Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/16d370-f632-4ca1-8b96-1be325f7a2e3/1/TMC300XPrlNH086YtCQbkA5KnvM.mft
File: TMC300XPrlNH086YtCQbkA5KnvM.mft (raw, json)
Hash identifier: iV28Vk65PQbk6kwfcXWRJn0ZM3NgcLgR+g8494am8BE=
Subject key identifier: C6:0D:64:DD:A6:26:E7:00:9F:EC:C4:F7:B9:AB:10:AB:7D:FF:49:7A
Authority key identifier: 4C:C0:B7:D3:45:CF:AE:53:47:D3:CE:98:B4:24:1B:90:0E:4A:9E:F3
Certificate issuer: /CN=4cc0b7d345cfae5347d3ce98b4241b900e4a9ef3
Certificate serial: 019A2C329BB251007565E596F87F95F79106
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TMC300XPrlNH086YtCQbkA5KnvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/16d370-f632-4ca1-8b96-1be325f7a2e3/1/TMC300XPrlNH086YtCQbkA5KnvM.mft
Manifest number: 086E
Signing time: Tue 28 Oct 2025 19:01:45 +0000
Manifest this update: Tue 28 Oct 2025 19:01:45 +0000
Manifest next update: Wed 29 Oct 2025 19:01:45 +0000
Files and hashes: 1: TMC300XPrlNH086YtCQbkA5KnvM.crl (hash: Sot7AGy7IkUsffu877OPFq5NFLQvxfRULPcgkGO2zRI=)
2: Vh_JUxD0F48NbjyYRcDhXuGyEXI.roa (hash: RX3aXV1jt4pV7znP3Nr6a04cOEHqVMLgDW/kqRB9jNI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/16d370-f632-4ca1-8b96-1be325f7a2e3/1/TMC300XPrlNH086YtCQbkA5KnvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/16d370-f632-4ca1-8b96-1be325f7a2e3/1/TMC300XPrlNH086YtCQbkA5KnvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TMC300XPrlNH086YtCQbkA5KnvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:32:9b:b2:51:00:75:65:e5:96:f8:7f:95:f7:91:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cc0b7d345cfae5347d3ce98b4241b900e4a9ef3
Validity
Not Before: Oct 28 19:01:45 2025 GMT
Not After : Oct 29 19:01:45 2025 GMT
Subject: CN=c60d64dda626e7009fecc4f7b9ab10ab7dff497a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:70:1e:79:3c:8f:52:5d:0b:86:d5:ea:01:ad:
e4:c6:f6:36:90:e7:9d:9f:74:8d:3c:b4:9a:bd:9e:
85:f3:65:82:fb:02:f9:79:58:d6:16:b2:38:e3:2c:
5a:95:df:27:d8:7c:11:74:6e:5b:fc:28:7b:44:ac:
65:ff:56:d3:d2:06:d0:38:7d:2e:87:5d:cd:5f:d3:
df:52:a6:ab:91:d1:9e:31:dd:02:08:08:90:ac:fe:
58:93:ab:d0:2e:1e:b7:c2:04:32:69:6c:90:31:02:
ee:8f:fd:0b:da:24:e8:65:00:19:a9:4c:33:e3:bd:
cd:56:c0:ef:9f:24:ee:af:6e:96:2a:a3:89:fa:ba:
1f:13:a7:83:41:ff:a8:93:2d:19:0d:d9:fc:98:51:
f5:de:e2:4b:cc:cd:57:39:2a:61:3f:28:a7:2f:a0:
db:ad:fb:dd:a7:32:6d:56:5d:57:6c:14:32:88:e9:
6b:2b:83:e4:c5:77:1b:c6:67:da:b0:14:31:2f:fd:
e6:aa:fb:45:50:80:47:d3:1a:eb:71:3a:cd:4c:d2:
09:67:19:bf:1f:2b:01:33:34:f3:df:8b:11:60:89:
58:00:aa:b1:01:56:19:38:f0:0a:f8:8f:6b:df:70:
7b:c1:4a:04:5f:cb:5c:4a:00:8c:10:31:2c:8e:20:
99:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:0D:64:DD:A6:26:E7:00:9F:EC:C4:F7:B9:AB:10:AB:7D:FF:49:7A
X509v3 Authority Key Identifier:
keyid:4C:C0:B7:D3:45:CF:AE:53:47:D3:CE:98:B4:24:1B:90:0E:4A:9E:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TMC300XPrlNH086YtCQbkA5KnvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/16d370-f632-4ca1-8b96-1be325f7a2e3/1/TMC300XPrlNH086YtCQbkA5KnvM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/16d370-f632-4ca1-8b96-1be325f7a2e3/1/TMC300XPrlNH086YtCQbkA5KnvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:7b:9c:15:c6:fb:57:cb:82:59:bc:d5:79:9c:6b:84:e3:23:
f8:e9:c2:f5:e2:a3:1d:77:3f:1c:20:28:26:f6:85:7e:3c:cf:
87:4b:af:06:0c:7e:59:1a:a9:dd:14:e2:5a:94:8a:4a:b7:72:
bc:07:4b:5d:9e:47:9a:6f:56:db:bc:91:c9:4c:73:51:91:d1:
b0:ca:4c:4a:19:1c:bc:2e:e5:cf:ae:25:bf:06:e4:dd:b1:78:
91:02:62:19:0c:38:13:05:3b:92:a6:58:a3:86:ee:0c:5f:27:
c8:df:d9:0e:13:9d:77:f4:3e:69:26:a1:36:65:6a:e0:78:24:
f8:d1:75:67:a6:e9:a9:ec:78:f6:8a:bc:56:d1:e9:de:70:64:
f2:7e:1a:f1:55:69:fa:1a:6d:51:77:4c:86:f1:97:1d:6a:5c:
55:da:f1:5f:12:a4:eb:f4:a9:b0:dd:14:45:2d:d1:9e:c2:19:
0d:d3:ab:87:f8:44:61:01:4e:67:90:ec:2b:64:8f:17:99:6d:
50:76:41:de:81:bb:18:f2:b7:56:70:51:10:ac:60:0f:d1:c5:
c3:3f:51:cb:52:4d:7e:b6:19:ca:79:92:a9:7b:cf:08:0e:49:
7d:07:9a:03:0d:1a:1c:bd:48:62:b2:fa:4e:16:00:98:ae:46:
27:21:a9:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZosMpuyUQB1ZeWW+H+V95EGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYzBiN2QzNDVjZmFlNTM0N2QzY2U5OGI0MjQxYjkwMGU0
YTllZjMwHhcNMjUxMDI4MTkwMTQ1WhcNMjUxMDI5MTkwMTQ1WjAzMTEwLwYDVQQD
EyhjNjBkNjRkZGE2MjZlNzAwOWZlY2M0ZjdiOWFiMTBhYjdkZmY0OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnAeeTyPUl0LhtXqAa3kxvY2kOed
n3SNPLSavZ6F82WC+wL5eVjWFrI44yxald8n2HwRdG5b/Ch7RKxl/1bT0gbQOH0u
h13NX9PfUqarkdGeMd0CCAiQrP5Yk6vQLh63wgQyaWyQMQLuj/0L2iToZQAZqUwz
473NVsDvnyTur26WKqOJ+rofE6eDQf+oky0ZDdn8mFH13uJLzM1XOSphPyinL6Db
rfvdpzJtVl1XbBQyiOlrK4PkxXcbxmfasBQxL/3mqvtFUIBH0xrrcTrNTNIJZxm/
HysBMzTz34sRYIlYAKqxAVYZOPAK+I9r33B7wUoEX8tcSgCMEDEsjiCZ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYNZN2mJucAn+zE97mrEKt9/0l6MB8GA1UdIwQY
MBaAFEzAt9NFz65TR9POmLQkG5AOSp7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE1DMzAwWFBybE5IMDg2WXRDUWJrQTVLbnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xNmQzNzAtZjYzMi00Y2ExLThiOTYt
MWJlMzI1ZjdhMmUzLzEvVE1DMzAwWFBybE5IMDg2WXRDUWJrQTVLbnZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xNmQzNzAtZjYzMi00Y2ExLThiOTYtMWJlMzI1ZjdhMmUz
LzEvVE1DMzAwWFBybE5IMDg2WXRDUWJrQTVLbnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaHucFcb7
V8uCWbzVeZxrhOMj+OnC9eKjHXc/HCAoJvaFfjzPh0uvBgx+WRqp3RTiWpSKSrdy
vAdLXZ5Hmm9W27yRyUxzUZHRsMpMShkcvC7lz64lvwbk3bF4kQJiGQw4EwU7kqZY
o4buDF8nyN/ZDhOdd/Q+aSahNmVq4Hgk+NF1Z6bpqex49oq8VtHp3nBk8n4a8VVp
+hptUXdMhvGXHWpcVdrxXxKk6/SpsN0URS3RnsIZDdOrh/hEYQFOZ5DsK2SPF5lt
UHZB3oG7GPK3VnBREKxgD9HFwz9Ry1JNfrYZynmSqXvPCA5JfQeaAw0aHL1IYrL6
ThYAmK5GJyGpJw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 22:41:59 2025 by rpki-client