Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json)
Hash identifier: tLAWmzQB5fFK5z6mVpQzJDmjVAqO8Hm0GZOUWvIIQoA=
Subject key identifier: F9:C0:CD:59:45:E7:CA:08:17:3D:24:67:4E:03:B9:29:9F:B4:FD:05
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 0198963746E685936D8CF2FCBB2356F85AA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
Manifest number: 01AE
Signing time: Sun 10 Aug 2025 23:01:01 +0000
Manifest this update: Sun 10 Aug 2025 23:01:01 +0000
Manifest next update: Mon 11 Aug 2025 23:01:01 +0000
Files and hashes: 1: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: +ZAekUMnJ6vUH572ebkQgvHxKcwkbSJsyCvxiMjTgRQ=)
2: cpRFayTuWEzodEO-QznXVMR-alE.roa (hash: wcJbOFjwwy8ZnD5yiXe5CzeprbHM7YA3HHhv8zEs++s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 23:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:96:37:46:e6:85:93:6d:8c:f2:fc:bb:23:56:f8:5a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Aug 10 23:01:01 2025 GMT
Not After : Aug 11 23:01:01 2025 GMT
Subject: CN=f9c0cd5945e7ca08173d24674e03b9299fb4fd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fc:40:85:c1:96:84:b1:38:a9:19:fe:a1:4d:
12:93:3e:20:d3:12:6c:cb:29:b9:52:46:fb:12:86:
30:c5:3c:72:a7:75:d0:1e:3f:1c:9a:6d:ac:48:d2:
73:6c:68:73:17:6a:97:97:ff:38:22:90:93:a2:11:
0e:7b:f1:53:ca:81:20:18:18:d5:68:6b:74:c9:88:
31:fc:45:75:aa:52:52:8b:4e:95:3a:ca:ab:83:68:
81:df:52:f5:32:38:7b:66:08:c9:e5:5d:00:4c:44:
45:ac:88:1b:7b:a6:62:ef:3c:de:b8:a0:ae:80:48:
62:b9:0f:08:4e:cd:2f:3f:ba:32:1a:3f:83:15:f7:
be:5d:98:c7:d7:44:40:a0:c0:3e:91:55:9d:7b:d2:
96:54:ae:05:aa:11:f7:12:84:12:6f:46:61:f4:03:
8a:8e:00:bb:cc:03:ef:0c:3c:51:9f:a2:e6:2d:93:
76:34:67:2a:a4:89:16:09:c6:bb:29:c5:e1:71:f4:
30:d6:8c:3a:b0:5f:08:e4:2e:47:70:bb:17:57:9c:
9e:07:7a:f3:6f:17:56:32:06:80:46:3f:81:ee:9b:
f3:df:4a:6a:b2:c9:96:f1:3a:6a:a7:41:ec:56:67:
73:11:e6:e8:10:9b:f5:1f:85:22:32:ef:03:b7:59:
84:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C0:CD:59:45:E7:CA:08:17:3D:24:67:4E:03:B9:29:9F:B4:FD:05
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:e4:51:f6:98:93:83:af:41:5f:65:a3:5b:82:16:d3:2a:1b:
95:4b:6b:8e:d7:79:38:10:88:4e:78:71:b4:48:e8:9f:fb:9f:
87:0a:8b:53:b2:67:85:ca:aa:8d:f4:43:53:1d:a3:dd:17:dd:
3f:51:88:1f:f8:ab:68:23:60:b3:bd:91:99:65:8f:be:fe:c7:
76:d4:b2:a1:e7:41:82:9a:9d:52:95:b1:d5:ba:e1:db:9d:a9:
e8:09:9a:bb:ff:33:e8:2c:e6:76:78:55:84:e0:ef:d7:36:15:
9c:1f:64:82:e6:61:81:cf:27:0f:6f:08:3a:8a:99:5b:dd:67:
d5:b9:1d:66:a5:3a:16:0e:9b:01:dc:a8:85:3e:80:4b:7d:50:
85:ae:35:4a:26:0b:2b:a8:1f:20:64:5c:b0:84:f9:d8:bf:60:
67:ab:b2:84:8d:6f:fa:ff:b4:18:7b:e4:28:89:19:38:ea:f9:
85:54:36:97:18:5a:29:b4:22:99:ff:f1:c4:13:65:5c:be:ef:
cb:b8:99:be:8f:ae:a7:f3:07:c6:32:43:24:a8:a9:17:37:46:
7e:84:62:72:dc:71:e2:56:ae:fb:3d:5b:75:8e:00:17:f6:27:
53:83:e6:e9:58:48:e4:26:7a:d1:4e:c7:d8:29:37:3a:78:94:
b6:24:8e:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWN0bmhZNtjPL8uyNW+FqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjUwODEwMjMwMTAxWhcNMjUwODExMjMwMTAxWjAzMTEwLwYDVQQD
EyhmOWMwY2Q1OTQ1ZTdjYTA4MTczZDI0Njc0ZTAzYjkyOTlmYjRmZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/xAhcGWhLE4qRn+oU0Skz4g0xJs
yym5Ukb7EoYwxTxyp3XQHj8cmm2sSNJzbGhzF2qXl/84IpCTohEOe/FTyoEgGBjV
aGt0yYgx/EV1qlJSi06VOsqrg2iB31L1Mjh7ZgjJ5V0ATERFrIgbe6Zi7zzeuKCu
gEhiuQ8ITs0vP7oyGj+DFfe+XZjH10RAoMA+kVWde9KWVK4FqhH3EoQSb0Zh9AOK
jgC7zAPvDDxRn6LmLZN2NGcqpIkWCca7KcXhcfQw1ow6sF8I5C5HcLsXV5yeB3rz
bxdWMgaARj+B7pvz30pqssmW8Tpqp0HsVmdzEeboEJv1H4UiMu8Dt1mEUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnAzVlF58oIFz0kZ04DuSmftP0FMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOeRR9piT
g69BX2WjW4IW0yoblUtrjtd5OBCITnhxtEjon/ufhwqLU7JnhcqqjfRDUx2j3Rfd
P1GIH/iraCNgs72RmWWPvv7HdtSyoedBgpqdUpWx1brh252p6Amau/8z6CzmdnhV
hODv1zYVnB9kguZhgc8nD28IOoqZW91n1bkdZqU6Fg6bAdyohT6AS31Qha41SiYL
K6gfIGRcsIT52L9gZ6uyhI1v+v+0GHvkKIkZOOr5hVQ2lxhaKbQimf/xxBNlXL7v
y7iZvo+up/MHxjJDJKipFzdGfoRictxx4lau+z1bdY4AF/YnU4Pm6VhI5CZ60U7H
2Ck3OniUtiSOfg==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:15:44 2025 by rpki-client