Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json)
Hash identifier: 6WTIoHQilOSJOCwE8a2mIFcB0jpOoBexFZFSJsYL0Ms=
Subject key identifier: B8:AD:5A:85:AE:F0:71:08:55:01:6E:27:3B:5B:ED:90:7A:7D:81:D4
Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623
Certificate serial: 019A522C3946637F0D00BACE2D47A4488FD7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
Manifest number: 16A0
Signing time: Wed 05 Nov 2025 04:00:21 +0000
Manifest this update: Wed 05 Nov 2025 04:00:21 +0000
Manifest next update: Thu 06 Nov 2025 04:00:21 +0000
Files and hashes: 1: JiqQ-b59vNl0MF5eVXzf0TfeO3c.roa (hash: OKAd29RpT9wnjVFO/8cLOZm/b/ev+jNX/rx5kLKiews=)
2: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: vwgn4x78sAgLzzbYp1nrVBA61PKR7NFHz8xHqttfH2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:2c:39:46:63:7f:0d:00:ba:ce:2d:47:a4:48:8f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fed77339d938bef087599293c201b3b9f8223623
Validity
Not Before: Nov 5 04:00:21 2025 GMT
Not After : Nov 6 04:00:21 2025 GMT
Subject: CN=b8ad5a85aef0710855016e273b5bed907a7d81d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:8e:43:a9:6d:c0:4b:0d:9d:7e:8d:aa:7f:
27:be:de:20:8d:65:70:80:42:68:6e:c0:d9:16:26:
d0:7a:71:94:2d:d9:35:00:3f:5f:fa:9a:cc:e5:34:
ed:ea:c3:db:b4:01:a2:09:12:22:0e:2c:01:87:e0:
22:a7:c9:10:2a:9e:83:33:77:ff:e9:ca:73:34:1a:
88:f8:6d:c2:b1:70:21:d5:16:2b:6a:a5:c6:56:92:
88:4f:95:0f:8d:2d:ee:53:2c:c9:3c:6f:31:3c:33:
aa:ef:d2:09:c7:74:59:97:d6:09:79:3e:8e:d3:d8:
ff:1a:b8:5a:83:32:c4:b7:09:dd:df:72:8f:e5:1e:
3e:67:8b:9b:9c:70:25:2c:69:e2:1b:bc:24:23:49:
a0:f4:35:88:94:77:b6:3b:26:ca:ae:d0:9d:f8:7a:
ec:0f:f1:07:93:af:a3:0f:7e:97:26:4e:9c:3a:5a:
b7:3b:b7:af:6f:9d:94:4d:27:88:a2:58:56:39:54:
fd:a5:24:ff:b6:5a:05:c1:ec:65:57:65:d1:d6:59:
bd:ca:c7:dd:dd:d6:59:1d:80:5b:f8:09:ea:8e:4d:
14:ce:6e:ff:be:f4:8d:3b:fd:2e:3f:29:c5:4c:45:
2b:75:af:fc:2b:28:88:ed:82:03:b2:84:fd:80:ac:
e4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AD:5A:85:AE:F0:71:08:55:01:6E:27:3B:5B:ED:90:7A:7D:81:D4
X509v3 Authority Key Identifier:
keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:5c:02:04:98:22:ee:f1:f4:9f:93:8f:c7:d9:aa:14:e2:f7:
13:13:22:7d:a7:e9:ba:36:b1:89:d0:06:b1:ed:7b:cd:79:db:
f7:24:3f:9f:ad:20:26:15:4c:83:d1:93:b5:3b:11:b9:e1:a6:
46:a6:57:2a:a7:61:b1:ab:2e:71:49:6e:c7:3c:91:4c:6a:05:
64:00:fb:88:8d:a7:27:df:ea:1c:53:f7:01:98:1f:bb:64:de:
26:f6:03:88:ea:5d:a2:16:d4:aa:3c:af:fe:85:e5:3f:bb:b1:
2a:1a:3b:c7:d6:26:45:9d:cb:0f:23:a4:b1:54:e5:a5:2c:54:
72:a7:65:57:5b:86:33:81:45:c8:ef:64:62:ef:b6:0f:62:ca:
91:63:d0:47:c9:a4:e0:3e:da:25:35:b1:d7:46:6c:33:74:f8:
f6:eb:56:09:af:48:1c:42:e5:ab:7e:ca:4d:3f:16:eb:9b:ea:
b0:cd:0f:40:b8:c1:3e:65:94:50:64:91:2f:42:68:c6:80:9e:
3d:b8:0f:0d:76:d1:9b:c1:f0:22:4f:82:22:a9:46:43:92:1a:
09:cd:d6:1d:8f:27:6e:57:60:08:9d:ac:22:ca:00:dc:6d:b9:
df:63:e3:8f:60:2b:d6:f4:c9:28:56:11:1e:de:3c:ed:40:b4:
a8:43:42:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLDlGY38NALrOLUekSI/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy
MjM2MjMwHhcNMjUxMTA1MDQwMDIxWhcNMjUxMTA2MDQwMDIxWjAzMTEwLwYDVQQD
EyhiOGFkNWE4NWFlZjA3MTA4NTUwMTZlMjczYjViZWQ5MDdhN2Q4MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8iOQ6ltwEsNnX6Nqn8nvt4gjWVw
gEJobsDZFibQenGULdk1AD9f+prM5TTt6sPbtAGiCRIiDiwBh+Aip8kQKp6DM3f/
6cpzNBqI+G3CsXAh1RYraqXGVpKIT5UPjS3uUyzJPG8xPDOq79IJx3RZl9YJeT6O
09j/GrhagzLEtwnd33KP5R4+Z4ubnHAlLGniG7wkI0mg9DWIlHe2OybKrtCd+Hrs
D/EHk6+jD36XJk6cOlq3O7evb52UTSeIolhWOVT9pST/tloFwexlV2XR1lm9ysfd
3dZZHYBb+Anqjk0Uzm7/vvSNO/0uPynFTEUrda/8KyiI7YIDsoT9gKzkFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLitWoWu8HEIVQFuJztb7ZB6fYHUMB8GA1UdIwQY
MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt
ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1
LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAllwCBJgi
7vH0n5OPx9mqFOL3ExMifafpujaxidAGse17zXnb9yQ/n60gJhVMg9GTtTsRueGm
RqZXKqdhsasucUluxzyRTGoFZAD7iI2nJ9/qHFP3AZgfu2TeJvYDiOpdohbUqjyv
/oXlP7uxKho7x9YmRZ3LDyOksVTlpSxUcqdlV1uGM4FFyO9kYu+2D2LKkWPQR8mk
4D7aJTWx10ZsM3T49utWCa9IHELlq37KTT8W65vqsM0PQLjBPmWUUGSRL0JoxoCe
PbgPDXbRm8HwIk+CIqlGQ5IaCc3WHY8nbldgCJ2sIsoA3G2532Pjj2Ar1vTJKFYR
Ht487UC0qENCDw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:32:33 2025 by rpki-client