Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft
File: tPszH6QvtFHkVRxvkcu5wZ7jek4.mft (raw, json)
Hash identifier: lTSUcV+IkfFhr0l6+7dYJ6ijOHBxNQJIKkuIK7RsfE0=
Subject key identifier: C2:75:67:0D:F2:17:5B:C4:5E:DA:8B:CD:95:D0:3D:FD:A5:6A:01:33
Authority key identifier: B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E
Certificate issuer: /CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e
Certificate serial: 019A4E188270CC22557A8FB340848191C2DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 09:00:20 +0000
Manifest this update: Tue 04 Nov 2025 09:00:20 +0000
Manifest next update: Wed 05 Nov 2025 09:00:20 +0000
Files and hashes: 1: DvRXNlTCR35yGxJPggKI6LQ1TXY.roa (hash: uCs5edSvBBj2KY6s6HL8wAMD7pMX49G3e3NvxavAQGo=)
2: tPszH6QvtFHkVRxvkcu5wZ7jek4.crl (hash: ldq08Vl4RUz56hYP52UzRZS1Xt3++LR2OVH89UtRd64=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:82:70:cc:22:55:7a:8f:b3:40:84:81:91:c2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e
Validity
Not Before: Nov 4 09:00:20 2025 GMT
Not After : Nov 5 09:00:20 2025 GMT
Subject: CN=c275670df2175bc45eda8bcd95d03dfda56a0133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5f:b0:42:b9:71:8b:1a:f9:39:ef:d7:62:38:
43:cc:2c:84:65:30:13:ef:a8:14:14:ff:50:89:2d:
34:f8:79:83:61:ea:47:8e:16:23:df:f8:77:5f:1b:
30:f2:47:ae:a4:41:90:92:a1:dd:45:81:3c:20:03:
be:a4:88:6f:3e:e3:b8:0b:9d:47:67:fb:52:b8:33:
b5:bc:69:3d:51:55:0c:61:dd:9c:e5:b9:f5:6d:41:
d4:5e:c6:aa:eb:e2:11:a4:0e:4f:9b:c1:4a:03:25:
02:29:fb:57:9e:73:91:ee:6a:8a:6c:62:4b:a5:fa:
66:86:da:4e:eb:73:a8:b3:07:dd:eb:f0:ba:7c:f4:
22:fe:41:91:ba:dc:5c:99:9b:0c:89:ed:80:bf:e2:
35:71:d9:92:5f:c4:d4:b7:c6:4e:66:b6:10:9c:f4:
71:b8:45:8a:64:fd:43:bb:8e:fb:00:44:79:01:38:
db:7c:2b:c8:cb:75:e5:a7:6d:45:17:de:26:a7:01:
79:c3:56:08:6b:44:8b:b9:30:88:5e:2c:d7:c6:ff:
d4:40:26:4d:cc:1e:f7:24:91:4b:bd:11:54:bf:19:
47:6d:85:25:e7:10:44:4f:09:b6:c6:fa:0a:5a:3e:
09:91:af:a2:67:ce:f4:cf:40:8e:dc:fb:2c:ce:e4:
58:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:75:67:0D:F2:17:5B:C4:5E:DA:8B:CD:95:D0:3D:FD:A5:6A:01:33
X509v3 Authority Key Identifier:
keyid:B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:86:5c:b0:fa:53:bf:60:60:86:f6:ca:b3:2c:96:f4:06:48:
f9:6c:b0:51:ff:ea:dc:7f:28:52:d2:40:2a:19:75:d5:2d:df:
9c:dd:66:05:12:92:28:c7:28:ab:b8:98:4b:87:4f:fe:f1:2e:
39:76:33:cf:3c:13:b9:d2:fc:ed:79:46:87:a0:f6:67:7c:15:
b3:1d:ff:4f:99:ea:0a:c0:b1:d1:0a:36:35:85:90:38:59:b8:
28:df:82:60:4c:4a:5c:6f:97:40:89:15:6d:15:f1:35:59:a5:
2b:d5:3a:f4:5c:93:5c:6a:99:28:3e:e2:4b:d0:a1:8c:90:66:
25:33:19:01:1a:c9:a3:8e:c5:82:ad:b6:f3:f0:e7:3e:c4:68:
90:7a:01:93:c1:f9:76:1d:68:17:80:4e:e6:32:26:0f:ec:42:
12:f2:35:32:69:b6:5f:c9:0e:e2:f7:79:00:bb:ea:ca:c5:09:
79:d2:ee:10:12:00:aa:b1:bb:2e:76:34:ac:6b:1a:58:ec:bc:
f7:36:48:9c:7d:f0:9d:22:ce:e8:8b:bd:e9:5c:67:7d:e2:7d:
05:1c:5e:44:5a:b8:2b:8a:65:7c:4f:3a:b0:db:a5:19:6e:24:
be:69:50:5c:de:39:82:73:36:0c:f0:08:77:30:15:eb:55:32:
11:90:8d:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGIJwzCJVeo+zQISBkcLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZmIzMzFmYTQyZmI0NTFlNDU1MWM2ZjkxY2JiOWMxOWVl
MzdhNGUwHhcNMjUxMTA0MDkwMDIwWhcNMjUxMTA1MDkwMDIwWjAzMTEwLwYDVQQD
EyhjMjc1NjcwZGYyMTc1YmM0NWVkYThiY2Q5NWQwM2RmZGE1NmEwMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV+wQrlxixr5Oe/XYjhDzCyEZTAT
76gUFP9QiS00+HmDYepHjhYj3/h3Xxsw8keupEGQkqHdRYE8IAO+pIhvPuO4C51H
Z/tSuDO1vGk9UVUMYd2c5bn1bUHUXsaq6+IRpA5Pm8FKAyUCKftXnnOR7mqKbGJL
pfpmhtpO63Ooswfd6/C6fPQi/kGRutxcmZsMie2Av+I1cdmSX8TUt8ZOZrYQnPRx
uEWKZP1Du477AER5ATjbfCvIy3Xlp21FF94mpwF5w1YIa0SLuTCIXizXxv/UQCZN
zB73JJFLvRFUvxlHbYUl5xBETwm2xvoKWj4Jka+iZ870z0CO3PsszuRYHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJ1Zw3yF1vEXtqLzZXQPf2lagEzMB8GA1UdIwQY
MBaAFLT7Mx+kL7RR5FUcb5HLucGe43pOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2It
MDk5ZmQyMTAxMzg1LzEvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2ItMDk5ZmQyMTAxMzg1
LzEvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPoZcsPpT
v2BghvbKsyyW9AZI+WywUf/q3H8oUtJAKhl11S3fnN1mBRKSKMcoq7iYS4dP/vEu
OXYzzzwTudL87XlGh6D2Z3wVsx3/T5nqCsCx0Qo2NYWQOFm4KN+CYExKXG+XQIkV
bRXxNVmlK9U69FyTXGqZKD7iS9ChjJBmJTMZARrJo47Fgq228/DnPsRokHoBk8H5
dh1oF4BO5jImD+xCEvI1Mmm2X8kO4vd5ALvqysUJedLuEBIAqrG7LnY0rGsaWOy8
9zZInH3wnSLO6Iu96VxnfeJ9BRxeRFq4K4plfE86sNulGW4kvmlQXN45gnM2DPAI
dzAV61UyEZCNFg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:54:33 2025 by rpki-client