Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json)
Hash identifier: coPVaZZHSzPArNlcUEploSMf3gaRRkby3/7GKctUrwk=
Subject key identifier: 1A:5E:EB:32:EC:A2:A8:35:D5:F0:8B:E9:6B:1A:DA:A2:1B:7B:4B:B0
Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623
Certificate serial: 019A1A2B27B5877A62AF06A9DA00619D28EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
Manifest number: 1683
Signing time: Sat 25 Oct 2025 07:00:27 +0000
Manifest this update: Sat 25 Oct 2025 07:00:27 +0000
Manifest next update: Sun 26 Oct 2025 07:00:27 +0000
Files and hashes: 1: JiqQ-b59vNl0MF5eVXzf0TfeO3c.roa (hash: OKAd29RpT9wnjVFO/8cLOZm/b/ev+jNX/rx5kLKiews=)
2: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: g2zGUpCWKAz9m19PKKjuR4e29UQEwdxlADfMmAMKkNc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1a:2b:27:b5:87:7a:62:af:06:a9:da:00:61:9d:28:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fed77339d938bef087599293c201b3b9f8223623
Validity
Not Before: Oct 25 07:00:27 2025 GMT
Not After : Oct 26 07:00:27 2025 GMT
Subject: CN=1a5eeb32eca2a835d5f08be96b1adaa21b7b4bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7f:de:4d:f1:5e:d2:f5:c6:19:b1:07:31:b6:
19:e6:34:c4:41:12:2e:5c:cd:83:a5:33:ea:a8:63:
2d:5d:73:0b:2a:d0:3e:74:2d:79:08:e3:10:d2:8c:
46:aa:0a:9d:0d:48:60:d8:14:32:fc:9d:7d:47:a4:
59:ae:cc:c8:da:77:1e:77:f0:31:73:ad:d2:9c:00:
f3:ab:6f:23:22:55:b1:d4:54:cb:32:31:3c:ee:71:
c8:ad:de:7e:97:d4:34:a9:cc:1a:1c:e8:0b:58:40:
b6:e2:7b:6b:9c:26:fa:1f:1f:43:2c:e8:b6:fa:2b:
7a:6e:09:e5:75:c3:ad:89:2c:b4:88:e5:3d:3c:a4:
66:ba:14:0c:f9:16:6e:e3:aa:05:42:4b:7e:82:2e:
4d:de:59:9b:15:c2:ce:c1:2d:81:5d:ca:04:07:dd:
1e:9d:82:20:e4:f2:36:67:12:fa:f6:48:79:42:94:
44:61:04:80:7e:e0:ac:50:fc:d7:e7:12:c5:7d:23:
de:f5:df:20:9d:76:c7:b2:ef:44:6b:9d:02:b4:46:
91:81:e2:ba:9a:6b:7f:46:4f:7b:3e:4e:64:6d:5d:
6d:7e:af:86:99:9b:3a:9c:d3:2c:df:81:c4:ae:9a:
f1:78:5a:8d:08:04:b2:74:df:b9:72:6d:d4:fb:2b:
4a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5E:EB:32:EC:A2:A8:35:D5:F0:8B:E9:6B:1A:DA:A2:1B:7B:4B:B0
X509v3 Authority Key Identifier:
keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:6c:9f:1c:e2:14:ce:e0:11:04:d2:8d:a1:7a:01:ef:c4:7e:
eb:de:3f:b4:af:20:4c:da:e4:b8:bc:e7:ca:36:88:d1:9c:f5:
95:03:95:df:64:64:24:36:52:5a:ec:57:be:d3:c0:a3:c0:ae:
b2:f8:d6:81:05:d3:74:7e:78:43:b0:ce:00:c8:26:19:f0:30:
22:09:86:67:85:77:86:53:b9:4e:26:e4:5b:28:84:26:05:39:
12:0f:ae:31:d7:11:83:c7:b7:37:da:4f:6c:dd:c3:cc:cc:02:
6a:3f:04:51:f2:6a:fd:2d:e1:e8:ac:2b:00:1f:7a:7b:0f:b6:
d6:82:a6:75:4a:d1:12:62:b9:2f:71:30:d5:f0:cf:10:a7:14:
aa:cd:ae:3e:b8:ef:bc:68:d3:b2:d4:f5:70:7b:4c:6d:5c:a1:
93:38:31:3f:87:35:17:9e:d5:4b:4e:5a:35:df:33:94:bd:89:
dd:09:22:05:ae:00:99:a9:fb:ab:c3:76:c0:a9:48:2f:f6:95:
6c:10:4c:26:e0:e5:a8:04:6c:22:5e:13:25:d0:22:61:35:f3:
89:90:51:f6:d6:cd:f2:2f:44:ee:17:bb:7f:02:d8:7b:d5:00:
a5:17:62:db:7a:3d:24:6d:d8:f4:e8:8c:1e:b0:bc:7f:79:a3:
a5:d7:7a:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoaKye1h3pirwap2gBhnSjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy
MjM2MjMwHhcNMjUxMDI1MDcwMDI3WhcNMjUxMDI2MDcwMDI3WjAzMTEwLwYDVQQD
EygxYTVlZWIzMmVjYTJhODM1ZDVmMDhiZTk2YjFhZGFhMjFiN2I0YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5H/eTfFe0vXGGbEHMbYZ5jTEQRIu
XM2DpTPqqGMtXXMLKtA+dC15COMQ0oxGqgqdDUhg2BQy/J19R6RZrszI2nced/Ax
c63SnADzq28jIlWx1FTLMjE87nHIrd5+l9Q0qcwaHOgLWEC24ntrnCb6Hx9DLOi2
+it6bgnldcOtiSy0iOU9PKRmuhQM+RZu46oFQkt+gi5N3lmbFcLOwS2BXcoEB90e
nYIg5PI2ZxL69kh5QpREYQSAfuCsUPzX5xLFfSPe9d8gnXbHsu9Ea50CtEaRgeK6
mmt/Rk97Pk5kbV1tfq+GmZs6nNMs34HErprxeFqNCASydN+5cm3U+ytKKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpe6zLsoqg11fCL6Wsa2qIbe0uwMB8GA1UdIwQY
MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt
ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1
LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkGyfHOIU
zuARBNKNoXoB78R+694/tK8gTNrkuLznyjaI0Zz1lQOV32RkJDZSWuxXvtPAo8Cu
svjWgQXTdH54Q7DOAMgmGfAwIgmGZ4V3hlO5TibkWyiEJgU5Eg+uMdcRg8e3N9pP
bN3DzMwCaj8EUfJq/S3h6KwrAB96ew+21oKmdUrREmK5L3Ew1fDPEKcUqs2uPrjv
vGjTstT1cHtMbVyhkzgxP4c1F57VS05aNd8zlL2J3QkiBa4Aman7q8N2wKlIL/aV
bBBMJuDlqARsIl4TJdAiYTXziZBR9tbN8i9E7he7fwLYe9UApRdi23o9JG3Y9OiM
HrC8f3mjpdd6Kg==
-----END CERTIFICATE-----
Generated at Sat Oct 25 13:32:56 2025 by rpki-client