Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
File: TRMSiBUQNXRBfKenBBLaOrO4RRE.mft (raw, json)
Hash identifier: 4szv3N0/Cu1q01xwj17oaAkYWQ/yb4fGcvRiKdwX0kc=
Subject key identifier: 57:B3:20:EA:D8:EF:C8:03:FF:B1:E6:C2:D6:FF:C5:E9:1C:52:77:47
Authority key identifier: 4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
Certificate issuer: /CN=4d13128815103574417ca7a70412da3ab3b84511
Certificate serial: 019A4D73E507FAE32E3F02CFEF99312B0BFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
Manifest number: 170F
Signing time: Tue 04 Nov 2025 06:00:32 +0000
Manifest this update: Tue 04 Nov 2025 06:00:32 +0000
Manifest next update: Wed 05 Nov 2025 06:00:32 +0000
Files and hashes: 1: RbRcN6wl0nEFVsWYx8c9XyFYSpY.roa (hash: BVR+Y8S7WJeuusRjWoFe5ZeYBx8jVE+CDBxd/rFYYkU=)
2: TRMSiBUQNXRBfKenBBLaOrO4RRE.crl (hash: MbE32HHqkXCgDG2nDitqhYWLQkKhYmsTYh4gw5V+HOI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:e5:07:fa:e3:2e:3f:02:cf:ef:99:31:2b:0b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d13128815103574417ca7a70412da3ab3b84511
Validity
Not Before: Nov 4 06:00:32 2025 GMT
Not After : Nov 5 06:00:32 2025 GMT
Subject: CN=57b320ead8efc803ffb1e6c2d6ffc5e91c527747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:d1:09:c9:bd:59:72:15:b3:66:7c:82:83:
bc:7e:62:53:ba:af:f5:1c:44:34:d9:d8:e9:ef:34:
1a:32:81:0b:b3:7c:fe:d3:4f:af:2f:ee:62:72:41:
39:a2:e0:22:f2:9c:55:bc:2b:b0:ee:df:3a:82:12:
40:9b:76:f2:be:2c:20:cb:ad:b3:6d:a0:99:61:b0:
13:e9:f9:c7:7f:2c:4e:07:2d:b1:84:14:47:47:65:
c3:98:5e:e5:6e:27:02:b5:d3:14:f0:28:c6:36:4e:
a6:27:cf:0a:e8:55:af:24:52:ba:27:49:88:a1:bc:
5d:51:7c:09:22:42:73:49:03:64:9c:88:62:51:cf:
b2:80:93:d5:74:cc:a7:ad:f7:a6:b8:a2:f3:12:6a:
41:f1:3a:8b:72:4f:e8:d0:ca:27:88:a4:76:6c:c4:
90:e7:16:3e:ee:32:0d:11:92:84:f8:0b:0d:e4:5d:
da:c2:34:44:99:bc:dd:3d:99:42:d6:84:ff:8e:71:
6e:4c:3a:42:cc:5c:cd:95:8c:95:0e:9e:65:1b:3c:
71:83:89:4c:c5:0f:f1:e9:d9:3a:77:54:ea:07:4f:
73:a5:56:87:41:78:de:1b:f1:22:83:1f:0c:40:30:
15:5f:45:ed:58:e1:26:a4:84:f3:ba:56:33:e2:cb:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B3:20:EA:D8:EF:C8:03:FF:B1:E6:C2:D6:FF:C5:E9:1C:52:77:47
X509v3 Authority Key Identifier:
keyid:4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:f2:53:00:45:31:97:29:16:9f:63:e8:60:20:65:d5:eb:5b:
03:12:4a:7f:61:fc:22:00:cb:71:50:bd:39:16:55:81:15:f2:
d6:99:23:62:01:80:f9:41:83:7a:6e:75:23:8e:a9:d2:24:ef:
ac:fb:56:e9:be:0d:a9:53:06:b8:e7:25:9b:77:19:aa:38:15:
34:e6:87:7a:72:7a:be:5c:54:48:7b:d8:bd:3e:7a:45:e7:65:
49:f4:76:29:e5:92:a5:d9:4c:80:fd:af:5e:27:38:33:8b:56:
2d:f7:37:cf:b3:67:59:17:f4:28:9f:a5:29:ab:bb:a8:9d:36:
68:e6:af:83:3b:97:76:6a:27:d6:40:6e:d5:47:15:bc:00:f8:
bf:57:e9:e2:82:b6:be:6d:e0:11:18:dc:06:3f:2d:89:36:57:
a2:be:f7:64:2f:4b:46:1d:f8:fd:f1:ee:b0:08:26:16:7f:f0:
fb:6a:89:64:87:55:84:95:7d:5d:ef:b2:40:c7:e6:83:b3:34:
29:a6:65:4c:00:23:b0:ff:7f:7c:b8:f1:82:f9:23:52:4a:bd:
bb:75:7b:46:d1:2c:af:46:d3:43:37:03:36:a4:38:ef:76:f8:
bf:55:7c:77:c5:a8:00:0e:47:6f:6d:c6:28:07:28:dd:46:58:
4c:f4:c2:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc+UH+uMuPwLP75kxKwv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTMxMjg4MTUxMDM1NzQ0MTdjYTdhNzA0MTJkYTNhYjNi
ODQ1MTEwHhcNMjUxMTA0MDYwMDMyWhcNMjUxMTA1MDYwMDMyWjAzMTEwLwYDVQQD
Eyg1N2IzMjBlYWQ4ZWZjODAzZmZiMWU2YzJkNmZmYzVlOTFjNTI3NzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkzRCcm9WXIVs2Z8goO8fmJTuq/1
HEQ02djp7zQaMoELs3z+00+vL+5ickE5ouAi8pxVvCuw7t86ghJAm3byviwgy62z
baCZYbAT6fnHfyxOBy2xhBRHR2XDmF7lbicCtdMU8CjGNk6mJ88K6FWvJFK6J0mI
obxdUXwJIkJzSQNknIhiUc+ygJPVdMynrfemuKLzEmpB8TqLck/o0MoniKR2bMSQ
5xY+7jINEZKE+AsN5F3awjREmbzdPZlC1oT/jnFuTDpCzFzNlYyVDp5lGzxxg4lM
xQ/x6dk6d1TqB09zpVaHQXjeG/Eigx8MQDAVX0XtWOEmpITzulYz4stHmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFezIOrY78gD/7Hmwtb/xekcUndHMB8GA1UdIwQY
MBaAFE0TEogVEDV0QXynpwQS2jqzuEURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMt
ZjU1ZWE0OGNlNzVhLzEvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMtZjU1ZWE0OGNlNzVh
LzEvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAovJTAEUx
lykWn2PoYCBl1etbAxJKf2H8IgDLcVC9ORZVgRXy1pkjYgGA+UGDem51I46p0iTv
rPtW6b4NqVMGuOclm3cZqjgVNOaHenJ6vlxUSHvYvT56RedlSfR2KeWSpdlMgP2v
Xic4M4tWLfc3z7NnWRf0KJ+lKau7qJ02aOavgzuXdmon1kBu1UcVvAD4v1fp4oK2
vm3gERjcBj8tiTZXor73ZC9LRh34/fHusAgmFn/w+2qJZIdVhJV9Xe+yQMfmg7M0
KaZlTAAjsP9/fLjxgvkjUkq9u3V7RtEsr0bTQzcDNqQ473b4v1V8d8WoAA5Hb23G
KAco3UZYTPTC3A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:51:10 2025 by rpki-client