Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.mft
File: tF9VYNefBKktehUPPtjaQwir6jM.mft (raw, json)
Hash identifier: K1eunN+c0valYAF4CheyrUFWbuilJVbaEHXtxJCeJU8=
Subject key identifier: 3A:9F:10:15:94:45:0C:06:1D:54:1D:D9:DE:2F:AD:36:89:75:BD:D3
Authority key identifier: B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
Certificate issuer: /CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Certificate serial: 019A71EECF1F8B96CFB78244BA012E5FA4BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.mft
Manifest number: 12A7
Signing time: Tue 11 Nov 2025 08:01:07 +0000
Manifest this update: Tue 11 Nov 2025 08:01:07 +0000
Manifest next update: Wed 12 Nov 2025 08:01:07 +0000
Files and hashes: 1: rFHksT2fJAQ7epdh-sMDgGR2SM4.roa (hash: Z/iFpAzmqAm2KrlQVqRFy4X3KTo7SXYWoBA5a7g2HG4=)
2: tF9VYNefBKktehUPPtjaQwir6jM.crl (hash: l16wdwzZ6asr5LSMk05M1dN1OLOfJZZmjA4ilPiAA6M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.mft
rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:cf:1f:8b:96:cf:b7:82:44:ba:01:2e:5f:a4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Validity
Not Before: Nov 11 08:01:07 2025 GMT
Not After : Nov 12 08:01:07 2025 GMT
Subject: CN=3a9f101594450c061d541dd9de2fad368975bdd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c5:08:36:9f:ea:71:5d:51:9b:67:89:3b:94:
e3:df:97:14:72:09:a5:92:2b:d2:ab:95:76:79:90:
20:a0:c8:6e:31:8f:d4:04:75:f8:24:b1:ad:5a:c2:
55:5d:70:61:e1:63:a4:34:44:e7:f6:b0:85:f2:da:
19:9b:0a:b4:c9:e9:5a:53:53:be:5e:8a:ed:42:c4:
dd:04:19:51:2b:93:29:e5:f7:11:aa:2b:b2:ab:85:
68:74:69:56:b4:e2:80:2a:4a:a8:c6:90:9a:55:75:
91:38:a5:61:f1:50:35:34:5e:26:8a:28:57:fa:66:
5e:ca:1c:9e:ef:04:1c:fa:ed:7c:08:28:d0:7b:78:
12:0c:61:5d:74:46:8c:f8:e3:59:06:4d:c3:50:cf:
e9:b0:9e:ae:3c:90:8c:7a:66:41:f9:31:2b:69:9b:
c9:80:7e:29:98:67:ff:4c:45:a0:24:bd:f6:f1:42:
05:73:a8:fd:84:3d:51:a3:b8:d5:4d:71:68:59:46:
49:7e:a9:f0:04:d1:d8:30:04:46:63:35:54:e4:5c:
9f:ae:35:97:58:2f:85:c1:01:e4:0e:08:bc:2a:05:
a7:39:03:cd:76:b6:40:f5:87:8a:d1:e0:b6:77:65:
12:f4:64:6d:db:d2:42:c3:41:4e:d6:44:2e:2c:a5:
5f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9F:10:15:94:45:0C:06:1D:54:1D:D9:DE:2F:AD:36:89:75:BD:D3
X509v3 Authority Key Identifier:
keyid:B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:c5:be:25:46:cd:75:a3:ef:fc:62:59:7d:49:cf:d8:2d:7f:
45:09:27:f8:4f:f3:5c:a8:80:cb:54:3a:6a:b9:56:25:a8:a8:
cb:7b:9b:0e:a7:b2:fa:32:f3:58:c0:1d:82:bb:50:5f:9d:c4:
32:8a:c9:76:b5:11:2a:3f:2d:5e:c5:9d:1d:a8:e8:66:0a:5d:
2a:51:a1:e7:68:a0:d7:f1:a7:25:7a:f5:1f:67:dc:cc:79:d9:
6e:75:b1:0f:78:9d:44:a5:1d:83:98:b1:56:09:e5:46:38:7d:
66:8f:84:f8:85:41:17:1e:1d:17:48:b9:2b:25:9d:cd:5b:7f:
90:c1:9e:53:26:9c:66:58:29:c2:c6:f2:52:77:d1:cd:ca:0a:
1b:b6:18:94:1d:28:d1:4a:cb:3a:b1:43:10:28:65:2d:1d:2b:
e7:ae:b9:04:1e:10:d1:bf:7a:f2:98:73:b0:dc:b6:b1:e5:b8:
64:93:b5:4e:36:40:d0:d2:f7:64:55:b7:df:92:83:23:e0:d5:
4f:5c:63:10:08:a7:98:0a:9c:96:4e:e9:04:3c:a6:43:9d:bc:
4c:21:ea:1c:2c:66:b9:fb:b9:14:85:82:ef:91:98:e8:89:85:
60:a7:18:9c:a2:a1:24:e6:94:9f:82:59:6a:8c:fc:94:e7:a3:
61:19:da:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7s8fi5bPt4JEugEuX6S6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWY1NTYwZDc5ZjA0YTkyZDdhMTUwZjNlZDhkYTQzMDhh
YmVhMzMwHhcNMjUxMTExMDgwMTA3WhcNMjUxMTEyMDgwMTA3WjAzMTEwLwYDVQQD
EygzYTlmMTAxNTk0NDUwYzA2MWQ1NDFkZDlkZTJmYWQzNjg5NzViZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18UINp/qcV1Rm2eJO5Tj35cUcgml
kivSq5V2eZAgoMhuMY/UBHX4JLGtWsJVXXBh4WOkNETn9rCF8toZmwq0yelaU1O+
XortQsTdBBlRK5Mp5fcRqiuyq4VodGlWtOKAKkqoxpCaVXWROKVh8VA1NF4miihX
+mZeyhye7wQc+u18CCjQe3gSDGFddEaM+ONZBk3DUM/psJ6uPJCMemZB+TEraZvJ
gH4pmGf/TEWgJL328UIFc6j9hD1Ro7jVTXFoWUZJfqnwBNHYMARGYzVU5FyfrjWX
WC+FwQHkDgi8KgWnOQPNdrZA9YeK0eC2d2US9GRt29JCw0FO1kQuLKVfNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqfEBWURQwGHVQd2d4vrTaJdb3TMB8GA1UdIwQY
MBaAFLRfVWDXnwSpLXoVDz7Y2kMIq+ozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2Njkt
YzMyMjI0NzRlZWYxLzEvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2NjktYzMyMjI0NzRlZWYx
LzEvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQsW+JUbN
daPv/GJZfUnP2C1/RQkn+E/zXKiAy1Q6arlWJaioy3ubDqey+jLzWMAdgrtQX53E
MorJdrURKj8tXsWdHajoZgpdKlGh52ig1/GnJXr1H2fczHnZbnWxD3idRKUdg5ix
VgnlRjh9Zo+E+IVBFx4dF0i5KyWdzVt/kMGeUyacZlgpwsbyUnfRzcoKG7YYlB0o
0UrLOrFDEChlLR0r5665BB4Q0b968phzsNy2seW4ZJO1TjZA0NL3ZFW335KDI+DV
T1xjEAinmAqclk7pBDymQ528TCHqHCxmufu5FIWC75GY6ImFYKcYnKKhJOaUn4JZ
aoz8lOejYRnaiQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:18 2025 by rpki-client