Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
File: Tom7FOgJr_PsljCL2a6GUafndio.mft (raw, json)
Hash identifier: Jqj1UMzKR8jJ+im31XXwpoIRG/0Td1cdFXV6ZfRAyMw=
Subject key identifier: 8B:72:4C:CC:FF:71:EF:97:91:FD:5C:E5:14:03:F6:72:43:69:3E:A3
Authority key identifier: 4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A
Certificate issuer: /CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
Certificate serial: 019A72260F414EE0595BE9B99BF2566CD57F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 09:01:28 +0000
Manifest this update: Tue 11 Nov 2025 09:01:28 +0000
Manifest next update: Wed 12 Nov 2025 09:01:28 +0000
Files and hashes: 1: Tom7FOgJr_PsljCL2a6GUafndio.crl (hash: 0IQSRilR96dhtEGH4uF75fph7cDbfVvZBFPCy6lGjvo=)
2: fxuqWXx_O_zewgAff6HXjyvgKp0.roa (hash: cm4JBhg0Zq8hHGX0z/7BWc/vnIZVK86NCDFtwq+RrhA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:0f:41:4e:e0:59:5b:e9:b9:9b:f2:56:6c:d5:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e89bb14e809aff3ec96308bd9ae8651a7e7762a
Validity
Not Before: Nov 11 09:01:28 2025 GMT
Not After : Nov 12 09:01:28 2025 GMT
Subject: CN=8b724cccff71ef9791fd5ce51403f67243693ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:45:b0:2b:8f:5e:db:82:cd:0a:43:18:8a:39:
32:49:d6:40:be:fb:8f:25:e3:37:df:1f:6f:42:90:
58:ad:78:9a:d7:cf:43:71:5f:3b:bd:1b:5b:2e:77:
e8:e9:f7:f1:04:b6:70:df:40:42:16:4f:e0:56:d1:
c0:c0:dd:14:69:d2:52:85:4b:19:99:27:fd:08:96:
fe:83:28:8e:2e:c1:13:cf:5d:ea:ae:dd:9f:59:8c:
64:0d:e7:35:d1:69:94:74:22:4f:a7:c0:74:e4:4e:
96:3e:87:7e:3a:23:3a:ad:eb:52:bd:f1:7b:e3:47:
81:7b:82:dd:7f:df:9d:44:00:c9:40:41:f3:1d:f0:
58:7a:45:3e:95:4a:92:1e:00:33:1e:51:65:1b:cd:
c9:df:da:6c:0d:92:b3:8b:c1:32:b9:86:9f:71:68:
55:00:05:c3:f9:28:27:27:bf:39:28:1d:99:50:fe:
32:fd:7e:c2:d7:7a:03:bd:be:10:e8:51:bb:2f:59:
d0:17:88:4b:f2:ac:04:d3:8e:15:63:d3:b3:5b:f3:
fc:2e:b9:0e:e4:69:bb:54:42:bf:ce:db:db:75:16:
47:a1:a6:c1:0a:3c:0d:33:a6:90:91:d9:21:dd:2c:
e4:9d:77:de:9d:1b:03:23:cc:10:38:c3:eb:af:de:
bb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:72:4C:CC:FF:71:EF:97:91:FD:5C:E5:14:03:F6:72:43:69:3E:A3
X509v3 Authority Key Identifier:
keyid:4E:89:BB:14:E8:09:AF:F3:EC:96:30:8B:D9:AE:86:51:A7:E7:76:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tom7FOgJr_PsljCL2a6GUafndio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ae3cc8-ce74-4d57-819a-9fa02cc248e5/1/Tom7FOgJr_PsljCL2a6GUafndio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:15:a9:69:01:e7:ed:aa:77:14:2e:23:5e:28:95:41:f4:7e:
f3:21:cc:51:e3:24:4f:40:47:e0:38:38:09:a1:92:f4:0a:56:
c8:a0:da:07:c2:9e:ab:d5:55:35:1c:c8:99:2b:5f:a2:a0:a8:
a8:c2:45:cf:91:4a:22:ef:c0:be:cf:64:0d:68:92:13:15:5f:
29:cd:85:26:58:81:c4:a9:0a:bc:9c:a7:08:e0:61:cf:e8:41:
8f:da:52:ee:59:0d:63:97:ea:83:af:85:aa:65:cb:bc:b2:d7:
65:bb:2b:29:b4:7c:d1:21:44:45:60:10:41:ab:0a:39:5c:64:
01:3d:38:d4:69:d7:a7:e3:ba:b6:b5:06:56:47:34:40:0d:69:
5d:35:0e:a6:89:88:cd:18:d8:be:a3:64:e9:54:f9:4b:af:20:
62:b2:0b:0e:b5:e1:c3:cd:b5:72:31:97:16:13:85:50:03:64:
51:99:a2:49:0d:8d:04:78:c1:c4:a2:a6:0c:7e:f0:8d:53:37:
0b:aa:5c:2b:41:9c:1b:92:55:fe:6b:57:55:59:04:23:49:5d:
de:b9:9a:eb:5e:f3:fb:28:ec:59:a1:34:ad:cf:89:2f:fc:70:
cb:56:a7:ed:96:59:86:69:3d:14:89:35:7b:a3:e8:c7:79:17:
06:15:32:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJg9BTuBZW+m5m/JWbNV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlODliYjE0ZTgwOWFmZjNlYzk2MzA4YmQ5YWU4NjUxYTdl
Nzc2MmEwHhcNMjUxMTExMDkwMTI4WhcNMjUxMTEyMDkwMTI4WjAzMTEwLwYDVQQD
Eyg4YjcyNGNjY2ZmNzFlZjk3OTFmZDVjZTUxNDAzZjY3MjQzNjkzZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kWwK49e24LNCkMYijkySdZAvvuP
JeM33x9vQpBYrXia189DcV87vRtbLnfo6ffxBLZw30BCFk/gVtHAwN0UadJShUsZ
mSf9CJb+gyiOLsETz13qrt2fWYxkDec10WmUdCJPp8B05E6WPod+OiM6retSvfF7
40eBe4Ldf9+dRADJQEHzHfBYekU+lUqSHgAzHlFlG83J39psDZKzi8EyuYafcWhV
AAXD+SgnJ785KB2ZUP4y/X7C13oDvb4Q6FG7L1nQF4hL8qwE044VY9OzW/P8LrkO
5Gm7VEK/ztvbdRZHoabBCjwNM6aQkdkh3SzknXfenRsDI8wQOMPrr967ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItyTMz/ce+Xkf1c5RQD9nJDaT6jMB8GA1UdIwQY
MBaAFE6JuxToCa/z7JYwi9muhlGn53YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEt
OWZhMDJjYzI0OGU1LzEvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZTNjYzgtY2U3NC00ZDU3LTgxOWEtOWZhMDJjYzI0OGU1
LzEvVG9tN0ZPZ0pyX1BzbGpDTDJhNkdVYWZuZGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxWpaQHn
7ap3FC4jXiiVQfR+8yHMUeMkT0BH4Dg4CaGS9ApWyKDaB8Keq9VVNRzImStfoqCo
qMJFz5FKIu/Avs9kDWiSExVfKc2FJliBxKkKvJynCOBhz+hBj9pS7lkNY5fqg6+F
qmXLvLLXZbsrKbR80SFERWAQQasKOVxkAT041GnXp+O6trUGVkc0QA1pXTUOpomI
zRjYvqNk6VT5S68gYrILDrXhw821cjGXFhOFUANkUZmiSQ2NBHjBxKKmDH7wjVM3
C6pcK0GcG5JV/mtXVVkEI0ld3rma617z+yjsWaE0rc+JL/xwy1an7ZZZhmk9FIk1
e6Pox3kXBhUyfg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:01:17 2025 by rpki-client