Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
File: tu2bXLS2SGbDg97kV2v_P_h1JC0.mft (raw, json)
Hash identifier: 779DyXXNL5UvAfhQWjMcmnv06eRqnKAq9Dh5BD20JFs=
Subject key identifier: 94:00:36:50:62:51:35:71:A8:10:B1:85:35:78:74:91:34:8D:6A:CC
Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Certificate serial: 019A53AC7DE21E82BE9965C029081CA2095A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
Manifest number: 0E87
Signing time: Wed 05 Nov 2025 11:00:04 +0000
Manifest this update: Wed 05 Nov 2025 11:00:04 +0000
Manifest next update: Thu 06 Nov 2025 11:00:04 +0000
Files and hashes: 1: Cr7WIZXJqqSxx1MgWk3fJvY56gA.roa (hash: W0p2Ng/L4A+CUhGlPSgje47dkJ8+aMEjdUAnh4zo9Rc=)
2: tu2bXLS2SGbDg97kV2v_P_h1JC0.crl (hash: lgtEl+JDS7AMv1q8UFmoRQfURozH+Xa9LgJKPUbLAGg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:ac:7d:e2:1e:82:be:99:65:c0:29:08:1c:a2:09:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Validity
Not Before: Nov 5 11:00:04 2025 GMT
Not After : Nov 6 11:00:04 2025 GMT
Subject: CN=9400365062513571a810b18535787491348d6acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4b:e9:9d:ba:36:dd:42:ea:a1:87:b2:b8:e4:
84:04:10:ce:45:e7:54:a3:dd:9c:55:22:21:58:13:
0a:8a:29:e2:8a:bd:c3:c7:4a:bd:5c:aa:28:8d:56:
45:26:73:c1:04:82:60:58:9a:58:a4:e6:72:be:f9:
d8:08:cf:65:9d:49:4f:5e:e7:d3:c5:78:cf:5a:e8:
ae:ee:db:22:3c:b6:2a:5e:f2:7e:ce:97:ce:af:eb:
90:d2:26:e3:8a:6b:ad:2b:b1:ab:59:61:fb:ee:20:
9b:3b:1f:5f:3b:ad:a8:6b:2d:ff:07:14:1c:c9:4e:
e8:87:6e:4f:08:0c:d3:54:60:7b:64:38:34:61:13:
e9:e3:26:76:09:cb:80:bb:28:83:eb:fb:72:2f:c1:
a3:98:88:31:d3:2e:7b:d9:0c:7e:3a:3c:fa:84:3a:
d3:e9:6c:3b:cc:83:05:40:34:56:fc:49:bf:41:6a:
fe:a1:80:9a:a1:07:46:e8:d3:1d:5b:2b:a9:ca:ee:
6c:b0:2a:0c:33:d2:ec:b8:c3:9b:c8:9c:fe:c9:58:
2f:08:a4:32:45:51:0a:80:fd:f3:80:8a:e6:de:43:
b1:d7:d6:e5:9c:e9:d8:b8:2a:b3:e6:f1:83:75:e0:
8a:aa:1c:07:38:d1:70:e3:c9:7b:5f:44:12:da:b0:
0e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:00:36:50:62:51:35:71:A8:10:B1:85:35:78:74:91:34:8D:6A:CC
X509v3 Authority Key Identifier:
keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:79:0b:83:65:d8:46:4f:18:4c:6c:a6:a7:57:af:a2:39:1d:
66:57:da:f5:9e:73:b2:1a:46:16:22:87:99:fe:05:70:b0:4f:
f1:4c:c2:5a:27:5e:14:f5:78:71:1e:30:98:81:25:cf:8e:e8:
93:4d:1d:b0:ed:1d:20:9f:2d:52:46:19:ad:5c:91:d3:31:4f:
82:25:1b:00:ae:ad:e1:83:21:1a:95:7f:ee:d8:f2:72:dd:2c:
8a:1a:14:5a:81:30:de:36:47:c4:6e:39:76:46:0d:30:5d:48:
6c:99:04:f5:b9:af:1a:82:46:c6:e2:00:79:41:7d:f0:74:a0:
13:3a:36:d6:ae:d6:e5:81:f5:a5:90:91:35:27:5f:5f:4b:12:
94:a8:e3:b3:a2:2a:01:a0:04:95:48:88:53:23:5a:01:53:bd:
bb:af:12:f8:8d:16:2f:3a:cf:59:b4:ca:a2:c3:a7:03:11:cb:
bd:52:e7:25:fb:d8:99:dd:d1:7c:8b:08:c0:67:7f:0b:83:16:
98:3f:54:60:11:a8:80:46:64:f7:a3:18:2b:1a:4a:aa:7d:6c:
56:f3:5a:84:13:12:64:2b:a0:0f:81:4c:46:d7:18:1b:1c:25:
80:8b:de:21:5a:08:9c:ec:22:a3:e7:be:81:be:dc:8d:7f:a2:
e5:61:1c:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTrH3iHoK+mWXAKQgcoglaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3
NTI0MmQwHhcNMjUxMTA1MTEwMDA0WhcNMjUxMTA2MTEwMDA0WjAzMTEwLwYDVQQD
Eyg5NDAwMzY1MDYyNTEzNTcxYTgxMGIxODUzNTc4NzQ5MTM0OGQ2YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkvpnbo23ULqoYeyuOSEBBDORedU
o92cVSIhWBMKiiniir3Dx0q9XKoojVZFJnPBBIJgWJpYpOZyvvnYCM9lnUlPXufT
xXjPWuiu7tsiPLYqXvJ+zpfOr+uQ0ibjimutK7GrWWH77iCbOx9fO62oay3/BxQc
yU7oh25PCAzTVGB7ZDg0YRPp4yZ2CcuAuyiD6/tyL8GjmIgx0y572Qx+Ojz6hDrT
6Ww7zIMFQDRW/Em/QWr+oYCaoQdG6NMdWyupyu5ssCoMM9LsuMObyJz+yVgvCKQy
RVEKgP3zgIrm3kOx19blnOnYuCqz5vGDdeCKqhwHONFw48l7X0QS2rAOKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQANlBiUTVxqBCxhTV4dJE0jWrMMB8GA1UdIwQY
MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt
NWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz
LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR3kLg2XY
Rk8YTGymp1evojkdZlfa9Z5zshpGFiKHmf4FcLBP8UzCWideFPV4cR4wmIElz47o
k00dsO0dIJ8tUkYZrVyR0zFPgiUbAK6t4YMhGpV/7tjyct0sihoUWoEw3jZHxG45
dkYNMF1IbJkE9bmvGoJGxuIAeUF98HSgEzo21q7W5YH1pZCRNSdfX0sSlKjjs6Iq
AaAElUiIUyNaAVO9u68S+I0WLzrPWbTKosOnAxHLvVLnJfvYmd3RfIsIwGd/C4MW
mD9UYBGogEZk96MYKxpKqn1sVvNahBMSZCugD4FMRtcYGxwlgIveIVoInOwio+e+
gb7cjX+i5WEcEQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:46:11 2025 by rpki-client