKjwLJzRwcUb2ujBs2KI8YOtyKmg5bMiko=)
2: tMflb0aH6hstd2PQiI0QUCNbV0s.crl (hash: t16RnKrectxzbC0pVNpZHKyhBzWmIxt1ZxMs5RoVC5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Nov 2025 05:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:42:f0:6b:63:5c:d0:f2:fe:50:97:5d:2a:09:30:07:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4c7e56f4687ea1b2d7763d0888d1050235b574b
Validity
Not Before: Nov 2 05:00:43 2025 GMT
Not After : Nov 3 05:00:43 2025 GMT
Subject: CN=6ce2464b519dc960106c1c4fbf6794d5ea1487c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:76:e3:0b:94:ba:72:68:41:53:5c:48:3f:b9:
56:31:aa:86:3b:f0:54:e6:9d:d3:98:b7:a9:50:ad:
61:58:8b:6d:8e:7d:0a:c9:68:53:7b:f2:b8:b9:8d:
17:2c:c1:d2:b6:1a:bf:fe:8b:95:74:97:84:b1:e3:
6a:b6:9b:a1:06:37:98:e1:9c:08:2d:36:df:7e:4c:
0c:2a:a4:55:99:9a:54:02:95:58:d7:08:e1:f3:f8:
34:52:02:45:77:3c:30:f8:e7:ad:65:7d:ae:49:08:
fe:7f:99:6f:95:27:2f:4a:1d:e0:54:16:19:a1:e4:
91:87:e3:6c:bf:4e:f2:3a:c3:f2:4c:2c:c5:ea:1f:
02:4c:5a:91:8c:5b:53:72:86:4f:55:74:f3:9a:65:
d7:9c:8e:e3:a5:95:d8:67:2b:d8:20:48:12:9a:e4:
0c:c0:9c:fb:66:14:24:a1:da:22:02:a1:e2:a2:fe:
e9:87:14:cc:5a:23:99:a0:73:b5:85:98:31:80:28:
65:2e:fe:cb:68:90:6d:95:7f:fe:38:f1:99:8a:d3:
cf:8f:67:21:f0:f6:1e:7d:0c:a4:fa:e2:d9:3c:52:
82:78:bc:a1:6e:2f:f2:6c:f1:dc:34:3f:da:f7:b9:
02:cc:fd:02:75:f6:bb:8b:83:0e:11:6a:af:e8:f9:
f2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E2:46:4B:51:9D:C9:60:10:6C:1C:4F:BF:67:94:D5:EA:14:87:C5
X509v3 Authority Key Identifier:
keyid:B4:C7:E5:6F:46:87:EA:1B:2D:77:63:D0:88:8D:10:50:23:5B:57:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:eb:29:e9:c0:31:fb:04:e5:c6:60:cd:69:8e:7b:18:6a:50:
bd:07:8d:f3:80:c5:7e:d8:96:0c:b8:79:de:59:bd:dc:c5:3d:
96:d0:5b:a6:7b:b8:2b:26:60:c4:7a:e0:d8:88:8c:ee:60:76:
12:ff:03:ae:14:04:1f:8d:0b:4b:b7:f5:47:c2:87:40:86:cb:
b8:01:39:66:d5:02:bc:ea:fe:54:20:5d:5e:66:38:14:04:12:
b8:49:5e:0c:8f:b8:7c:dd:0a:a8:08:71:ff:ac:9e:3e:ab:09:
e0:a9:8c:7a:15:9a:53:53:81:3f:67:cd:82:e4:b3:cb:c5:c0:
0d:ba:26:58:80:d7:b3:91:40:5b:e2:a9:21:a2:d9:bf:bd:1a:
97:2c:ca:31:f5:13:29:8d:e9:b2:6d:39:61:a3:bf:4f:61:49:
9c:ac:c0:18:d2:b8:03:34:56:99:49:bd:41:8c:df:13:be:e8:
23:6b:2a:69:49:38:72:14:cc:47:72:d3:24:2d:36:1d:15:7f:
06:69:42:fe:50:cd:77:20:f0:7e:f7:14:a1:6e:ce:8d:88:39:
4e:38:66:fa:d5:b5:4a:2f:e7:2f:e1:94:6e:4c:15:4a:af:d8:
d3:57:d9:f9:b5:6e:80:77:fc:c3:39:9e:c2:8c:49:56:30:af:
67:33:1a:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpC8GtjXNDy/lCXXSoJMAcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YzdlNTZmNDY4N2VhMWIyZDc3NjNkMDg4OGQxMDUwMjM1
YjU3NGIwHhcNMjUxMTAyMDUwMDQzWhcNMjUxMTAzMDUwMDQzWjAzMTEwLwYDVQQD
Eyg2Y2UyNDY0YjUxOWRjOTYwMTA2YzFjNGZiZjY3OTRkNWVhMTQ4N2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23bjC5S6cmhBU1xIP7lWMaqGO/BU
5p3TmLepUK1hWIttjn0KyWhTe/K4uY0XLMHSthq//ouVdJeEseNqtpuhBjeY4ZwI
LTbffkwMKqRVmZpUApVY1wjh8/g0UgJFdzww+OetZX2uSQj+f5lvlScvSh3gVBYZ
oeSRh+Nsv07yOsPyTCzF6h8CTFqRjFtTcoZPVXTzmmXXnI7jpZXYZyvYIEgSmuQM
wJz7ZhQkodoiAqHiov7phxTMWiOZoHO1hZgxgChlLv7LaJBtlX/+OPGZitPPj2ch
8PYefQyk+uLZPFKCeLyhbi/ybPHcND/a97kCzP0Cdfa7i4MOEWqv6PnybQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGziRktRnclgEGwcT79nlNXqFIfFMB8GA1UdIwQY
MBaAFLTH5W9Gh+obLXdj0IiNEFAjW1dLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84NTE5MDItNTA1MC00NmIyLWI0NTIt
MDU5OWYwYjJiMDlhLzEvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84NTE5MDItNTA1MC00NmIyLWI0NTItMDU5OWYwYjJiMDlh
LzEvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUesp6cAx
+wTlxmDNaY57GGpQvQeN84DFftiWDLh53lm93MU9ltBbpnu4KyZgxHrg2IiM7mB2
Ev8DrhQEH40LS7f1R8KHQIbLuAE5ZtUCvOr+VCBdXmY4FAQSuEleDI+4fN0KqAhx
/6yePqsJ4KmMehWaU1OBP2fNguSzy8XADbomWIDXs5FAW+KpIaLZv70alyzKMfUT
KY3psm05YaO/T2FJnKzAGNK4AzRWmUm9QYzfE77oI2sqaUk4chTMR3LTJC02HRV/
BmlC/lDNdyDwfvcUoW7OjYg5Tjhm+tW1Si/nL+GUbkwVSq/Y01fZ+bVugHf8wzme
woxJVjCvZzMaLg==
-----END CERTIFICATE-----
Generated at Sun Nov 2 13:07:19 2025 by rpki-client