Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
File: tIENfJv8WLngoeWRacPdMi3p9zc.mft (raw, json)
Hash identifier: f4q2BMYYqGffyq3pBx/bMHhp5mWughCejqEMrHYFYlQ=
Subject key identifier: 5A:3F:4C:B5:0F:0D:C5:33:62:61:8A:5D:D7:4E:68:40:47:57:B4:A1
Authority key identifier: B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37
Certificate issuer: /CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
Certificate serial: 019A7225928DC434D8F1D54759AA5BD8D265
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: jHERjwHQQByovrguIT9kNAenUlw.roa (hash: fC13Nqgu9Ca7tsn1KpGgJ5T6X5W9BeqrdrYm3SZE1Rs=)
2: tIENfJv8WLngoeWRacPdMi3p9zc.crl (hash: IgcS/wumszygxM+iNdLeiLUjFGoKr1iCX+if19PJetA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:92:8d:c4:34:d8:f1:d5:47:59:aa:5b:d8:d2:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=5a3f4cb50f0dc53362618a5dd74e68404757b4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:37:f7:88:17:ec:d8:83:0b:d6:73:1d:df:38:
8b:57:27:69:74:a9:02:20:d4:d2:d6:b2:c7:50:c1:
fd:8a:57:f8:63:94:83:e2:f7:1d:c4:87:1b:95:e9:
e8:b3:71:56:95:33:7c:97:0f:7e:48:64:17:e5:1e:
94:a1:63:6f:f1:42:af:7d:0f:2b:d2:6e:8b:8d:51:
7d:c6:ba:8f:0d:7e:3d:ca:8e:c9:b0:7e:d1:f7:0f:
07:4e:2a:bb:5a:54:e3:9a:db:8c:4c:5b:04:60:b5:
84:42:d7:9c:ee:a6:e5:3c:77:88:9d:6f:a5:95:98:
25:b0:4e:8d:00:24:46:5c:fc:f4:26:e3:88:ee:27:
cf:05:d7:cd:53:60:4a:db:0e:68:53:57:2f:1e:9d:
31:3b:a4:a1:f9:90:46:c4:51:13:b8:ce:2f:d5:8f:
51:f1:45:47:52:c0:ed:08:42:49:83:f2:03:83:9d:
5d:4e:42:df:39:5f:09:33:ad:1e:73:5a:cf:80:02:
84:85:d0:f2:0e:fe:76:52:d1:9f:d4:5a:4c:e5:0c:
18:5f:3f:a8:d3:75:bd:5f:44:8c:86:60:b9:b1:e1:
74:ff:2c:d4:a8:c3:93:a0:77:3c:31:35:e1:58:09:
78:69:b2:1a:4f:fb:9a:b4:c8:0e:b2:60:3e:ab:64:
9b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3F:4C:B5:0F:0D:C5:33:62:61:8A:5D:D7:4E:68:40:47:57:B4:A1
X509v3 Authority Key Identifier:
keyid:B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:c1:40:2a:93:db:12:d1:66:b0:c2:cc:05:c5:7d:33:27:c2:
4b:9c:28:69:f3:36:97:5b:01:86:40:9c:75:76:2e:52:5b:c5:
d4:ee:f8:43:88:51:4f:e6:ad:c3:71:90:dc:04:b5:71:7c:e6:
ef:22:de:d0:55:fd:48:c5:7a:ad:0b:63:90:13:6a:e7:15:1c:
30:a9:0e:44:90:f7:57:ea:d3:08:c3:1b:e3:75:6c:8f:64:b3:
60:4b:8f:f7:df:97:c7:44:22:51:8c:c0:de:69:85:14:a8:fe:
b6:94:96:9c:f5:40:43:e7:d6:34:8a:d6:17:97:e9:28:16:68:
1c:47:79:40:03:8f:9d:d8:4c:6d:66:ed:43:12:ae:53:6d:8c:
00:31:ab:8a:a8:6e:46:9c:c7:ee:2c:68:d3:08:92:26:92:3f:
67:24:3e:80:6d:9d:d1:f2:0c:00:d0:2e:5c:74:7c:d8:9b:6a:
dc:c3:6f:56:d2:72:60:a6:b3:50:73:58:98:51:0d:8f:23:7e:
13:5b:5d:08:bf:49:34:e0:e2:d6:0d:7a:89:6f:df:bc:5a:29:
57:03:d4:17:d7:43:20:68:89:d8:e6:9f:a7:c7:4d:7f:2e:75:
e8:b2:a5:43:3d:83:55:8b:87:d7:3f:7b:f0:78:1b:a5:69:11:
92:61:8c:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZKNxDTY8dVHWapb2NJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODEwZDdjOWJmYzU4YjllMGExZTU5MTY5YzNkZDMyMmRl
OWY3MzcwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
Eyg1YTNmNGNiNTBmMGRjNTMzNjI2MThhNWRkNzRlNjg0MDQ3NTdiNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jf3iBfs2IML1nMd3ziLVydpdKkC
INTS1rLHUMH9ilf4Y5SD4vcdxIcblenos3FWlTN8lw9+SGQX5R6UoWNv8UKvfQ8r
0m6LjVF9xrqPDX49yo7JsH7R9w8HTiq7WlTjmtuMTFsEYLWEQtec7qblPHeInW+l
lZglsE6NACRGXPz0JuOI7ifPBdfNU2BK2w5oU1cvHp0xO6Sh+ZBGxFETuM4v1Y9R
8UVHUsDtCEJJg/IDg51dTkLfOV8JM60ec1rPgAKEhdDyDv52UtGf1FpM5QwYXz+o
03W9X0SMhmC5seF0/yzUqMOToHc8MTXhWAl4abIaT/uatMgOsmA+q2SbGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFo/TLUPDcUzYmGKXddOaEBHV7ShMB8GA1UdIwQY
MBaAFLSBDXyb/Fi54KHlkWnD3TIt6fc3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMt
MmE2MzQwMmJlYzY2LzEvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMtMmE2MzQwMmJlYzY2
LzEvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMFAKpPb
EtFmsMLMBcV9MyfCS5woafM2l1sBhkCcdXYuUlvF1O74Q4hRT+atw3GQ3AS1cXzm
7yLe0FX9SMV6rQtjkBNq5xUcMKkORJD3V+rTCMMb43Vsj2SzYEuP99+Xx0QiUYzA
3mmFFKj+tpSWnPVAQ+fWNIrWF5fpKBZoHEd5QAOPndhMbWbtQxKuU22MADGriqhu
RpzH7ixo0wiSJpI/ZyQ+gG2d0fIMANAuXHR82Jtq3MNvVtJyYKazUHNYmFENjyN+
E1tdCL9JNODi1g16iW/fvFopVwPUF9dDIGiJ2Oafp8dNfy516LKlQz2DVYuH1z97
8HgbpWkRkmGMYA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:56 2025 by rpki-client