Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
File: tYUi2sa83oxIEzNZkTKhYgDmpb4.mft (raw, json)
Hash identifier: 6uiGY7OMZCJuzYyXOZWYxun8FC5Py2pEln+7/LBWhFo=
Subject key identifier: D6:12:5B:DC:B7:23:54:60:8F:85:BB:80:8E:BB:0B:21:30:7E:3B:BE
Authority key identifier: B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
Certificate issuer: /CN=b58522dac6bcde8c481333599132a16200e6a5be
Certificate serial: 0199FDA1CFB8EA352A4191A5FC03D72BE0C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
Manifest number: 0A3D
Signing time: Sun 19 Oct 2025 18:01:04 +0000
Manifest this update: Sun 19 Oct 2025 18:01:04 +0000
Manifest next update: Mon 20 Oct 2025 18:01:04 +0000
Files and hashes: 1: 5moGvKAoN95-3rdirRXOwCahhvs.roa (hash: SkhAzMm5Jb5vcIiM14h4SYz3DQTRyqaR2eF+qq4Rdl0=)
2: RuuQV8FVAOprAh_8jcQjyKszeBc.roa (hash: kX89cdA0JPKtfSqgIarOumMCZ1cTxgD0uR8aSG1ObUs=)
3: tYUi2sa83oxIEzNZkTKhYgDmpb4.crl (hash: l7HeoyixEAzi2Zzl27dA9qRA2JrKL5fS1QSSoW3Tqpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:a1:cf:b8:ea:35:2a:41:91:a5:fc:03:d7:2b:e0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b58522dac6bcde8c481333599132a16200e6a5be
Validity
Not Before: Oct 19 18:01:04 2025 GMT
Not After : Oct 20 18:01:04 2025 GMT
Subject: CN=d6125bdcb72354608f85bb808ebb0b21307e3bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:7b:ef:17:ad:19:49:e4:31:ef:80:1f:3e:
be:29:77:8d:6b:15:60:8f:96:c6:da:d9:82:74:2e:
2f:ef:4c:c3:60:91:99:03:16:4b:c2:02:93:f6:7a:
76:0d:ef:6f:26:45:47:a2:1f:67:63:b6:52:5e:c3:
9a:5e:d6:f2:4e:86:0b:2a:07:1b:ef:b4:0e:b3:5d:
4e:12:9c:45:25:2c:ca:6c:48:ba:b1:a5:d2:95:6e:
c6:46:f5:be:72:32:16:94:68:2b:35:9b:41:ae:3b:
fb:52:14:11:f3:57:6b:2c:15:03:2a:eb:f5:f3:b1:
55:69:43:e3:5b:f7:1c:b6:ca:06:12:c0:a1:9d:d3:
a8:64:25:87:f4:51:0e:2c:a3:01:fe:85:5d:59:1f:
13:49:58:8c:15:aa:1c:aa:80:6d:2a:d9:54:85:c2:
dc:c6:58:89:b8:9f:bd:20:5c:c4:13:36:e3:40:45:
79:73:cf:7e:04:eb:d3:a7:3c:ec:39:c6:ed:0b:ea:
55:03:b4:e5:f7:0d:af:10:83:89:a0:a9:ea:4e:2a:
1d:c2:ce:f0:b9:ca:ed:41:50:1e:3a:62:f3:52:c9:
d8:0a:48:2d:e7:1d:5e:1c:24:65:9c:dd:0e:54:a7:
11:3c:d1:2b:3b:d9:da:d0:bd:aa:55:14:5d:b6:47:
5c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:12:5B:DC:B7:23:54:60:8F:85:BB:80:8E:BB:0B:21:30:7E:3B:BE
X509v3 Authority Key Identifier:
keyid:B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:f9:a9:89:e1:fb:e4:9c:93:54:1f:06:ab:08:f0:cc:0a:89:
41:b9:8b:4b:d6:a0:13:97:e1:c7:e8:e2:96:c0:d9:e0:63:bf:
a4:bf:21:b7:75:de:4c:3d:f1:f2:e6:41:f5:56:83:5f:56:75:
56:a0:f0:54:c1:ce:41:aa:a0:38:2e:fe:8c:f4:15:67:f3:fc:
ee:1f:c6:9b:07:84:1c:da:f9:98:dc:a9:68:4c:d0:d2:24:cb:
25:e1:83:f1:16:dc:db:8a:4c:50:0f:9f:01:d1:e5:ca:11:77:
28:02:c8:71:ae:c6:12:fb:91:b5:ea:83:12:16:40:df:10:50:
e3:e1:04:10:ae:1d:81:0a:1a:46:e1:9a:ae:d5:84:33:01:a7:
69:37:b5:b7:72:16:28:40:7e:27:53:07:32:b4:13:ed:5b:56:
93:54:46:02:04:23:d6:dd:3a:3d:13:53:4b:b0:cd:c8:a3:ee:
e5:62:cd:2e:26:49:17:6c:42:d9:7c:cf:47:20:80:6b:96:0e:
4b:a8:2e:f2:9b:0d:60:f1:a1:f4:9e:9e:a1:98:ac:e5:09:08:
87:30:b7:8a:21:b5:e2:bc:67:75:42:10:5f:6f:cc:ac:c4:c2:
42:d1:25:58:c5:3e:32:94:3c:f9:6e:e7:1d:d1:bc:4f:89:5a:
24:d4:df:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9oc+46jUqQZGl/APXK+DJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODUyMmRhYzZiY2RlOGM0ODEzMzM1OTkxMzJhMTYyMDBl
NmE1YmUwHhcNMjUxMDE5MTgwMTA0WhcNMjUxMDIwMTgwMTA0WjAzMTEwLwYDVQQD
EyhkNjEyNWJkY2I3MjM1NDYwOGY4NWJiODA4ZWJiMGIyMTMwN2UzYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr577xetGUnkMe+AHz6+KXeNaxVg
j5bG2tmCdC4v70zDYJGZAxZLwgKT9np2De9vJkVHoh9nY7ZSXsOaXtbyToYLKgcb
77QOs11OEpxFJSzKbEi6saXSlW7GRvW+cjIWlGgrNZtBrjv7UhQR81drLBUDKuv1
87FVaUPjW/cctsoGEsChndOoZCWH9FEOLKMB/oVdWR8TSViMFaocqoBtKtlUhcLc
xliJuJ+9IFzEEzbjQEV5c89+BOvTpzzsOcbtC+pVA7Tl9w2vEIOJoKnqTiodws7w
ucrtQVAeOmLzUsnYCkgt5x1eHCRlnN0OVKcRPNErO9na0L2qVRRdtkdcnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYSW9y3I1Rgj4W7gI67CyEwfju+MB8GA1UdIwQY
MBaAFLWFItrGvN6MSBMzWZEyoWIA5qW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUt
YmEzOTQ3YzliMjJiLzEvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUtYmEzOTQ3YzliMjJi
LzEvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWfmpieH7
5JyTVB8GqwjwzAqJQbmLS9agE5fhx+jilsDZ4GO/pL8ht3XeTD3x8uZB9VaDX1Z1
VqDwVMHOQaqgOC7+jPQVZ/P87h/GmweEHNr5mNypaEzQ0iTLJeGD8Rbc24pMUA+f
AdHlyhF3KALIca7GEvuRteqDEhZA3xBQ4+EEEK4dgQoaRuGartWEMwGnaTe1t3IW
KEB+J1MHMrQT7VtWk1RGAgQj1t06PRNTS7DNyKPu5WLNLiZJF2xC2XzPRyCAa5YO
S6gu8psNYPGh9J6eoZis5QkIhzC3iiG14rxndUIQX2/MrMTCQtElWMU+MpQ8+W7n
HdG8T4laJNTfoQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:07:16 2025 by rpki-client