Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/debc29-5b2b-4bab-b4f7-e1c9198cdd88/1/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.mft
File: _ectQ_TIKxFGc3sRYZcjGDC_ZdY.mft (raw, json)
Hash identifier: f7jPCDt2yRBWiptxt/0tyK5CpLF+Tohd95mEoW03as4=
Subject key identifier: 62:40:B8:7F:6E:18:CD:5C:41:EF:31:85:43:AA:FB:01:56:89:E5:26
Authority key identifier: FD:E7:2D:43:F4:C8:2B:11:46:73:7B:11:61:97:23:18:30:BF:65:D6
Certificate issuer: /CN=fde72d43f4c82b1146737b116197231830bf65d6
Certificate serial: 019A71B831721DCBFDDB0110D2CFB6AD5140
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/debc29-5b2b-4bab-b4f7-e1c9198cdd88/1/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 07:01:27 +0000
Manifest this update: Tue 11 Nov 2025 07:01:27 +0000
Manifest next update: Wed 12 Nov 2025 07:01:27 +0000
Files and hashes: 1: NEbsKu77gYfpibY3_TC8dQH80XA.roa (hash: aeVQJbng3C7RHWncwne+AehQ3FDANQdssqp/Bjc9vag=)
2: _ectQ_TIKxFGc3sRYZcjGDC_ZdY.crl (hash: RA/j+Cxrk78MgKm3xwj0nLS5YaVO5Q089DtGZIbhLh8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/debc29-5b2b-4bab-b4f7-e1c9198cdd88/1/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/debc29-5b2b-4bab-b4f7-e1c9198cdd88/1/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:31:72:1d:cb:fd:db:01:10:d2:cf:b6:ad:51:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde72d43f4c82b1146737b116197231830bf65d6
Validity
Not Before: Nov 11 07:01:27 2025 GMT
Not After : Nov 12 07:01:27 2025 GMT
Subject: CN=6240b87f6e18cd5c41ef318543aafb015689e526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:9a:85:4d:b7:a9:ee:1b:85:f0:79:ee:03:
fc:eb:a6:08:85:79:18:23:60:7c:a6:89:23:07:57:
84:c2:2a:0b:68:9c:5b:a3:e4:3c:df:a8:f2:fa:59:
9d:30:0d:26:f0:72:d7:28:44:10:45:fd:e6:c7:cc:
95:1b:8d:49:a1:97:da:1d:43:8a:e9:fb:1d:3c:f3:
0b:34:13:57:42:13:a0:c7:d8:d7:3f:27:1d:29:4d:
43:fd:37:92:0a:07:0f:e1:5e:c1:78:ef:dd:8b:cc:
41:98:69:fd:38:a0:ed:ff:f5:21:40:ef:23:95:19:
94:51:f3:c5:82:40:a0:81:66:da:01:39:60:d3:65:
93:86:84:81:84:2d:2b:be:d2:52:d0:08:03:4a:0d:
3d:6b:80:cb:02:7a:04:77:64:23:3f:08:f7:19:e7:
4e:81:7e:ff:fb:90:9f:70:92:fe:d0:7f:c9:77:ce:
3e:b2:bc:15:6b:30:de:5d:42:be:84:d3:3f:b6:bc:
72:4c:e5:32:1a:26:14:3b:a5:5f:32:77:0a:5c:46:
e3:cc:0d:91:08:6d:78:fb:0c:19:46:43:ae:1b:f4:
c3:97:75:93:62:0a:fd:a8:7a:b1:75:6a:4a:75:be:
43:e5:45:36:53:d9:a1:17:4d:5f:85:09:36:e7:56:
99:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:40:B8:7F:6E:18:CD:5C:41:EF:31:85:43:AA:FB:01:56:89:E5:26
X509v3 Authority Key Identifier:
keyid:FD:E7:2D:43:F4:C8:2B:11:46:73:7B:11:61:97:23:18:30:BF:65:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/debc29-5b2b-4bab-b4f7-e1c9198cdd88/1/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/debc29-5b2b-4bab-b4f7-e1c9198cdd88/1/_ectQ_TIKxFGc3sRYZcjGDC_ZdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:b8:53:66:75:84:54:66:e6:15:46:87:a2:a9:95:18:6e:0d:
75:72:94:cb:a2:37:c1:c9:c5:14:a0:3e:61:44:da:c5:38:82:
c0:73:99:79:d9:b2:6b:7c:77:88:2f:b4:8c:e6:b2:b4:a3:d5:
e6:25:73:56:35:60:f3:51:a6:45:c6:37:ee:c2:dc:49:0f:82:
2d:85:76:86:c4:02:79:f2:08:06:1e:f8:1e:26:d2:55:b5:d2:
4f:ac:7a:a6:bf:b4:7e:64:9d:66:58:19:13:94:72:e3:e8:85:
5c:c7:01:38:7a:33:ff:b8:cd:6e:fe:fa:3e:1f:89:62:9b:b1:
3e:36:8f:d4:7a:06:2a:e5:d3:18:96:ff:3f:fa:16:65:ac:4c:
31:33:da:d7:e4:9b:94:4c:fd:b0:eb:09:73:37:39:53:05:a7:
80:17:52:2d:12:fe:86:6d:10:a1:08:e5:c6:0f:ea:73:0a:20:
73:63:bc:ba:8a:a1:2b:93:16:0a:9d:51:99:64:5f:a6:af:30:
e9:2b:7a:81:4a:16:cd:14:d6:3a:bc:0b:dd:4b:0e:ad:e0:34:
d5:be:21:28:2b:d7:67:4a:72:e8:26:ff:21:bd:ad:bb:26:fe:
7b:57:a9:1b:0e:22:2b:b8:e0:8a:d4:99:cd:1d:1e:b0:b0:5a:
ac:d8:01:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDFyHcv92wEQ0s+2rVFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZTcyZDQzZjRjODJiMTE0NjczN2IxMTYxOTcyMzE4MzBi
ZjY1ZDYwHhcNMjUxMTExMDcwMTI3WhcNMjUxMTEyMDcwMTI3WjAzMTEwLwYDVQQD
Eyg2MjQwYjg3ZjZlMThjZDVjNDFlZjMxODU0M2FhZmIwMTU2ODllNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt+ahU23qe4bhfB57gP866YIhXkY
I2B8pokjB1eEwioLaJxbo+Q836jy+lmdMA0m8HLXKEQQRf3mx8yVG41JoZfaHUOK
6fsdPPMLNBNXQhOgx9jXPycdKU1D/TeSCgcP4V7BeO/di8xBmGn9OKDt//UhQO8j
lRmUUfPFgkCggWbaATlg02WThoSBhC0rvtJS0AgDSg09a4DLAnoEd2QjPwj3GedO
gX7/+5CfcJL+0H/Jd84+srwVazDeXUK+hNM/trxyTOUyGiYUO6VfMncKXEbjzA2R
CG14+wwZRkOuG/TDl3WTYgr9qHqxdWpKdb5D5UU2U9mhF01fhQk251aZ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJAuH9uGM1cQe8xhUOq+wFWieUmMB8GA1UdIwQY
MBaAFP3nLUP0yCsRRnN7EWGXIxgwv2XWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2VjdFFfVElLeEZHYzNzUllaY2pHRENfWmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9kZWJjMjktNWIyYi00YmFiLWI0Zjct
ZTFjOTE5OGNkZDg4LzEvX2VjdFFfVElLeEZHYzNzUllaY2pHRENfWmRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9kZWJjMjktNWIyYi00YmFiLWI0ZjctZTFjOTE5OGNkZDg4
LzEvX2VjdFFfVElLeEZHYzNzUllaY2pHRENfWmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU7hTZnWE
VGbmFUaHoqmVGG4NdXKUy6I3wcnFFKA+YUTaxTiCwHOZedmya3x3iC+0jOaytKPV
5iVzVjVg81GmRcY37sLcSQ+CLYV2hsQCefIIBh74HibSVbXST6x6pr+0fmSdZlgZ
E5Ry4+iFXMcBOHoz/7jNbv76Ph+JYpuxPjaP1HoGKuXTGJb/P/oWZaxMMTPa1+Sb
lEz9sOsJczc5UwWngBdSLRL+hm0QoQjlxg/qcwogc2O8uoqhK5MWCp1RmWRfpq8w
6St6gUoWzRTWOrwL3UsOreA01b4hKCvXZ0py6Cb/Ib2tuyb+e1epGw4iK7jgitSZ
zR0esLBarNgBig==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:34 2025 by rpki-client