Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft
File: tRhBzcn2NZTd3CulmkATMYK1efo.mft (raw, json)
Hash identifier: Xa58TfPI7jNkz5W60kPSps09g4CvNDTVi0Jx0Sd7skw=
Subject key identifier: 79:64:F8:A8:A4:C2:2A:CE:30:E5:44:74:3B:72:3C:69:49:27:E0:F2
Authority key identifier: B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA
Certificate issuer: /CN=b51841cdc9f63594dddc2ba59a40133182b579fa
Certificate serial: 019A4D73E0AFEA24A61909C0E780DD082590
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 06:00:30 +0000
Manifest this update: Tue 04 Nov 2025 06:00:30 +0000
Manifest next update: Wed 05 Nov 2025 06:00:30 +0000
Files and hashes: 1: iQxCTqJc23IztH0qMtXGhii78xc.roa (hash: b/32KuHdgss/tEEpqliyL9nGxIGy3IsYTip4QREYlPc=)
2: tRhBzcn2NZTd3CulmkATMYK1efo.crl (hash: BatEgoZO142j77ELfDIcm8Y1V1lLsWaX9dstPfFNB74=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:e0:af:ea:24:a6:19:09:c0:e7:80:dd:08:25:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b51841cdc9f63594dddc2ba59a40133182b579fa
Validity
Not Before: Nov 4 06:00:30 2025 GMT
Not After : Nov 5 06:00:30 2025 GMT
Subject: CN=7964f8a8a4c22ace30e544743b723c694927e0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e6:46:ac:91:e6:bd:7a:e8:5c:39:80:c2:18:
a2:5e:2b:f3:38:f1:01:c4:7d:55:cb:ee:18:79:ef:
a9:07:53:52:2a:8f:02:20:df:b5:3a:f6:0f:a2:3d:
57:d7:ea:78:4a:34:a9:16:6c:05:6f:a9:f0:f9:41:
8e:f5:3d:5c:e0:6b:87:64:63:10:c4:47:a3:2e:64:
45:4d:f8:9c:f4:d2:8b:e0:a8:53:8b:53:f3:29:eb:
25:2a:53:61:4b:c5:05:35:11:5a:a6:29:95:d0:92:
91:57:0b:b7:22:61:a4:d7:d8:f9:67:ea:35:74:71:
89:15:d4:f4:de:25:88:fc:9b:fe:63:03:e1:db:e1:
d9:82:82:6e:7c:bc:13:03:9f:06:32:03:c0:53:dd:
d8:d5:d2:35:ea:8f:11:f6:ea:3f:6c:26:e9:c4:ad:
28:7e:34:65:af:08:34:7d:83:5e:cb:8f:3d:cf:6d:
9d:e8:8f:0b:3b:c7:46:12:f8:ca:ea:38:53:2c:1c:
ae:bf:68:09:bc:de:be:f9:65:e8:45:1e:3d:a1:f7:
c2:8d:4d:1e:0c:20:e8:6e:02:0c:bb:ea:28:7a:4e:
81:f3:17:d0:e3:18:f8:74:ea:92:29:ac:b3:b5:99:
2b:37:71:f9:23:d6:50:2d:e0:c4:2b:0e:b8:d3:4a:
eb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:64:F8:A8:A4:C2:2A:CE:30:E5:44:74:3B:72:3C:69:49:27:E0:F2
X509v3 Authority Key Identifier:
keyid:B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:91:40:ff:6b:74:f1:88:a5:c4:f9:39:34:f7:3d:a6:2f:52:
9e:9d:ab:28:ea:e3:4f:85:0e:41:45:37:55:86:b6:46:b1:77:
82:8a:8b:c0:57:9e:7f:7c:d6:8d:bc:4c:17:ea:5b:02:2a:40:
f5:6d:96:63:99:4a:df:2c:70:71:19:50:7d:21:15:6d:48:68:
4c:b0:8f:b9:59:af:9f:c7:b3:09:22:b6:03:93:89:c4:c0:fc:
e1:44:df:ed:09:69:22:08:0d:ff:d3:43:11:f5:46:83:5f:a6:
5f:62:da:83:59:8c:1e:b2:2b:ac:97:54:81:69:0e:71:0f:ae:
02:b4:00:19:5f:71:e5:9f:91:26:b3:c5:05:41:7b:40:60:e3:
a4:eb:f5:f2:b5:cb:10:d3:12:42:3d:28:1d:57:a1:c6:ea:43:
54:d6:9e:bf:15:e1:09:21:55:9b:7b:da:44:a6:52:7c:68:a6:
f6:8d:ee:e4:8c:79:9a:bc:88:c9:bb:2f:a3:5d:8b:a2:17:72:
1f:11:8c:9b:56:57:b7:f4:71:75:07:ee:af:4d:7a:73:8c:24:
53:92:0e:3d:ea:4e:87:08:fe:dd:f8:4a:7f:65:70:13:c6:ff:
f8:47:e7:a9:ac:9b:76:d8:cb:03:b8:f9:35:32:b7:d6:63:9b:
03:28:15:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc+Cv6iSmGQnA54DdCCWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTg0MWNkYzlmNjM1OTRkZGRjMmJhNTlhNDAxMzMxODJi
NTc5ZmEwHhcNMjUxMTA0MDYwMDMwWhcNMjUxMTA1MDYwMDMwWjAzMTEwLwYDVQQD
Eyg3OTY0ZjhhOGE0YzIyYWNlMzBlNTQ0NzQzYjcyM2M2OTQ5MjdlMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeZGrJHmvXroXDmAwhiiXivzOPEB
xH1Vy+4Yee+pB1NSKo8CIN+1OvYPoj1X1+p4SjSpFmwFb6nw+UGO9T1c4GuHZGMQ
xEejLmRFTfic9NKL4KhTi1PzKeslKlNhS8UFNRFapimV0JKRVwu3ImGk19j5Z+o1
dHGJFdT03iWI/Jv+YwPh2+HZgoJufLwTA58GMgPAU93Y1dI16o8R9uo/bCbpxK0o
fjRlrwg0fYNey489z22d6I8LO8dGEvjK6jhTLByuv2gJvN6++WXoRR49offCjU0e
DCDobgIMu+ooek6B8xfQ4xj4dOqSKayztZkrN3H5I9ZQLeDEKw6400rrdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHlk+KikwirOMOVEdDtyPGlJJ+DyMB8GA1UdIwQY
MBaAFLUYQc3J9jWU3dwrpZpAEzGCtXn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAt
NjkxMGYzOTlkMzhmLzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAtNjkxMGYzOTlkMzhm
LzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvJFA/2t0
8YilxPk5NPc9pi9Snp2rKOrjT4UOQUU3VYa2RrF3goqLwFeef3zWjbxMF+pbAipA
9W2WY5lK3yxwcRlQfSEVbUhoTLCPuVmvn8ezCSK2A5OJxMD84UTf7QlpIggN/9ND
EfVGg1+mX2Lag1mMHrIrrJdUgWkOcQ+uArQAGV9x5Z+RJrPFBUF7QGDjpOv18rXL
ENMSQj0oHVehxupDVNaevxXhCSFVm3vaRKZSfGim9o3u5Ix5mryIybsvo12Lohdy
HxGMm1ZXt/RxdQfur016c4wkU5IOPepOhwj+3fhKf2VwE8b/+EfnqaybdtjLA7j5
NTK31mObAygV8w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:51:03 2025 by rpki-client