Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
File: tDlfbOqaAYpMyEgY5qo1INMiIYs.mft (raw, json)
Hash identifier: izz4r5VDn70GAzTiHHaJnVy/pAqicUWtapm9yAPdikA=
Subject key identifier: 95:68:03:E3:FE:03:0B:96:E3:D4:34:79:74:C5:AB:58:DF:8F:4E:30
Authority key identifier: B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B
Certificate issuer: /CN=b4395f6cea9a018a4cc84818e6aa3520d322218b
Certificate serial: 019921B087759B339326E3099850E85C290D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
Manifest number: 0CF3
Signing time: Sun 07 Sep 2025 01:00:41 +0000
Manifest this update: Sun 07 Sep 2025 01:00:41 +0000
Manifest next update: Mon 08 Sep 2025 01:00:41 +0000
Files and hashes: 1: UoFhfe1D4fv5504pD16hAMtOHqM.roa (hash: f5OjLqYpJfmM6P+Sc+etueFJmxpiBV6zei8gZZWeXpE=)
2: tDlfbOqaAYpMyEgY5qo1INMiIYs.crl (hash: be9zcXuaMhuPSpd3K/+TBl0IK19VLebJtVcphweJckU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:21:b0:87:75:9b:33:93:26:e3:09:98:50:e8:5c:29:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4395f6cea9a018a4cc84818e6aa3520d322218b
Validity
Not Before: Sep 7 01:00:41 2025 GMT
Not After : Sep 8 01:00:41 2025 GMT
Subject: CN=956803e3fe030b96e3d4347974c5ab58df8f4e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:89:65:c3:69:d4:a5:af:78:2e:3f:83:e0:0f:
ad:8e:82:50:a7:c6:dd:17:7d:f4:8a:01:b0:da:5c:
e9:d0:2c:e8:d0:59:fa:e8:5a:35:f5:4f:2c:3c:70:
a4:ec:06:e1:ce:3d:cc:fd:d3:93:69:4d:2e:a9:b7:
d6:9b:5b:a7:41:9a:9a:78:aa:ff:cb:80:ba:a9:c4:
5e:ab:26:26:17:a9:0a:2c:ac:1e:6f:d7:65:7b:78:
c3:f7:37:0e:94:51:1d:25:46:19:4e:bc:51:bd:75:
71:f2:2e:e3:16:8a:33:e8:a2:05:8d:93:83:5c:74:
7f:0b:0a:67:99:77:c7:b4:e5:8d:7c:16:4e:e7:ea:
b3:2b:2a:af:4f:b0:a8:93:90:50:0c:ef:e8:6b:7b:
25:f9:22:c3:9d:d6:04:c8:e9:2b:10:4e:df:a9:d1:
6d:45:e9:73:9c:40:69:9a:d6:74:88:6c:f8:98:cc:
1a:63:ca:d4:f6:cd:8c:d0:bc:06:09:2a:0d:e7:14:
8b:7c:e1:cc:02:fa:d9:b9:56:4c:98:6a:1a:82:25:
19:16:14:75:98:be:a1:dd:b3:5c:94:5e:32:f3:0e:
d7:5e:f9:11:87:06:5b:d7:74:ed:00:80:8d:a6:df:
46:bc:de:45:12:f8:40:29:07:1f:a1:8d:cc:97:71:
b1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:68:03:E3:FE:03:0B:96:E3:D4:34:79:74:C5:AB:58:DF:8F:4E:30
X509v3 Authority Key Identifier:
keyid:B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:bd:57:b0:75:b9:1e:c0:e4:78:41:e1:48:eb:c8:5c:49:15:
71:fa:b7:58:79:ea:4b:1b:b9:42:c6:aa:46:1e:fa:d0:97:a5:
e4:49:08:a1:78:06:85:4d:e5:29:6b:79:e0:de:71:70:02:0e:
16:ed:d7:44:98:10:bb:9f:fe:5b:16:00:8b:34:3a:05:3f:58:
df:ee:42:76:31:e1:2e:38:1a:e5:a5:fe:23:ed:b7:eb:be:b1:
9b:a3:52:5b:40:ca:30:55:2d:9c:65:80:76:9c:8f:16:e6:56:
4a:40:53:8e:61:5e:69:cb:02:1e:57:6d:79:09:3d:8f:e4:2a:
52:7d:45:92:3c:79:77:51:b4:0c:90:21:74:fd:7d:08:4c:7e:
ca:79:26:66:51:1b:ab:14:0d:a6:6d:a6:76:80:f7:6c:0f:3c:
38:00:81:f7:4c:5b:7b:88:5f:8e:09:0a:ab:b6:5a:85:3d:b9:
eb:68:b2:28:8f:8e:d4:7e:f1:54:e0:a1:48:62:46:d6:50:58:
e2:a0:43:ba:85:58:37:43:05:8c:ca:c6:75:16:2a:85:3d:f0:
46:60:62:db:31:b6:76:c8:a2:15:b0:d9:89:55:6e:b7:81:5b:
eb:0c:28:2d:4c:af:39:66:7f:a4:fe:2d:e4:f0:f9:d7:99:d4:
f9:8a:7d:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsId1mzOTJuMJmFDoXCkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Mzk1ZjZjZWE5YTAxOGE0Y2M4NDgxOGU2YWEzNTIwZDMy
MjIxOGIwHhcNMjUwOTA3MDEwMDQxWhcNMjUwOTA4MDEwMDQxWjAzMTEwLwYDVQQD
Eyg5NTY4MDNlM2ZlMDMwYjk2ZTNkNDM0Nzk3NGM1YWI1OGRmOGY0ZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24llw2nUpa94Lj+D4A+tjoJQp8bd
F330igGw2lzp0Czo0Fn66Fo19U8sPHCk7Abhzj3M/dOTaU0uqbfWm1unQZqaeKr/
y4C6qcReqyYmF6kKLKweb9dle3jD9zcOlFEdJUYZTrxRvXVx8i7jFooz6KIFjZOD
XHR/CwpnmXfHtOWNfBZO5+qzKyqvT7Cok5BQDO/oa3sl+SLDndYEyOkrEE7fqdFt
RelznEBpmtZ0iGz4mMwaY8rU9s2M0LwGCSoN5xSLfOHMAvrZuVZMmGoagiUZFhR1
mL6h3bNclF4y8w7XXvkRhwZb13TtAICNpt9GvN5FEvhAKQcfoY3Ml3GxmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVoA+P+AwuW49Q0eXTFq1jfj04wMB8GA1UdIwQY
MBaAFLQ5X2zqmgGKTMhIGOaqNSDTIiGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUt
MzkxZmVjMjY3ZGFlLzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUtMzkxZmVjMjY3ZGFl
LzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK71XsHW5
HsDkeEHhSOvIXEkVcfq3WHnqSxu5QsaqRh760Jel5EkIoXgGhU3lKWt54N5xcAIO
Fu3XRJgQu5/+WxYAizQ6BT9Y3+5CdjHhLjga5aX+I+23676xm6NSW0DKMFUtnGWA
dpyPFuZWSkBTjmFeacsCHldteQk9j+QqUn1Fkjx5d1G0DJAhdP19CEx+ynkmZlEb
qxQNpm2mdoD3bA88OACB90xbe4hfjgkKq7ZahT2562iyKI+O1H7xVOChSGJG1lBY
4qBDuoVYN0MFjMrGdRYqhT3wRmBi2zG2dsiiFbDZiVVut4Fb6wwoLUyvOWZ/pP4t
5PD515nU+Yp9KA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 09:50:46 2025 by rpki-client