Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
File: tKfQVIK4TTu2BPCZvK-eftNGiJo.mft (raw, json)
Hash identifier: A66BcsLHXGqcXD4+G5B0KED+X4B5GyFvp0+IS+M13oQ=
Subject key identifier: E4:E5:6E:03:59:FA:77:6E:AB:2C:7E:A7:BD:72:C2:0C:BC:C4:02:DF
Authority key identifier: B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
Certificate issuer: /CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Certificate serial: 019A4F990318EF19436659637C53645B53DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
Manifest number: 170B
Signing time: Tue 04 Nov 2025 16:00:19 +0000
Manifest this update: Tue 04 Nov 2025 16:00:19 +0000
Manifest next update: Wed 05 Nov 2025 16:00:19 +0000
Files and hashes: 1: ojB_2XE9-VR6PiNiRu6ANmUyiuo.roa (hash: YbnnkO0HBRUHzkxo3r5IQRGQe30uxmuUwdAmB24B6sc=)
2: tKfQVIK4TTu2BPCZvK-eftNGiJo.crl (hash: buiC59wss2UqZjHYhmYn/ycQWyGy2sRRLGbnDt39lm4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:03:18:ef:19:43:66:59:63:7c:53:64:5b:53:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Validity
Not Before: Nov 4 16:00:19 2025 GMT
Not After : Nov 5 16:00:19 2025 GMT
Subject: CN=e4e56e0359fa776eab2c7ea7bd72c20cbcc402df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:60:c2:77:14:d1:59:d1:2d:55:1e:eb:9b:12:
3d:23:16:4d:45:8f:f8:4c:40:f9:40:52:80:01:ea:
5c:9e:a2:d2:6d:d1:71:81:ab:7c:6c:bc:f6:85:03:
8f:58:43:7f:a1:6e:a8:9b:89:17:b7:68:9a:29:fd:
39:13:b0:50:c7:5c:e8:88:e1:c6:10:20:b0:e5:88:
e3:09:cd:58:f8:30:e2:81:71:2c:17:e7:16:5e:f1:
1c:d1:76:fb:26:4a:a0:33:b5:d2:58:fa:7f:d2:da:
f7:58:43:26:4f:ac:c8:66:bc:e4:c5:f8:97:60:60:
39:2a:2f:1a:91:3a:7b:48:92:2b:5f:75:4e:74:ed:
b8:98:47:7e:95:e5:d6:29:45:a5:49:21:c4:15:e3:
4b:6e:c4:7d:2f:a9:bb:b1:96:f4:4c:54:c5:77:cc:
57:91:78:8d:54:a5:05:80:82:80:9f:dd:ee:c4:78:
4e:6d:ac:b6:53:62:43:0c:48:c3:e5:95:cd:f0:4e:
25:5c:bc:6f:ce:0a:a3:94:8b:d4:02:75:9d:f1:43:
2e:72:9a:06:1b:74:7b:4d:7d:5d:0c:0b:40:6c:e0:
8f:74:6e:b7:ac:39:24:c9:6e:ca:58:fc:12:57:d9:
d8:b4:0f:5d:74:9b:61:66:51:6e:54:5a:a5:37:61:
c6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E5:6E:03:59:FA:77:6E:AB:2C:7E:A7:BD:72:C2:0C:BC:C4:02:DF
X509v3 Authority Key Identifier:
keyid:B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:51:a6:2d:07:29:98:89:a6:0c:a4:25:12:ea:0a:b2:b9:3a:
22:4d:ba:fd:8f:b7:d5:63:96:55:bc:30:8a:f3:00:21:5f:fb:
ed:f2:ee:4f:89:89:d3:b6:4b:c5:d7:6e:8d:f9:a7:e8:ef:4e:
39:31:4c:81:1f:99:ed:31:dd:29:42:41:f2:55:6d:66:40:42:
f6:d2:da:50:04:22:7e:96:2f:5f:78:96:46:1d:7a:11:ea:95:
14:15:ee:59:f3:4c:de:61:41:e8:b0:7c:f7:3b:07:1a:94:3c:
f9:93:39:92:7d:73:21:b0:0c:d8:ef:a0:c5:a6:d5:d6:32:5d:
fc:ac:79:72:c6:73:ec:17:4c:a8:2a:22:c4:dc:00:39:1e:dc:
7f:41:03:eb:98:89:41:31:9d:f6:3e:e2:18:da:9b:c2:c2:90:
bf:c3:1e:b2:76:8c:1a:0f:10:8a:37:28:45:3f:85:a9:d2:8a:
61:c2:e7:cd:26:9f:d3:bb:8a:0c:1f:9b:02:8f:b1:b5:f5:a1:
48:68:e9:b3:1f:26:42:fb:2a:30:c0:cb:39:de:76:e5:eb:34:
db:5a:ac:45:a4:4a:5e:d3:9b:e7:43:00:5b:24:7b:f6:63:ca:
1a:3a:21:96:06:11:2c:9c:b2:6b:e3:10:4e:81:ba:63:28:9b:
57:c7:f4:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmQMY7xlDZlljfFNkW1PcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTdkMDU0ODJiODRkM2JiNjA0ZjA5OWJjYWY5ZTdlZDM0
Njg4OWEwHhcNMjUxMTA0MTYwMDE5WhcNMjUxMTA1MTYwMDE5WjAzMTEwLwYDVQQD
EyhlNGU1NmUwMzU5ZmE3NzZlYWIyYzdlYTdiZDcyYzIwY2JjYzQwMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32DCdxTRWdEtVR7rmxI9IxZNRY/4
TED5QFKAAepcnqLSbdFxgat8bLz2hQOPWEN/oW6om4kXt2iaKf05E7BQx1zoiOHG
ECCw5YjjCc1Y+DDigXEsF+cWXvEc0Xb7JkqgM7XSWPp/0tr3WEMmT6zIZrzkxfiX
YGA5Ki8akTp7SJIrX3VOdO24mEd+leXWKUWlSSHEFeNLbsR9L6m7sZb0TFTFd8xX
kXiNVKUFgIKAn93uxHhObay2U2JDDEjD5ZXN8E4lXLxvzgqjlIvUAnWd8UMucpoG
G3R7TX1dDAtAbOCPdG63rDkkyW7KWPwSV9nYtA9ddJthZlFuVFqlN2HGhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTlbgNZ+nduqyx+p71ywgy8xALfMB8GA1UdIwQY
MBaAFLSn0FSCuE07tgTwmbyvnn7TRoiaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAt
YzUzMjE5NWVlZjQ5LzEvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAtYzUzMjE5NWVlZjQ5
LzEvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi1GmLQcp
mImmDKQlEuoKsrk6Ik26/Y+31WOWVbwwivMAIV/77fLuT4mJ07ZLxddujfmn6O9O
OTFMgR+Z7THdKUJB8lVtZkBC9tLaUAQifpYvX3iWRh16EeqVFBXuWfNM3mFB6LB8
9zsHGpQ8+ZM5kn1zIbAM2O+gxabV1jJd/Kx5csZz7BdMqCoixNwAOR7cf0ED65iJ
QTGd9j7iGNqbwsKQv8MesnaMGg8QijcoRT+FqdKKYcLnzSaf07uKDB+bAo+xtfWh
SGjpsx8mQvsqMMDLOd525es021qsRaRKXtOb50MAWyR79mPKGjohlgYRLJyya+MQ
ToG6YyibV8f00w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:42:38 2025 by rpki-client