Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json)
Hash identifier: SHGaYNVB627T8XZJyTErD6i5AfjH7TCid33n1vvgAC8=
Subject key identifier: 49:53:B0:66:8A:CB:AD:98:D3:50:09:12:CE:4D:4F:02:6D:35:DB:AF
Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623
Certificate serial: 019922FA290C5BAE84DA084CCCB6491BB9B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
Manifest number: 1603
Signing time: Sun 07 Sep 2025 07:00:43 +0000
Manifest this update: Sun 07 Sep 2025 07:00:43 +0000
Manifest next update: Mon 08 Sep 2025 07:00:43 +0000
Files and hashes: 1: JiqQ-b59vNl0MF5eVXzf0TfeO3c.roa (hash: OKAd29RpT9wnjVFO/8cLOZm/b/ev+jNX/rx5kLKiews=)
2: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: 7POdyCfTFvMalBbn/NF51sCB9zachp0DUC2BwEXTaic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:fa:29:0c:5b:ae:84:da:08:4c:cc:b6:49:1b:b9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fed77339d938bef087599293c201b3b9f8223623
Validity
Not Before: Sep 7 07:00:43 2025 GMT
Not After : Sep 8 07:00:43 2025 GMT
Subject: CN=4953b0668acbad98d3500912ce4d4f026d35dbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d5:43:14:eb:0b:87:e7:43:2e:d3:86:b2:e2:
db:ff:bf:f4:02:7e:79:a1:68:35:d3:c2:97:7b:c3:
9c:0c:36:f9:77:83:66:85:2e:27:76:f9:a9:1d:ab:
76:f5:ed:09:ea:67:86:5b:c7:e1:29:69:86:16:12:
ce:6a:06:64:4f:50:8b:51:e4:4e:4c:5b:12:51:32:
cd:71:89:37:4b:ac:ec:dc:aa:f5:8a:36:25:ad:87:
e7:57:6c:95:a4:47:23:5b:f2:f7:7d:84:9a:11:78:
4d:5b:5b:9d:29:a4:65:ee:01:5d:30:a3:bf:12:bc:
eb:1e:bc:fc:92:fc:b4:bd:c9:e0:97:b6:34:18:1a:
62:2e:1d:a3:78:19:2a:b4:24:9e:f4:2d:11:d8:49:
76:5f:38:71:cd:c4:9e:ab:8a:f3:34:b9:26:2a:0c:
08:54:bd:85:89:a9:dc:23:5a:fa:87:e6:29:7a:b8:
6c:10:2c:90:24:d3:cd:1a:d2:fa:87:a9:ff:ba:5e:
11:ff:d1:47:21:9f:e8:70:83:fa:f8:59:4d:76:0b:
e6:b6:da:c8:d3:d8:b3:3c:36:73:7b:f7:d5:65:82:
8f:cb:63:4a:00:fb:47:ab:81:19:2f:52:37:db:03:
81:ab:d3:9b:cb:37:d9:1e:05:28:8e:18:29:35:b0:
5f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:53:B0:66:8A:CB:AD:98:D3:50:09:12:CE:4D:4F:02:6D:35:DB:AF
X509v3 Authority Key Identifier:
keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:f1:13:89:47:77:e8:81:4f:21:5c:46:83:81:ba:59:a1:15:
06:46:7e:3b:20:1a:3d:1c:dd:f9:5d:44:99:25:9b:b3:39:85:
50:cc:fd:55:21:0f:dc:ae:63:14:fc:04:54:32:4f:62:1e:c7:
32:c3:78:f2:62:2b:f3:bb:2a:5d:f9:a3:be:cd:6d:59:4f:78:
01:95:65:23:4f:0e:c1:9e:bc:ba:33:05:64:bc:5e:ea:2c:ce:
a2:38:a0:f0:15:98:8c:10:ba:be:57:57:b3:1f:9c:24:2b:f1:
b2:37:47:e2:45:01:92:4b:d3:47:15:82:f8:68:8b:5f:cd:d7:
5f:14:48:a5:91:f0:21:e0:8b:aa:b7:d0:81:5b:09:8c:ca:b6:
e5:97:50:b5:ee:ad:7a:7d:ba:9e:43:a1:e6:4b:0a:00:39:5a:
e6:ca:96:7f:dd:b1:d0:4f:d5:a9:22:50:5b:e9:f8:bf:9f:9b:
92:4b:24:3a:1f:b2:7a:d6:c6:8f:dd:2a:45:22:26:cc:38:92:
48:de:25:69:d5:e8:e5:14:26:a5:e6:d9:10:ec:de:de:91:9f:
8a:bf:be:e9:00:2f:9d:bb:22:d8:a5:5d:25:c3:ca:24:fa:ed:
6e:d7:10:e2:90:3d:80:68:9d:f0:26:3c:2f:bf:31:b6:bb:bf:
a0:e3:31:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+ikMW66E2ghMzLZJG7myMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy
MjM2MjMwHhcNMjUwOTA3MDcwMDQzWhcNMjUwOTA4MDcwMDQzWjAzMTEwLwYDVQQD
Eyg0OTUzYjA2NjhhY2JhZDk4ZDM1MDA5MTJjZTRkNGYwMjZkMzVkYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8tVDFOsLh+dDLtOGsuLb/7/0An55
oWg108KXe8OcDDb5d4NmhS4ndvmpHat29e0J6meGW8fhKWmGFhLOagZkT1CLUeRO
TFsSUTLNcYk3S6zs3Kr1ijYlrYfnV2yVpEcjW/L3fYSaEXhNW1udKaRl7gFdMKO/
ErzrHrz8kvy0vcngl7Y0GBpiLh2jeBkqtCSe9C0R2El2XzhxzcSeq4rzNLkmKgwI
VL2FiancI1r6h+YperhsECyQJNPNGtL6h6n/ul4R/9FHIZ/ocIP6+FlNdgvmttrI
09izPDZze/fVZYKPy2NKAPtHq4EZL1I32wOBq9ObyzfZHgUojhgpNbBfLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElTsGaKy62Y01AJEs5NTwJtNduvMB8GA1UdIwQY
MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt
ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1
LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/ETiUd3
6IFPIVxGg4G6WaEVBkZ+OyAaPRzd+V1EmSWbszmFUMz9VSEP3K5jFPwEVDJPYh7H
MsN48mIr87sqXfmjvs1tWU94AZVlI08OwZ68ujMFZLxe6izOojig8BWYjBC6vldX
sx+cJCvxsjdH4kUBkkvTRxWC+GiLX83XXxRIpZHwIeCLqrfQgVsJjMq25ZdQte6t
en26nkOh5ksKADla5sqWf92x0E/VqSJQW+n4v5+bkkskOh+yetbGj90qRSImzDiS
SN4ladXo5RQmpebZEOze3pGfir++6QAvnbsi2KVdJcPKJPrtbtcQ4pA9gGid8CY8
L78xtru/oOMxyA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:50:55 2025 by rpki-client