Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a831c0-457c-4ba8-bec7-e251109bfd19/1/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.mft
File: TaNxHcXeRfL1tHkBZZ6VbZOCcv4.mft (raw, json)
Hash identifier: cr0HWpQIazX3TlF3MC6qVHcF9Ai+B9A4b8ESXDXISYQ=
Subject key identifier: AF:DE:CE:21:2A:93:1D:0A:AE:B0:CA:F6:83:00:4F:BF:26:78:AD:1E
Authority key identifier: 4D:A3:71:1D:C5:DE:45:F2:F5:B4:79:01:65:9E:95:6D:93:82:72:FE
Certificate issuer: /CN=4da3711dc5de45f2f5b47901659e956d938272fe
Certificate serial: 019A299E2344369C798C8018AC744273401C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/a831c0-457c-4ba8-bec7-e251109bfd19/1/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.mft
Manifest number: 16FA
Signing time: Tue 28 Oct 2025 07:00:20 +0000
Manifest this update: Tue 28 Oct 2025 07:00:20 +0000
Manifest next update: Wed 29 Oct 2025 07:00:20 +0000
Files and hashes: 1: 7YKaewqyZbI9lVFIivFUL2FPVzU.roa (hash: wf42n7crwFg9XaXHUPxEE3NTHiwbzXO1xRDVNEMLG6A=)
2: TaNxHcXeRfL1tHkBZZ6VbZOCcv4.crl (hash: UWM37aP16qrbcahOF+InvPdbBJD1aA4pyYil1eal0eE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/a831c0-457c-4ba8-bec7-e251109bfd19/1/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/a831c0-457c-4ba8-bec7-e251109bfd19/1/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:9e:23:44:36:9c:79:8c:80:18:ac:74:42:73:40:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da3711dc5de45f2f5b47901659e956d938272fe
Validity
Not Before: Oct 28 07:00:20 2025 GMT
Not After : Oct 29 07:00:20 2025 GMT
Subject: CN=afdece212a931d0aaeb0caf683004fbf2678ad1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:18:95:bc:6e:57:b1:b2:2d:b7:95:8e:a3:94:
4f:00:9c:d1:c5:49:91:3a:9b:e8:9a:67:7d:81:d9:
1a:2d:69:9a:c3:17:39:4f:3b:82:50:c0:a0:42:b6:
07:68:da:24:86:c4:7d:ea:7c:2e:df:27:4c:ce:96:
03:91:6a:ce:f7:e3:59:02:48:88:da:5c:81:e4:bf:
1b:65:a1:6c:23:ef:90:a9:95:4b:eb:d9:8b:54:84:
f0:05:43:97:39:2d:a1:16:bb:5f:c8:41:1a:51:66:
7c:93:a6:9a:97:18:a9:8f:e2:a7:9f:30:a6:b1:40:
1e:fd:33:8f:96:f0:ac:54:28:d4:3f:cc:e2:a2:d8:
70:d5:bd:98:5d:d4:63:ee:88:80:c3:57:40:bc:70:
74:4e:6f:fa:2c:47:60:aa:64:ab:fc:c0:87:ae:3d:
9b:7c:4f:be:51:3e:31:c1:fa:ec:7a:7a:05:40:c5:
45:18:74:d5:be:6b:11:45:7d:d4:0c:03:1b:e7:a0:
f0:19:88:36:6d:01:8d:4e:98:44:26:a1:15:a2:e8:
61:3b:13:10:b5:56:32:a9:5a:d1:a7:35:15:ef:1a:
56:f7:98:ae:b8:4e:a7:c8:08:d3:ad:77:0d:9b:9b:
eb:9c:72:98:5f:80:9d:d0:38:12:92:78:0b:f6:ac:
21:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DE:CE:21:2A:93:1D:0A:AE:B0:CA:F6:83:00:4F:BF:26:78:AD:1E
X509v3 Authority Key Identifier:
keyid:4D:A3:71:1D:C5:DE:45:F2:F5:B4:79:01:65:9E:95:6D:93:82:72:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a831c0-457c-4ba8-bec7-e251109bfd19/1/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a831c0-457c-4ba8-bec7-e251109bfd19/1/TaNxHcXeRfL1tHkBZZ6VbZOCcv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:c0:45:2e:74:66:39:cf:12:a3:7b:89:78:9c:b4:9a:af:13:
fd:48:69:ec:81:61:b5:a1:0a:71:4c:ed:ae:2b:9c:fe:86:bf:
26:20:b5:b6:fb:d1:72:d8:57:50:de:fa:19:e5:9c:1a:7e:79:
78:98:f9:f0:8d:c7:9c:76:3d:3f:f0:4a:96:9a:b2:3a:02:cc:
2a:28:ea:05:47:a3:56:af:3b:af:8a:b0:99:b0:48:36:a7:ad:
ee:9a:3b:49:09:95:65:b2:03:47:34:d0:53:d2:7b:62:61:46:
d5:3e:19:87:94:62:49:3b:87:04:1a:e9:40:19:73:99:c7:c3:
4c:c0:e7:7b:12:bc:0d:05:cc:0f:57:72:0b:70:b2:3b:46:61:
43:f1:96:53:66:25:45:70:95:fa:bc:46:b0:68:9e:da:b7:3f:
32:40:c6:15:f9:47:c5:f9:f2:76:cf:9f:85:17:1b:f5:56:57:
70:0b:7c:cc:72:f3:4b:96:0d:bc:d5:fb:11:5b:14:20:9d:3c:
f3:39:c0:18:90:5b:1e:da:d2:7f:bb:45:6a:f6:53:78:1f:3f:
85:2d:86:bc:07:c9:6d:5b:c8:be:a1:e6:bf:8b:e6:c8:5c:f4:
75:c0:31:2a:73:af:03:35:70:3c:25:5d:1e:9d:bf:d5:34:81:
e9:c2:e1:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopniNENpx5jIAYrHRCc0AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTM3MTFkYzVkZTQ1ZjJmNWI0NzkwMTY1OWU5NTZkOTM4
MjcyZmUwHhcNMjUxMDI4MDcwMDIwWhcNMjUxMDI5MDcwMDIwWjAzMTEwLwYDVQQD
EyhhZmRlY2UyMTJhOTMxZDBhYWViMGNhZjY4MzAwNGZiZjI2NzhhZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhiVvG5XsbItt5WOo5RPAJzRxUmR
Opvommd9gdkaLWmawxc5TzuCUMCgQrYHaNokhsR96nwu3ydMzpYDkWrO9+NZAkiI
2lyB5L8bZaFsI++QqZVL69mLVITwBUOXOS2hFrtfyEEaUWZ8k6aalxipj+KnnzCm
sUAe/TOPlvCsVCjUP8ziothw1b2YXdRj7oiAw1dAvHB0Tm/6LEdgqmSr/MCHrj2b
fE++UT4xwfrsenoFQMVFGHTVvmsRRX3UDAMb56DwGYg2bQGNTphEJqEVouhhOxMQ
tVYyqVrRpzUV7xpW95iuuE6nyAjTrXcNm5vrnHKYX4Cd0DgSkngL9qwhjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/eziEqkx0KrrDK9oMAT78meK0eMB8GA1UdIwQY
MBaAFE2jcR3F3kXy9bR5AWWelW2TgnL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFOeEhjWGVSZkwxdEhrQlpaNlZiWk9DY3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hODMxYzAtNDU3Yy00YmE4LWJlYzct
ZTI1MTEwOWJmZDE5LzEvVGFOeEhjWGVSZkwxdEhrQlpaNlZiWk9DY3Y0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hODMxYzAtNDU3Yy00YmE4LWJlYzctZTI1MTEwOWJmZDE5
LzEvVGFOeEhjWGVSZkwxdEhrQlpaNlZiWk9DY3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcBFLnRm
Oc8So3uJeJy0mq8T/Uhp7IFhtaEKcUztriuc/oa/JiC1tvvRcthXUN76GeWcGn55
eJj58I3HnHY9P/BKlpqyOgLMKijqBUejVq87r4qwmbBINqet7po7SQmVZbIDRzTQ
U9J7YmFG1T4Zh5RiSTuHBBrpQBlzmcfDTMDnexK8DQXMD1dyC3CyO0ZhQ/GWU2Yl
RXCV+rxGsGie2rc/MkDGFflHxfnyds+fhRcb9VZXcAt8zHLzS5YNvNX7EVsUIJ08
8znAGJBbHtrSf7tFavZTeB8/hS2GvAfJbVvIvqHmv4vmyFz0dcAxKnOvAzVwPCVd
Hp2/1TSB6cLh8A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 13:17:50 2025 by rpki-client