Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft
File: tOiC9xca9tzczJzXn5jexnV_4Yk.mft (raw, json)
Hash identifier: XvUPbnb5PYfd9X9L0W316kQYNwG/fx4qdNLaeVCZX38=
Subject key identifier: 9D:E0:49:E0:AA:E9:72:40:4C:BC:A9:85:BF:1A:67:08:4B:8A:DF:98
Authority key identifier: B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
Certificate issuer: /CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Certificate serial: 019A4DAB03AB8842CE4279D1801F78E7E07C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft
Manifest number: 170A
Signing time: Tue 04 Nov 2025 07:00:44 +0000
Manifest this update: Tue 04 Nov 2025 07:00:44 +0000
Manifest next update: Wed 05 Nov 2025 07:00:44 +0000
Files and hashes: 1: WmxX7pBfpD5c2m2kHOUO4M_bBgA.roa (hash: q0DpW8XtR4IxHRwLJz0IGFkpb8cJ4HYo8d4HsEmNl8o=)
2: tOiC9xca9tzczJzXn5jexnV_4Yk.crl (hash: Cz1V6kqBiHYXCk9/1/izqtsHXx2DfYhce0PcuzFC1lw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:ab:03:ab:88:42:ce:42:79:d1:80:1f:78:e7:e0:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Validity
Not Before: Nov 4 07:00:44 2025 GMT
Not After : Nov 5 07:00:44 2025 GMT
Subject: CN=9de049e0aae972404cbca985bf1a67084b8adf98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0a:bf:00:79:af:75:9c:4c:0d:e5:79:2f:dd:
2f:61:cb:6c:66:03:ef:5b:2a:d0:ed:29:85:9b:21:
52:29:56:1d:16:71:3c:7b:6d:72:4a:02:04:7d:af:
35:db:a5:2f:1e:88:28:3f:3d:d9:30:36:f8:39:7c:
da:43:fa:aa:e7:32:43:e5:13:cb:01:aa:e2:8d:56:
ce:de:14:27:6b:8d:51:19:bf:7f:45:37:2e:df:82:
92:8e:17:c0:3d:d2:e2:a5:23:c0:ec:04:27:9a:d9:
e7:b8:e0:e6:17:b1:0d:b7:f5:3d:2a:37:23:ef:c2:
03:4e:fa:62:11:11:b8:4d:b6:da:f7:73:7a:81:84:
04:36:7f:cb:a6:da:27:00:40:7c:ba:31:ff:7b:6e:
55:14:d1:cc:e0:6d:6b:89:50:66:a3:67:8b:1f:b2:
af:c0:b5:ee:92:fd:3d:81:8b:88:17:eb:76:c8:1a:
ac:12:e6:f8:72:6e:6a:38:5d:4b:08:06:6f:53:b0:
06:16:6c:3e:20:57:80:ae:4d:f5:7c:59:e1:dd:88:
30:1f:99:d6:aa:dc:bd:3d:d7:b3:68:f5:0f:bb:bb:
0d:29:df:a7:ac:8f:db:88:df:f2:07:5e:66:af:24:
8f:28:b9:b8:b1:bf:a2:23:72:b0:19:9d:01:57:0f:
b4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E0:49:E0:AA:E9:72:40:4C:BC:A9:85:BF:1A:67:08:4B:8A:DF:98
X509v3 Authority Key Identifier:
keyid:B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:d5:f1:32:ae:03:ba:2a:4f:fc:b3:5b:7b:7b:62:58:4f:2f:
70:63:bf:0f:de:f5:b1:97:eb:b8:29:a1:a0:a3:44:35:44:9a:
63:13:5e:85:1d:67:02:6f:4c:8e:67:9b:57:c6:d8:9b:7e:7f:
a0:57:52:2d:4f:df:1c:e7:12:02:fc:d7:45:6a:81:64:a8:0e:
87:6d:b9:b6:df:4a:d0:b4:65:e5:83:92:ef:e4:6c:d1:b7:73:
fc:69:de:65:fb:13:99:d9:30:3f:da:3f:62:73:41:16:e7:b6:
51:5a:59:37:c0:7b:57:07:ed:9d:48:3f:a0:ee:35:9b:9c:53:
6a:b5:07:f2:3c:98:f7:ab:4f:2d:7b:1c:04:44:41:c7:e2:49:
49:ee:b9:30:37:57:ad:cd:58:52:02:a7:cd:95:fd:0a:65:84:
23:f5:05:64:0b:a9:e6:bb:2a:b6:ac:97:da:9e:d1:b5:d1:7c:
7f:a7:7b:3a:3f:0d:d5:8f:e6:d9:27:22:b4:4f:82:95:a0:b8:
d9:80:e3:a0:75:a7:d3:5a:46:f8:fe:51:79:00:a4:82:8a:da:
3d:6e:69:48:32:35:00:e5:ea:4c:3c:22:39:8e:b5:a2:fa:92:
af:bf:a7:62:3e:6e:9e:f9:c3:ac:f4:50:48:e4:a3:9a:0c:99:
ed:24:6f:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqwOriELOQnnRgB945+B8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTg4MmY3MTcxYWY2ZGNkY2NjOWNkNzlmOThkZWM2NzU3
ZmUxODkwHhcNMjUxMTA0MDcwMDQ0WhcNMjUxMTA1MDcwMDQ0WjAzMTEwLwYDVQQD
Eyg5ZGUwNDllMGFhZTk3MjQwNGNiY2E5ODViZjFhNjcwODRiOGFkZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wq/AHmvdZxMDeV5L90vYctsZgPv
WyrQ7SmFmyFSKVYdFnE8e21ySgIEfa8126UvHogoPz3ZMDb4OXzaQ/qq5zJD5RPL
AarijVbO3hQna41RGb9/RTcu34KSjhfAPdLipSPA7AQnmtnnuODmF7ENt/U9Kjcj
78IDTvpiERG4Tbba93N6gYQENn/LptonAEB8ujH/e25VFNHM4G1riVBmo2eLH7Kv
wLXukv09gYuIF+t2yBqsEub4cm5qOF1LCAZvU7AGFmw+IFeArk31fFnh3YgwH5nW
qty9PdezaPUPu7sNKd+nrI/biN/yB15mrySPKLm4sb+iI3KwGZ0BVw+0qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3gSeCq6XJATLyphb8aZwhLit+YMB8GA1UdIwQY
MBaAFLTogvcXGvbc3Myc15+Y3sZ1f+GJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAt
ZmVmZThlMzQwMDZjLzEvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAtZmVmZThlMzQwMDZj
LzEvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGNXxMq4D
uipP/LNbe3tiWE8vcGO/D971sZfruCmhoKNENUSaYxNehR1nAm9MjmebV8bYm35/
oFdSLU/fHOcSAvzXRWqBZKgOh225tt9K0LRl5YOS7+Rs0bdz/GneZfsTmdkwP9o/
YnNBFue2UVpZN8B7VwftnUg/oO41m5xTarUH8jyY96tPLXscBERBx+JJSe65MDdX
rc1YUgKnzZX9CmWEI/UFZAup5rsqtqyX2p7RtdF8f6d7Oj8N1Y/m2ScitE+ClaC4
2YDjoHWn01pG+P5ReQCkgoraPW5pSDI1AOXqTDwiOY61ovqSr7+nYj5unvnDrPRQ
SOSjmgyZ7SRvoA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:31:28 2025 by rpki-client