Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier: QY/zAJlZ+6ed9+aiNZqbSRsbog7gqYhFQKBC/7jFkyE=
Subject key identifier: D3:9F:2D:60:99:34:42:BE:70:22:A6:EC:F4:82:71:3A:11:52:3F:65
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 0199FC58B0BF65B3537F0B569611F3C4ACC1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number: 07A9
Signing time: Sun 19 Oct 2025 12:01:34 +0000
Manifest this update: Sun 19 Oct 2025 12:01:34 +0000
Manifest next update: Mon 20 Oct 2025 12:01:34 +0000
Files and hashes: 1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=)
2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: txvqc0IQp0U24S2YOVR1w2wctwh+1kuUtfBZaX1puTI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:b0:bf:65:b3:53:7f:0b:56:96:11:f3:c4:ac:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Oct 19 12:01:34 2025 GMT
Not After : Oct 20 12:01:34 2025 GMT
Subject: CN=d39f2d60993442be7022a6ecf482713a11523f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:82:7e:64:fe:89:7c:6b:04:f2:2b:c0:f4:c2:
71:fe:33:23:96:49:5a:1e:1c:17:3d:38:ce:61:c3:
4f:de:3f:6c:bd:12:a2:84:e9:83:c4:08:bc:81:a8:
6e:cd:bc:2c:b0:94:58:a2:ea:b0:6d:06:76:a3:aa:
60:ef:a1:1c:31:f9:7f:07:71:02:22:32:c6:26:e7:
7d:f7:1d:08:c0:3b:02:57:69:8a:c4:ce:fe:07:74:
50:d9:c1:bf:29:ea:d7:1f:3c:8c:ae:ce:cc:38:25:
c0:c3:14:37:e0:ac:26:10:da:52:14:02:66:d2:24:
67:1f:eb:2d:2b:72:8f:d1:5f:77:2c:6e:07:05:d3:
61:ea:2e:6d:76:bb:ab:9f:0a:cb:bd:46:42:ec:3f:
e7:1e:d1:e7:d2:7d:eb:03:b0:43:43:41:e5:4e:a0:
26:3f:4c:d5:64:ed:7e:69:b5:1a:b9:9c:61:26:b7:
de:70:45:51:c6:a9:06:c1:4e:6a:84:11:d5:ec:07:
42:79:93:c4:7c:9b:1a:78:08:5e:d2:09:93:fa:a8:
37:db:57:01:69:f3:58:ad:3c:ac:94:43:8a:2f:9d:
51:9c:89:51:79:73:5f:95:c1:7f:42:bf:7d:30:75:
a2:d6:c8:24:b9:3d:47:75:89:72:f7:94:d7:d0:88:
7d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9F:2D:60:99:34:42:BE:70:22:A6:EC:F4:82:71:3A:11:52:3F:65
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:c0:dc:56:ec:33:a2:cd:34:bc:da:9e:73:77:45:21:e4:42:
7a:42:f9:d5:51:70:14:72:bd:25:8e:8b:27:1e:d4:8f:79:ec:
f4:6c:6f:a6:94:ae:2e:e0:62:c9:09:4a:b3:4b:27:20:da:cb:
c5:1b:ae:40:e8:71:e9:3f:09:71:26:3c:b4:f4:fc:50:63:b8:
05:8f:dc:f1:c7:fc:85:c1:aa:5b:b0:20:62:94:2f:a3:08:cb:
4b:52:74:c6:c0:ab:0a:5c:a2:14:99:2e:4d:2e:7d:21:3a:a5:
e8:ba:5b:a1:00:22:bc:37:42:e3:94:17:c9:c1:e0:bf:84:0a:
24:f7:d9:d6:54:ad:9f:3c:df:95:dc:e2:08:c2:36:d6:2a:e3:
cc:6c:f4:74:ec:41:94:d2:d5:0b:3d:c3:e0:73:1f:f8:3c:1d:
4b:00:e5:17:14:85:5a:90:fe:bf:3c:ef:00:62:c3:b2:21:99:
4a:55:1d:25:c6:2d:f7:0f:6b:fb:bb:6f:44:c8:bd:41:40:69:
97:41:99:79:31:65:b7:2c:50:9a:0c:15:db:e4:c9:c8:55:a6:
cc:83:f1:a4:df:69:ef:b5:04:a1:1e:34:08:0b:13:d6:0c:45:
b5:2c:1e:0d:a5:31:4a:3e:c9:2d:8b:1f:9e:23:b7:de:79:67:
3d:a5:37:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WLC/ZbNTfwtWlhHzxKzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjUxMDE5MTIwMTM0WhcNMjUxMDIwMTIwMTM0WjAzMTEwLwYDVQQD
EyhkMzlmMmQ2MDk5MzQ0MmJlNzAyMmE2ZWNmNDgyNzEzYTExNTIzZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IJ+ZP6JfGsE8ivA9MJx/jMjlkla
HhwXPTjOYcNP3j9svRKihOmDxAi8gahuzbwssJRYouqwbQZ2o6pg76EcMfl/B3EC
IjLGJud99x0IwDsCV2mKxM7+B3RQ2cG/KerXHzyMrs7MOCXAwxQ34KwmENpSFAJm
0iRnH+stK3KP0V93LG4HBdNh6i5tdrurnwrLvUZC7D/nHtHn0n3rA7BDQ0HlTqAm
P0zVZO1+abUauZxhJrfecEVRxqkGwU5qhBHV7AdCeZPEfJsaeAhe0gmT+qg321cB
afNYrTyslEOKL51RnIlReXNflcF/Qr99MHWi1sgkuT1HdYly95TX0Ih9CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOfLWCZNEK+cCKm7PSCcToRUj9lMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxMDcVuwz
os00vNqec3dFIeRCekL51VFwFHK9JY6LJx7Uj3ns9GxvppSuLuBiyQlKs0snINrL
xRuuQOhx6T8JcSY8tPT8UGO4BY/c8cf8hcGqW7AgYpQvowjLS1J0xsCrClyiFJku
TS59ITql6LpboQAivDdC45QXycHgv4QKJPfZ1lStnzzfldziCMI21irjzGz0dOxB
lNLVCz3D4HMf+DwdSwDlFxSFWpD+vzzvAGLDsiGZSlUdJcYt9w9r+7tvRMi9QUBp
l0GZeTFltyxQmgwV2+TJyFWmzIPxpN9p77UEoR40CAsT1gxFtSweDaUxSj7JLYsf
niO33nlnPaU3FA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:11:57 2025 by rpki-client