Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9041b7-f543-4c63-8e2b-366a9761ea20/1/TqWy83Ukw9ONyApx2PAB7SxF6Jw.mft
File: TqWy83Ukw9ONyApx2PAB7SxF6Jw.mft (raw, json)
Hash identifier: GE6Burx1Q90X6z+Cru1KAvBrhwN/lvNivBPujM9SGOo=
Subject key identifier: D8:19:B8:D0:FC:6A:1A:A4:13:D2:CE:CB:2B:1D:91:E1:1B:30:E3:37
Authority key identifier: 4E:A5:B2:F3:75:24:C3:D3:8D:C8:0A:71:D8:F0:01:ED:2C:45:E8:9C
Certificate issuer: /CN=4ea5b2f37524c3d38dc80a71d8f001ed2c45e89c
Certificate serial: 019A4F99752CC829C7B3EFB2D091C0E5A28B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqWy83Ukw9ONyApx2PAB7SxF6Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9041b7-f543-4c63-8e2b-366a9761ea20/1/TqWy83Ukw9ONyApx2PAB7SxF6Jw.mft
Manifest number: 14D3
Signing time: Tue 04 Nov 2025 16:00:48 +0000
Manifest this update: Tue 04 Nov 2025 16:00:48 +0000
Manifest next update: Wed 05 Nov 2025 16:00:48 +0000
Files and hashes: 1: HJZuFg-aBDGic40vRoWhakH94Zo.roa (hash: b1vEsVgABbRc+hOZI2FcJP4+qO85CVqkQZmViTsB2bU=)
2: TqWy83Ukw9ONyApx2PAB7SxF6Jw.crl (hash: yh6ZVywikj+PlhaU58gQ1mmAk1a3QExlgOALULWhEUk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/9041b7-f543-4c63-8e2b-366a9761ea20/1/TqWy83Ukw9ONyApx2PAB7SxF6Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/9041b7-f543-4c63-8e2b-366a9761ea20/1/TqWy83Ukw9ONyApx2PAB7SxF6Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqWy83Ukw9ONyApx2PAB7SxF6Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:75:2c:c8:29:c7:b3:ef:b2:d0:91:c0:e5:a2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea5b2f37524c3d38dc80a71d8f001ed2c45e89c
Validity
Not Before: Nov 4 16:00:48 2025 GMT
Not After : Nov 5 16:00:48 2025 GMT
Subject: CN=d819b8d0fc6a1aa413d2cecb2b1d91e11b30e337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b8:13:ee:a9:47:90:d2:28:b1:6f:a1:e4:b4:
b3:26:0e:1f:a6:c5:46:9e:19:51:f2:30:5c:d9:28:
3a:ff:33:ae:4b:e0:d0:f8:05:2e:fc:b7:d2:56:4d:
9a:7c:f7:f8:49:98:a3:7b:fa:4b:39:05:e6:d0:bb:
86:28:01:08:d7:30:0d:ae:59:06:89:44:51:89:58:
91:7d:3e:8c:fc:1e:08:5f:a5:79:f8:f2:fd:46:c4:
f8:a8:e6:3b:ce:eb:b1:2a:00:c3:94:28:57:23:d6:
6a:89:d4:f6:21:6a:2b:e9:51:95:43:1c:cd:ed:fb:
5a:a5:b9:06:37:aa:98:4f:e8:21:84:06:50:5f:e3:
28:11:c3:9f:cb:53:86:d7:04:01:3c:7c:33:fa:2a:
6e:30:d0:0c:ca:d4:f1:8e:34:f5:17:24:03:8d:63:
a6:47:4a:ad:23:38:60:5c:8d:09:d8:0a:78:f6:fa:
20:d3:65:ff:51:b9:d3:de:a1:83:0f:5e:e3:49:bc:
ad:f3:0a:04:c9:e7:5b:a8:4d:40:60:af:02:60:68:
47:e9:17:7f:ec:ea:99:81:d8:db:03:b7:91:ee:50:
ec:2a:64:3a:b4:37:75:03:e4:96:27:5a:f7:41:9c:
a6:f8:38:7a:ae:2f:c3:12:13:8a:e5:bf:76:81:b1:
a3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:19:B8:D0:FC:6A:1A:A4:13:D2:CE:CB:2B:1D:91:E1:1B:30:E3:37
X509v3 Authority Key Identifier:
keyid:4E:A5:B2:F3:75:24:C3:D3:8D:C8:0A:71:D8:F0:01:ED:2C:45:E8:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqWy83Ukw9ONyApx2PAB7SxF6Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9041b7-f543-4c63-8e2b-366a9761ea20/1/TqWy83Ukw9ONyApx2PAB7SxF6Jw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9041b7-f543-4c63-8e2b-366a9761ea20/1/TqWy83Ukw9ONyApx2PAB7SxF6Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:62:b0:06:81:5b:7c:ed:d9:52:5e:15:65:cd:5f:9f:82:80:
05:c7:4b:9a:fb:15:bc:50:d3:01:ed:87:fe:c4:64:19:e1:84:
3a:10:2e:71:e0:29:4a:12:99:30:34:27:d7:ab:a7:b9:79:a4:
44:8d:21:cb:ec:a0:a1:a9:c7:ac:fd:00:38:aa:12:54:10:11:
69:4b:12:24:a8:2a:f3:6c:5d:3f:d0:fa:05:13:0e:1e:21:eb:
30:ee:38:f6:95:38:54:89:f6:27:fd:69:75:b9:cc:0d:5d:cb:
13:35:90:0d:7e:4a:62:e5:c1:1b:2e:50:31:41:ab:5a:67:b1:
25:c9:d6:ba:ab:57:d2:da:3b:94:c3:11:e3:24:49:5c:c0:f7:
7a:2a:72:4f:73:fd:48:81:44:e9:19:69:90:e5:4e:73:97:70:
2b:58:4f:d6:aa:db:5f:2e:17:f2:1e:4b:50:1b:70:c1:0d:11:
05:eb:9c:7c:59:48:08:12:9e:48:0d:85:1b:27:41:55:0e:3f:
6c:dc:3d:7d:57:4f:5f:34:d8:67:f6:74:11:a7:1d:9d:36:1f:
b1:48:bd:af:c4:97:22:d3:d6:58:96:71:f8:ee:c1:95:a4:fa:
27:0a:df:10:f1:40:5a:4e:33:4b:b4:3e:77:81:c4:fe:a8:4a:
92:41:0f:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmXUsyCnHs++y0JHA5aKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTViMmYzNzUyNGMzZDM4ZGM4MGE3MWQ4ZjAwMWVkMmM0
NWU4OWMwHhcNMjUxMTA0MTYwMDQ4WhcNMjUxMTA1MTYwMDQ4WjAzMTEwLwYDVQQD
EyhkODE5YjhkMGZjNmExYWE0MTNkMmNlY2IyYjFkOTFlMTFiMzBlMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7gT7qlHkNIosW+h5LSzJg4fpsVG
nhlR8jBc2Sg6/zOuS+DQ+AUu/LfSVk2afPf4SZije/pLOQXm0LuGKAEI1zANrlkG
iURRiViRfT6M/B4IX6V5+PL9RsT4qOY7zuuxKgDDlChXI9ZqidT2IWor6VGVQxzN
7ftapbkGN6qYT+ghhAZQX+MoEcOfy1OG1wQBPHwz+ipuMNAMytTxjjT1FyQDjWOm
R0qtIzhgXI0J2Ap49vog02X/UbnT3qGDD17jSbyt8woEyedbqE1AYK8CYGhH6Rd/
7OqZgdjbA7eR7lDsKmQ6tDd1A+SWJ1r3QZym+Dh6ri/DEhOK5b92gbGj7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgZuND8ahqkE9LOyysdkeEbMOM3MB8GA1UdIwQY
MBaAFE6lsvN1JMPTjcgKcdjwAe0sReicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFXeTgzVWt3OU9OeUFweDJQQUI3U3hGNkp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85MDQxYjctZjU0My00YzYzLThlMmIt
MzY2YTk3NjFlYTIwLzEvVHFXeTgzVWt3OU9OeUFweDJQQUI3U3hGNkp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85MDQxYjctZjU0My00YzYzLThlMmItMzY2YTk3NjFlYTIw
LzEvVHFXeTgzVWt3OU9OeUFweDJQQUI3U3hGNkp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhmKwBoFb
fO3ZUl4VZc1fn4KABcdLmvsVvFDTAe2H/sRkGeGEOhAuceApShKZMDQn16unuXmk
RI0hy+ygoanHrP0AOKoSVBARaUsSJKgq82xdP9D6BRMOHiHrMO449pU4VIn2J/1p
dbnMDV3LEzWQDX5KYuXBGy5QMUGrWmexJcnWuqtX0to7lMMR4yRJXMD3eipyT3P9
SIFE6RlpkOVOc5dwK1hP1qrbXy4X8h5LUBtwwQ0RBeucfFlICBKeSA2FGydBVQ4/
bNw9fVdPXzTYZ/Z0EacdnTYfsUi9r8SXItPWWJZx+O7BlaT6JwrfEPFAWk4zS7Q+
d4HE/qhKkkEPpg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:22:19 2025 by rpki-client