Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: +lMvitcJlkUY4jaV/VFT9eUIMkDkzPe17GxI56UyzfU=
Subject key identifier: A6:5C:4D:90:46:CB:28:D4:5E:3E:20:2D:57:42:BA:6E:B0:D4:E9:A0
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 019A541B107ADAE5F2803051CA7803371E5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 0295
Signing time: Wed 05 Nov 2025 13:00:51 +0000
Manifest this update: Wed 05 Nov 2025 13:00:51 +0000
Manifest next update: Thu 06 Nov 2025 13:00:51 +0000
Files and hashes: 1: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: zttwQflinr4zo6gx1gysSrZtfU2EyDzLLrnfXA1PaHg=)
2: cpRFayTuWEzodEO-QznXVMR-alE.roa (hash: wcJbOFjwwy8ZnD5yiXe5CzeprbHM7YA3HHhv8zEs++s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:1b:10:7a:da:e5:f2:80:30:51:ca:78:03:37:1e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Nov 5 13:00:51 2025 GMT
Not After : Nov 6 13:00:51 2025 GMT
Subject: CN=a65c4d9046cb28d45e3e202d5742ba6eb0d4e9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3b:4d:9c:59:8a:1b:f1:14:09:eb:95:f4:77:
7e:e9:3b:25:f9:7b:d6:62:05:fc:ff:d8:5d:35:ec:
f7:f4:50:88:81:4f:e3:40:db:c6:81:df:e0:22:aa:
c4:fa:4b:8f:37:19:12:64:1a:1a:f6:8e:33:aa:bc:
11:e1:ef:9a:e9:15:40:51:6e:50:ba:1d:c4:94:a8:
ab:4b:8d:e8:9d:88:25:c4:0e:22:73:3c:ea:d3:74:
b0:5e:bc:de:06:a8:54:7c:f2:96:b1:e1:30:32:0d:
97:71:63:98:39:2d:2a:31:5c:28:52:c3:47:9d:2d:
2a:e2:91:bc:14:f0:a8:97:49:5d:23:f3:7a:8f:0d:
59:57:1c:2f:67:44:02:20:cb:06:46:66:b5:5a:46:
59:29:b6:2b:b2:f4:23:fe:68:f9:e6:ba:d5:5b:c2:
d9:70:9d:58:46:18:1b:87:a1:00:6b:67:91:71:c1:
66:09:e5:f1:6f:2f:e2:3c:7e:49:b7:41:af:a1:a1:
42:0a:50:b8:b3:0f:a1:aa:8f:6e:f6:07:79:73:93:
d6:a2:26:69:6e:3f:d4:03:10:86:26:d6:93:a4:43:
8a:8b:a5:65:e1:96:dc:10:78:12:ba:8c:23:42:92:
6a:39:4b:fc:56:b6:fd:da:3a:14:8b:bc:d4:27:b3:
05:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5C:4D:90:46:CB:28:D4:5E:3E:20:2D:57:42:BA:6E:B0:D4:E9:A0
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:46:0a:07:bc:b8:f4:84:0b:a5:9d:67:57:c3:ec:2e:bc:c0:
da:8f:01:88:25:9c:a2:e2:86:c7:06:19:f2:40:40:72:90:10:
41:31:d2:5c:69:18:60:51:d1:7a:c3:c6:53:e7:a4:cb:2d:16:
6a:eb:62:8d:76:e0:1a:68:21:2b:1e:45:83:22:50:81:f7:a8:
bb:13:b8:90:83:e0:3e:b8:ba:90:6e:76:e8:c7:98:15:4d:27:
44:c6:9e:bb:62:01:73:af:76:ee:2b:8f:a5:9e:03:f4:53:18:
d1:9f:fa:4e:11:e1:62:32:36:b8:57:67:23:7c:62:e1:0c:2f:
b5:b6:be:23:bf:bb:77:33:a9:9e:10:a5:60:33:3b:88:a6:8d:
c4:77:aa:3a:be:ad:28:36:3f:3c:a9:a5:2c:bf:4c:98:6b:9f:
f1:0e:c5:6e:b3:d2:9e:f4:ed:29:60:35:0d:99:06:b4:f8:c9:
74:17:fa:10:35:cb:f2:f4:19:8a:7c:18:48:af:8b:e6:c9:85:
c8:56:8f:a3:80:f8:f8:e9:e8:1e:7b:82:bf:c5:ce:23:27:eb:
07:26:6e:57:4d:ce:ba:c1:10:2b:dc:2b:63:9e:f4:c7:42:61:
74:a9:11:5d:b9:f7:5a:8d:ae:98:fd:f4:b4:c8:80:40:a8:2b:
e4:5e:33:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUGxB62uXygDBRyngDNx5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjUxMTA1MTMwMDUxWhcNMjUxMTA2MTMwMDUxWjAzMTEwLwYDVQQD
EyhhNjVjNGQ5MDQ2Y2IyOGQ0NWUzZTIwMmQ1NzQyYmE2ZWIwZDRlOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDtNnFmKG/EUCeuV9Hd+6Tsl+XvW
YgX8/9hdNez39FCIgU/jQNvGgd/gIqrE+kuPNxkSZBoa9o4zqrwR4e+a6RVAUW5Q
uh3ElKirS43onYglxA4iczzq03SwXrzeBqhUfPKWseEwMg2XcWOYOS0qMVwoUsNH
nS0q4pG8FPCol0ldI/N6jw1ZVxwvZ0QCIMsGRma1WkZZKbYrsvQj/mj55rrVW8LZ
cJ1YRhgbh6EAa2eRccFmCeXxby/iPH5Jt0GvoaFCClC4sw+hqo9u9gd5c5PWoiZp
bj/UAxCGJtaTpEOKi6Vl4ZbcEHgSuowjQpJqOUv8Vrb92joUi7zUJ7MFoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZcTZBGyyjUXj4gLVdCum6w1OmgMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmEYKB7y4
9IQLpZ1nV8PsLrzA2o8BiCWcouKGxwYZ8kBAcpAQQTHSXGkYYFHResPGU+ekyy0W
autijXbgGmghKx5FgyJQgfeouxO4kIPgPri6kG526MeYFU0nRMaeu2IBc6927iuP
pZ4D9FMY0Z/6ThHhYjI2uFdnI3xi4Qwvtba+I7+7dzOpnhClYDM7iKaNxHeqOr6t
KDY/PKmlLL9MmGuf8Q7FbrPSnvTtKWA1DZkGtPjJdBf6EDXL8vQZinwYSK+L5smF
yFaPo4D4+OnoHnuCv8XOIyfrByZuV03OusEQK9wrY570x0JhdKkRXbn3Wo2umP30
tMiAQKgr5F4zGw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:34:08 2025 by rpki-client