Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier: lXE13QEdHUyHhHN2i85oKi940zqqYJCFVqCC42OARck=
Subject key identifier: 8D:FA:A7:CC:82:A3:71:64:9A:3B:F2:31:39:8B:96:D7:58:20:C9:86
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial: 019A4DE201FF7923D1354105B2EF7B2D81ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number: 043D
Signing time: Tue 04 Nov 2025 08:00:48 +0000
Manifest this update: Tue 04 Nov 2025 08:00:48 +0000
Manifest next update: Wed 05 Nov 2025 08:00:48 +0000
Files and hashes: 1: kdQZ4QS0sUqXnywKZ8M79hUmfTA.roa (hash: xGG3G4XfdVhcDuFzw8EOPzLUi5vn/b3D8pkyEY9PSkc=)
2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: BDGBSX6NSqHpQLAhP4Pw4KKPI/akY5eH5sUwLuGVl9o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:01:ff:79:23:d1:35:41:05:b2:ef:7b:2d:81:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Validity
Not Before: Nov 4 08:00:48 2025 GMT
Not After : Nov 5 08:00:48 2025 GMT
Subject: CN=8dfaa7cc82a371649a3bf231398b96d75820c986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:56:f2:92:07:55:e0:a7:a6:c2:b1:47:79:86:
34:c7:6e:72:7d:50:e7:2c:1e:d5:4a:e5:f8:49:6a:
69:e3:31:3f:08:43:92:92:1a:3b:0d:48:12:71:c3:
fd:9c:41:80:fc:f2:65:35:86:2d:a9:ac:8d:40:dc:
24:1e:c5:54:fc:a3:24:fa:b7:2f:ab:6f:a3:c3:35:
81:ee:ec:ad:75:71:cf:13:62:0a:7f:93:a2:64:f3:
73:f6:87:70:14:f8:49:b0:2d:b9:9e:28:8a:c8:e8:
fd:eb:93:e7:d8:70:c5:54:f3:2e:68:20:67:0f:6a:
19:d5:b9:76:0c:ae:83:64:19:cf:c1:14:36:0e:07:
3a:f4:a9:2a:5f:5a:fa:42:1b:81:7b:8c:25:01:ea:
ba:2d:0d:0f:13:a1:ef:75:48:45:e7:7b:89:d1:1e:
80:38:34:51:2c:d8:3e:6c:8b:ef:aa:52:f8:14:c4:
04:f9:b4:c2:9d:b0:9d:0f:5d:1a:89:63:8f:64:38:
f9:41:30:39:21:92:05:97:95:5a:bf:2e:fd:40:f5:
5b:b7:85:33:1e:13:18:a8:78:3f:44:60:1f:61:8a:
74:f6:56:36:54:0a:f2:77:36:24:eb:3a:bb:9e:e8:
f5:69:f1:96:0c:f5:e3:b2:dc:5e:ba:2e:e1:5f:c0:
9f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FA:A7:CC:82:A3:71:64:9A:3B:F2:31:39:8B:96:D7:58:20:C9:86
X509v3 Authority Key Identifier:
keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:e3:4a:ea:d9:ea:57:90:9e:fe:e2:3e:67:c0:46:aa:73:44:
a4:1c:64:5e:ef:ce:9e:c4:ee:2f:41:e8:6d:11:5b:21:d6:7a:
f7:23:fc:67:2d:49:62:ca:51:78:d7:c2:c2:56:99:84:ea:e7:
63:a7:f0:2e:dc:1f:ad:1f:fa:4a:56:85:09:f0:15:c9:c5:9e:
4f:a2:9e:95:8b:61:af:9c:28:16:46:ad:06:16:21:6a:8a:a4:
ae:ac:90:99:90:0c:93:cf:9d:af:5c:76:ae:5b:39:a3:29:61:
6c:5a:fa:54:71:f1:8c:d8:2b:d4:23:e0:cb:5b:77:51:07:8f:
44:1f:f5:e7:49:ba:c8:4a:19:19:76:c8:aa:9d:de:7f:f9:12:
75:53:7e:5c:98:48:1c:66:1a:9a:2d:69:5b:b1:3b:87:2f:16:
6d:50:a4:1c:51:5d:91:7f:57:c6:14:ad:2b:0c:43:cc:a2:54:
e8:24:7e:39:86:a2:1b:99:8b:f1:9e:ae:38:61:85:a7:e0:e6:
18:63:1c:a2:db:ab:6b:1f:f8:89:e8:50:84:7f:e2:e7:6f:d6:
18:58:0a:f3:a1:6c:dc:a2:a9:9c:13:7a:6f:e5:92:4e:48:41:
0e:c3:9f:fe:1c:12:89:62:e9:2f:7c:44:24:7c:81:08:47:79:
32:d9:62:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gH/eSPRNUEFsu97LYHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjUxMTA0MDgwMDQ4WhcNMjUxMTA1MDgwMDQ4WjAzMTEwLwYDVQQD
Eyg4ZGZhYTdjYzgyYTM3MTY0OWEzYmYyMzEzOThiOTZkNzU4MjBjOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FbykgdV4KemwrFHeYY0x25yfVDn
LB7VSuX4SWpp4zE/CEOSkho7DUgSccP9nEGA/PJlNYYtqayNQNwkHsVU/KMk+rcv
q2+jwzWB7uytdXHPE2IKf5OiZPNz9odwFPhJsC25niiKyOj965Pn2HDFVPMuaCBn
D2oZ1bl2DK6DZBnPwRQ2Dgc69KkqX1r6QhuBe4wlAeq6LQ0PE6HvdUhF53uJ0R6A
ODRRLNg+bIvvqlL4FMQE+bTCnbCdD10aiWOPZDj5QTA5IZIFl5Vavy79QPVbt4Uz
HhMYqHg/RGAfYYp09lY2VArydzYk6zq7nuj1afGWDPXjstxeui7hX8CfLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI36p8yCo3FkmjvyMTmLltdYIMmGMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJONK6tnq
V5Ce/uI+Z8BGqnNEpBxkXu/OnsTuL0HobRFbIdZ69yP8Zy1JYspReNfCwlaZhOrn
Y6fwLtwfrR/6SlaFCfAVycWeT6KelYthr5woFkatBhYhaoqkrqyQmZAMk8+dr1x2
rls5oylhbFr6VHHxjNgr1CPgy1t3UQePRB/150m6yEoZGXbIqp3ef/kSdVN+XJhI
HGYami1pW7E7hy8WbVCkHFFdkX9XxhStKwxDzKJU6CR+OYaiG5mL8Z6uOGGFp+Dm
GGMcoturax/4iehQhH/i52/WGFgK86Fs3KKpnBN6b+WSTkhBDsOf/hwSiWLpL3xE
JHyBCEd5MtlifA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:25:55 2025 by rpki-client