Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
File: TRMSiBUQNXRBfKenBBLaOrO4RRE.mft (raw, json)
Hash identifier: NuD1JCa2FhgeHB0qJXA5aamJ8F/1AMS2cOjoPRZwT8k=
Subject key identifier: 84:A2:E5:C3:8C:F9:07:AB:77:10:FD:2E:E8:88:65:3F:A1:18:9A:45
Authority key identifier: 4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
Certificate issuer: /CN=4d13128815103574417ca7a70412da3ab3b84511
Certificate serial: 01987450598790E65DF4274F88D60467080B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
Manifest number: 161A
Signing time: Mon 04 Aug 2025 09:01:19 +0000
Manifest this update: Mon 04 Aug 2025 09:01:19 +0000
Manifest next update: Tue 05 Aug 2025 09:01:19 +0000
Files and hashes: 1: RbRcN6wl0nEFVsWYx8c9XyFYSpY.roa (hash: BVR+Y8S7WJeuusRjWoFe5ZeYBx8jVE+CDBxd/rFYYkU=)
2: TRMSiBUQNXRBfKenBBLaOrO4RRE.crl (hash: qXiLhbP92lltUuVrUxdsOfKKCnYNsQ6RzxB6SMkH/jE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 09:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:50:59:87:90:e6:5d:f4:27:4f:88:d6:04:67:08:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d13128815103574417ca7a70412da3ab3b84511
Validity
Not Before: Aug 4 09:01:19 2025 GMT
Not After : Aug 5 09:01:19 2025 GMT
Subject: CN=84a2e5c38cf907ab7710fd2ee888653fa1189a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:56:7e:5e:0c:39:a1:a7:92:21:5d:09:42:f1:
78:12:93:58:9c:f2:41:e4:f6:23:ea:41:ce:61:c5:
77:47:0c:61:78:13:40:71:7b:7a:06:5a:9a:8b:04:
e9:79:ad:cc:ca:b6:5a:aa:5e:5b:62:36:25:28:b4:
2f:be:e0:d5:70:cf:7b:8d:df:47:46:ff:f4:30:f9:
65:4c:06:14:13:b5:d6:af:66:b4:7e:13:91:30:5c:
45:16:e9:e2:54:87:34:e4:c7:92:aa:1f:4d:81:44:
7b:e4:aa:2e:4d:18:7e:87:e5:30:4f:38:08:b4:08:
b0:46:19:a1:75:d9:bb:8f:98:89:6e:d5:24:8b:dd:
87:19:0e:34:8e:61:a4:4b:fa:9c:18:94:b7:e4:73:
8f:d2:e4:37:10:0f:6a:24:17:01:0e:42:c9:a0:18:
60:a6:fd:a0:3b:7d:6e:ff:0c:35:8e:d7:47:df:84:
ab:96:a9:02:6e:cb:f1:a8:4c:be:69:35:97:aa:f6:
41:b4:f9:cf:5a:4a:c0:d8:19:17:ca:97:1f:55:ea:
4b:8a:0d:1c:3a:9d:7a:5f:ad:ed:af:a5:e7:26:02:
80:18:ce:35:d7:f8:20:de:dc:29:a2:55:6c:66:79:
9a:de:06:18:af:1b:d8:2e:c3:09:e8:06:6b:ab:04:
32:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A2:E5:C3:8C:F9:07:AB:77:10:FD:2E:E8:88:65:3F:A1:18:9A:45
X509v3 Authority Key Identifier:
keyid:4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:cc:50:69:28:3e:81:29:c3:5f:28:f2:3e:b9:45:12:58:3f:
fc:e3:24:b0:ba:64:9d:d0:2b:f3:4a:ee:05:dc:ad:43:11:49:
8d:30:ae:aa:b4:25:90:41:dd:37:05:db:00:1e:ed:d1:3a:16:
d8:b7:5e:fd:1e:71:55:9b:ad:cb:80:b3:2e:13:1b:fd:6a:d2:
23:45:eb:57:88:1b:ad:fd:3c:15:32:a7:26:07:02:06:9f:c7:
a5:78:43:dc:cb:32:7d:45:8b:31:6c:9f:61:cc:87:c8:22:0f:
80:a7:3c:24:86:80:1c:2a:22:08:94:5e:01:1e:be:6a:a3:7a:
7d:bb:59:d6:81:92:b8:00:ef:16:73:a0:0d:92:8f:75:56:b2:
57:cc:14:73:bc:7b:49:11:91:8d:cb:65:64:d2:18:45:55:0f:
42:cb:06:ab:8c:4e:21:93:48:df:d3:03:a7:b3:67:53:e3:22:
c7:a9:a8:ad:76:db:fc:f3:12:9e:b0:62:56:4e:f1:14:84:57:
95:31:7e:0e:ed:f6:8b:a1:b7:6c:a4:ce:61:4a:a6:57:cc:18:
6f:9a:c9:69:74:4f:ef:0a:d0:67:db:0a:ca:0e:8b:08:6c:9f:
1f:87:fe:7a:77:d3:3d:1e:b1:b9:69:41:0f:94:95:46:b7:29:
f9:b5:14:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UFmHkOZd9CdPiNYEZwgLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTMxMjg4MTUxMDM1NzQ0MTdjYTdhNzA0MTJkYTNhYjNi
ODQ1MTEwHhcNMjUwODA0MDkwMTE5WhcNMjUwODA1MDkwMTE5WjAzMTEwLwYDVQQD
Eyg4NGEyZTVjMzhjZjkwN2FiNzcxMGZkMmVlODg4NjUzZmExMTg5YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilZ+Xgw5oaeSIV0JQvF4EpNYnPJB
5PYj6kHOYcV3RwxheBNAcXt6BlqaiwTpea3MyrZaql5bYjYlKLQvvuDVcM97jd9H
Rv/0MPllTAYUE7XWr2a0fhORMFxFFuniVIc05MeSqh9NgUR75KouTRh+h+UwTzgI
tAiwRhmhddm7j5iJbtUki92HGQ40jmGkS/qcGJS35HOP0uQ3EA9qJBcBDkLJoBhg
pv2gO31u/ww1jtdH34SrlqkCbsvxqEy+aTWXqvZBtPnPWkrA2BkXypcfVepLig0c
Op16X63tr6XnJgKAGM411/gg3twpolVsZnma3gYYrxvYLsMJ6AZrqwQy8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISi5cOM+QerdxD9LuiIZT+hGJpFMB8GA1UdIwQY
MBaAFE0TEogVEDV0QXynpwQS2jqzuEURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMt
ZjU1ZWE0OGNlNzVhLzEvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9mYWZmYzItOTUxNy00ZDE4LTg5OTMtZjU1ZWE0OGNlNzVh
LzEvVFJNU2lCVVFOWFJCZktlbkJCTGFPck80UlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUsxQaSg+
gSnDXyjyPrlFElg//OMksLpkndAr80ruBdytQxFJjTCuqrQlkEHdNwXbAB7t0ToW
2Lde/R5xVZuty4CzLhMb/WrSI0XrV4gbrf08FTKnJgcCBp/HpXhD3MsyfUWLMWyf
YcyHyCIPgKc8JIaAHCoiCJReAR6+aqN6fbtZ1oGSuADvFnOgDZKPdVayV8wUc7x7
SRGRjctlZNIYRVUPQssGq4xOIZNI39MDp7NnU+Mix6morXbb/PMSnrBiVk7xFIRX
lTF+Du32i6G3bKTOYUqmV8wYb5rJaXRP7wrQZ9sKyg6LCGyfH4f+enfTPR6xuWlB
D5SVRrcp+bUUJg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:05:55 2025 by rpki-client