Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
File: TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft (raw, json)
Hash identifier: MznshobtyAYHI3DaUy/63zIfiRIEq5VxEry+Q9jK6tY=
Subject key identifier: DA:F9:75:D9:38:32:BA:DE:1E:E5:FD:D9:A4:9E:AC:32:A2:E4:C1:E2
Authority key identifier: 4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
Certificate issuer: /CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Certificate serial: 019A5451EFDDF30BCDED50AD64CB91A72262
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
Manifest number: 0156
Signing time: Wed 05 Nov 2025 14:00:47 +0000
Manifest this update: Wed 05 Nov 2025 14:00:47 +0000
Manifest next update: Thu 06 Nov 2025 14:00:47 +0000
Files and hashes: 1: QQ_XASovNo3q1eWLyoB1-wbVIbw.roa (hash: +nHnAk51WEvv/rAlJaGO2P/ZVC3It8+Q00l0lZIdxpE=)
2: TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl (hash: 2ZmVRhQ2XwxDsbfxEFgolEjPPIb5hZKrB9P1QWSTjgU=)
3: nD6BDJDA_dWwFQl4pf7gAHlOGhg.roa (hash: 1WAvivFyuRPy1SS+2soFEsbLPwjNLXdysbcvAmnfq4I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:51:ef:dd:f3:0b:cd:ed:50:ad:64:cb:91:a7:22:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Validity
Not Before: Nov 5 14:00:47 2025 GMT
Not After : Nov 6 14:00:47 2025 GMT
Subject: CN=daf975d93832bade1ee5fdd9a49eac32a2e4c1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ce:ae:fb:35:cf:13:20:07:9d:1e:c6:19:35:
76:d7:c0:42:07:83:95:92:81:62:34:ce:ce:5a:fb:
ad:cd:36:eb:9e:88:36:b3:e1:48:fc:a5:20:89:1b:
2d:c3:d8:52:dd:51:a6:3a:0f:94:e7:d8:ba:4c:a7:
96:4f:20:55:9d:88:03:70:17:2f:d9:53:04:95:48:
0f:4f:1a:48:9b:05:03:2f:6e:f2:a7:94:bd:11:5a:
c0:5a:08:ce:23:59:32:d1:a3:d1:74:05:9d:6a:11:
4a:61:52:bf:5c:46:8f:28:f9:f3:61:0d:1d:48:5e:
e3:d6:5d:44:d1:d5:58:aa:4d:fe:4a:34:fe:6e:c9:
6b:99:cb:97:fa:20:f2:f7:71:34:be:b8:4e:dc:de:
29:8f:fd:d8:12:c3:8b:8c:6a:44:de:76:1d:6d:74:
1a:6f:1a:f8:6a:d8:5a:61:02:56:b9:40:06:b0:71:
7b:21:a8:fb:a7:ff:1f:0d:74:0c:5e:38:05:77:97:
d7:d7:c8:fd:90:3a:0e:50:b9:37:a4:4b:5f:ff:ad:
87:f3:dc:13:ae:bb:81:cc:87:68:1c:a4:76:ca:ed:
1f:51:10:f9:d4:c7:e1:db:b4:37:7e:f3:a4:76:5f:
42:de:80:39:bd:86:56:a7:f1:07:38:8b:a0:e2:79:
9e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F9:75:D9:38:32:BA:DE:1E:E5:FD:D9:A4:9E:AC:32:A2:E4:C1:E2
X509v3 Authority Key Identifier:
keyid:4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:46:35:73:5d:12:f1:cd:e6:eb:8b:51:8d:d0:3a:81:ae:df:
c3:fa:95:a7:60:60:a2:b9:29:0a:d3:fd:35:4a:46:34:bb:9d:
37:cd:40:58:4f:e3:27:06:ca:f9:f9:e4:31:56:29:78:d3:03:
38:9e:54:0d:6e:72:cb:e3:e6:d3:de:16:9a:0f:b7:6d:26:d6:
cf:9c:a8:40:7a:45:56:60:91:6a:5e:e2:49:9f:9c:e8:bd:13:
29:a3:32:6a:f8:f1:60:8d:e2:95:2e:5c:1f:c7:38:85:dd:12:
f3:57:72:b8:b0:a1:19:64:60:96:f9:44:a1:76:b5:d9:5c:c8:
02:c2:53:7a:17:71:36:98:4f:00:a8:1e:49:e3:ee:fc:8c:af:
6f:24:3e:d4:80:c7:c3:2c:0a:7d:bb:34:90:41:a4:bc:8d:18:
f8:9a:10:fd:5b:67:8e:a0:87:f3:f9:75:a3:11:6d:c0:3b:ab:
d8:94:e8:25:37:2f:39:f2:fc:b6:9b:c6:23:ac:fe:d4:07:25:
30:29:3a:21:d2:07:07:74:58:98:fe:f6:87:11:3e:a3:5b:29:
dd:2f:63:30:0a:af:74:ae:e4:eb:09:87:6e:6c:76:86:24:ce:
b1:a2:2d:6b:ee:7b:e3:f4:55:23:5d:3c:d4:ad:79:32:1e:e2:
9b:3e:63:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUUe/d8wvN7VCtZMuRpyJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjM2M2NjVlNTFjYzRjYjVjYWYwNWI4Mjk0ODQzZTI3MzNh
MTNkZWUwHhcNMjUxMTA1MTQwMDQ3WhcNMjUxMTA2MTQwMDQ3WjAzMTEwLwYDVQQD
EyhkYWY5NzVkOTM4MzJiYWRlMWVlNWZkZDlhNDllYWMzMmEyZTRjMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM6u+zXPEyAHnR7GGTV218BCB4OV
koFiNM7OWvutzTbrnog2s+FI/KUgiRstw9hS3VGmOg+U59i6TKeWTyBVnYgDcBcv
2VMElUgPTxpImwUDL27yp5S9EVrAWgjOI1ky0aPRdAWdahFKYVK/XEaPKPnzYQ0d
SF7j1l1E0dVYqk3+SjT+bslrmcuX+iDy93E0vrhO3N4pj/3YEsOLjGpE3nYdbXQa
bxr4athaYQJWuUAGsHF7Iaj7p/8fDXQMXjgFd5fX18j9kDoOULk3pEtf/62H89wT
rruBzIdoHKR2yu0fURD51Mfh27Q3fvOkdl9C3oA5vYZWp/EHOIug4nmeoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNr5ddk4MrreHuX92aSerDKi5MHiMB8GA1UdIwQY
MBaAFEw8Zl5RzEy1yvBbgpSEPiczoT3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUt
MWE2NWI5MWJlZTU4LzEvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUtMWE2NWI5MWJlZTU4
LzEvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakY1c10S
8c3m64tRjdA6ga7fw/qVp2BgorkpCtP9NUpGNLudN81AWE/jJwbK+fnkMVYpeNMD
OJ5UDW5yy+Pm094Wmg+3bSbWz5yoQHpFVmCRal7iSZ+c6L0TKaMyavjxYI3ilS5c
H8c4hd0S81dyuLChGWRglvlEoXa12VzIAsJTehdxNphPAKgeSePu/IyvbyQ+1IDH
wywKfbs0kEGkvI0Y+JoQ/VtnjqCH8/l1oxFtwDur2JToJTcvOfL8tpvGI6z+1Acl
MCk6IdIHB3RYmP72hxE+o1sp3S9jMAqvdK7k6wmHbmx2hiTOsaIta+574/RVI108
1K15Mh7imz5jVg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:20:40 2025 by rpki-client