Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
File: tDpxymDXTkXSuXSKsQZlKf0BM34.mft (raw, json)
Hash identifier: ZXGHrBAEAcDPjUAwGqpwg1N81CCN4V+sVfsW/nQBtXU=
Subject key identifier: 13:A6:C7:CD:73:0D:C7:56:CF:47:72:F1:61:5C:45:FF:5A:8B:D2:5D
Authority key identifier: B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
Certificate issuer: /CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Certificate serial: 019A71B80E5EBB76955B1758691159EC7E00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:01:18 +0000
Manifest this update: Tue 11 Nov 2025 07:01:18 +0000
Manifest next update: Wed 12 Nov 2025 07:01:18 +0000
Files and hashes: 1: M5_-d1GdbRA2RUGO5npOtRSNEB8.roa (hash: DYZ2j8UdvivRy1b6Q4G0ZdvY6U48+tpNnHP/gql8rCo=)
2: tDpxymDXTkXSuXSKsQZlKf0BM34.crl (hash: OWiAJdEVDnJc5JHO8BTC6uMByTCfIaIUpq5Uj8HuL7A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:0e:5e:bb:76:95:5b:17:58:69:11:59:ec:7e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Validity
Not Before: Nov 11 07:01:18 2025 GMT
Not After : Nov 12 07:01:18 2025 GMT
Subject: CN=13a6c7cd730dc756cf4772f1615c45ff5a8bd25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ce:21:96:57:07:2e:71:5a:19:70:5d:e9:82:
21:4c:7c:86:4e:9d:f7:12:ed:bf:15:eb:52:91:84:
c1:7b:a0:62:44:3e:6f:6a:6e:2e:ac:46:ef:0a:fb:
f1:21:69:1b:1c:e7:92:9b:6d:24:45:f5:79:1e:92:
d7:43:b9:65:0e:14:db:ce:de:32:34:19:1b:7b:78:
24:1a:db:8a:c1:2a:08:c9:f2:5f:ed:4b:a8:13:14:
c2:b6:64:66:33:e4:18:83:d6:57:d6:53:2d:90:c6:
e3:a5:95:3b:f7:72:c4:09:25:d8:4f:0c:c8:97:64:
49:d3:19:d9:88:a3:ed:4f:de:e0:30:69:31:d1:28:
1f:a4:fc:f1:35:49:b6:3b:a2:8e:3e:5c:7a:8b:fb:
f3:39:28:06:d9:7e:e4:21:10:5a:13:58:5f:de:b1:
c3:35:ff:03:7b:27:72:b1:6b:9f:56:41:b2:47:db:
57:05:78:4e:6c:7b:74:06:86:8c:44:31:f0:76:ac:
79:ca:1e:30:9f:f3:11:e8:2d:52:ae:11:d3:c5:14:
2f:25:12:e6:b5:61:7e:75:17:9e:87:06:f6:0a:c6:
52:1c:86:05:ce:b5:1a:53:55:db:8b:16:9a:6a:2a:
e6:45:06:1f:0e:30:df:af:29:c9:95:4d:99:60:f6:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A6:C7:CD:73:0D:C7:56:CF:47:72:F1:61:5C:45:FF:5A:8B:D2:5D
X509v3 Authority Key Identifier:
keyid:B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:09:e5:04:ff:15:1c:17:30:27:64:18:12:e5:e5:bc:00:a3:
ec:ac:da:02:45:29:5f:51:ec:30:73:8a:58:3a:33:d2:00:92:
a5:cf:8f:c2:4e:d4:1e:94:e5:0a:d5:66:9b:dd:01:c2:5d:13:
60:74:6c:26:63:4d:26:06:06:4f:76:67:40:25:b0:26:f2:f9:
7e:a3:75:ee:47:2a:91:0c:12:a8:2f:d9:ff:46:52:c7:b2:76:
14:b0:2a:1f:54:45:fe:da:46:c9:c9:2a:30:3e:3b:d8:26:3f:
50:3d:91:e4:4d:e2:d4:c0:4c:06:2b:4b:70:58:c4:0a:33:12:
05:0f:fd:65:2a:9d:e1:3e:ea:c6:58:b7:5a:55:72:41:33:e1:
17:49:eb:f2:b8:e5:9e:62:74:77:84:9e:ce:11:5b:e1:e3:8c:
8c:61:23:23:80:c7:56:00:86:7f:89:54:41:ee:2b:2c:fc:51:
25:b2:c1:2e:6c:e8:7d:8f:6a:76:0f:a0:93:9a:60:22:67:ab:
d2:7a:ce:91:62:11:3f:1d:1f:00:df:a9:00:80:a6:3a:f0:43:
86:1d:6b:cc:85:ce:04:26:bf:a1:58:18:80:be:03:7e:91:14:
1c:d7:82:9b:78:a2:1c:c3:38:42:69:7c:98:6e:d2:bb:85:ee:
a7:12:61:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuA5eu3aVWxdYaRFZ7H4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2E3MWNhNjBkNzRlNDVkMmI5NzQ4YWIxMDY2NTI5ZmQw
MTMzN2UwHhcNMjUxMTExMDcwMTE4WhcNMjUxMTEyMDcwMTE4WjAzMTEwLwYDVQQD
EygxM2E2YzdjZDczMGRjNzU2Y2Y0NzcyZjE2MTVjNDVmZjVhOGJkMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc4hllcHLnFaGXBd6YIhTHyGTp33
Eu2/FetSkYTBe6BiRD5vam4urEbvCvvxIWkbHOeSm20kRfV5HpLXQ7llDhTbzt4y
NBkbe3gkGtuKwSoIyfJf7UuoExTCtmRmM+QYg9ZX1lMtkMbjpZU793LECSXYTwzI
l2RJ0xnZiKPtT97gMGkx0SgfpPzxNUm2O6KOPlx6i/vzOSgG2X7kIRBaE1hf3rHD
Nf8DeydysWufVkGyR9tXBXhObHt0BoaMRDHwdqx5yh4wn/MR6C1SrhHTxRQvJRLm
tWF+dReehwb2CsZSHIYFzrUaU1XbixaaairmRQYfDjDfrynJlU2ZYPaz+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOmx81zDcdWz0dy8WFcRf9ai9JdMB8GA1UdIwQY
MBaAFLQ6ccpg105F0rl0irEGZSn9ATN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEt
Nzk4YWM0OTI4ZWQ2LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEtNzk4YWM0OTI4ZWQ2
LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASQnlBP8V
HBcwJ2QYEuXlvACj7KzaAkUpX1HsMHOKWDoz0gCSpc+Pwk7UHpTlCtVmm90Bwl0T
YHRsJmNNJgYGT3ZnQCWwJvL5fqN17kcqkQwSqC/Z/0ZSx7J2FLAqH1RF/tpGyckq
MD472CY/UD2R5E3i1MBMBitLcFjECjMSBQ/9ZSqd4T7qxli3WlVyQTPhF0nr8rjl
nmJ0d4SezhFb4eOMjGEjI4DHVgCGf4lUQe4rLPxRJbLBLmzofY9qdg+gk5pgImer
0nrOkWIRPx0fAN+pAICmOvBDhh1rzIXOBCa/oVgYgL4DfpEUHNeCm3iiHMM4Qml8
mG7Su4XupxJhUw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:15 2025 by rpki-client