Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json)
Hash identifier: 7lzTcdhqbYpRj0+O2YwsVyP2K3CgHD9JzuLWxlaAbEg=
Subject key identifier: 39:53:AC:13:B8:6B:B0:61:7C:3F:DA:DE:8C:8B:1F:53:1E:21:48:E0
Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Certificate serial: 0197B77CA1EB7B7B92CA2F0DF9AE18FF998F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
Manifest number: A0
Signing time: Sat 28 Jun 2025 17:01:27 +0000
Manifest this update: Sat 28 Jun 2025 17:01:27 +0000
Manifest next update: Sun 29 Jun 2025 17:01:27 +0000
Files and hashes: 1: GPp0CA4dJEmXPt3FvKOuB6Y1Ajo.roa (hash: /WVZb52tGGnvS1Lpmu++5VCxojp2nMgaocCDFVDfPQY=)
2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: sSpB2o48qYzo/f3weBBN7TGG6NztzNzGkRtuZ9yzCo0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:a1:eb:7b:7b:92:ca:2f:0d:f9:ae:18:ff:99:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Validity
Not Before: Jun 28 17:01:27 2025 GMT
Not After : Jun 29 17:01:27 2025 GMT
Subject: CN=3953ac13b86bb0617c3fdade8c8b1f531e2148e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:af:dd:e5:5c:d0:88:51:d3:45:c1:c4:76:c7:
b7:c2:09:e7:85:b8:78:a4:0e:a8:5f:99:cd:d3:3c:
b1:f7:dc:4a:3c:40:d9:72:ed:49:17:97:44:e3:c8:
4f:8a:91:88:19:4f:1c:88:b4:b2:54:93:42:ef:67:
cd:ca:1b:4a:33:31:b1:f5:4b:d6:f4:a0:f2:f9:ee:
a8:85:0a:36:9a:fd:eb:15:36:f6:23:4f:51:bc:d2:
f9:2c:2e:5e:df:75:9e:83:72:11:ee:e3:b3:b7:25:
9b:7d:a4:e4:38:d1:30:c8:69:a6:ad:0b:bb:f9:b1:
e0:01:08:0c:e8:8e:67:71:d7:e3:a4:9b:32:97:6d:
94:15:6c:93:03:fb:12:c9:c0:56:71:e7:c0:71:7a:
34:db:fb:46:b0:d6:5d:5a:db:34:2a:02:1b:c3:18:
96:ca:bc:95:f7:55:6e:c0:8c:f9:38:cb:20:7f:38:
d3:0a:04:af:82:31:7a:db:a7:b6:aa:44:5c:93:62:
7a:da:ec:4a:5e:da:7f:c5:e6:49:bf:73:71:ed:6e:
99:cf:68:5b:c6:c0:53:17:b4:36:b5:96:27:70:2d:
ee:66:45:85:28:bb:7b:ff:7e:cd:7e:f5:9e:74:38:
53:d6:09:11:95:5d:2a:85:55:40:df:46:52:ed:1a:
4f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:53:AC:13:B8:6B:B0:61:7C:3F:DA:DE:8C:8B:1F:53:1E:21:48:E0
X509v3 Authority Key Identifier:
keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:d8:2e:31:71:3f:bc:99:9e:16:cf:12:fc:4d:2c:b8:32:63:
4e:2b:62:fa:aa:64:83:4d:fe:47:30:d0:72:37:cf:01:60:18:
5a:d3:36:49:85:c0:57:f9:f3:79:e7:3f:d9:b0:c1:ca:3c:b0:
b4:4b:a7:b7:84:97:84:02:39:55:79:b5:15:f2:ad:72:4c:d0:
ee:cf:ca:05:48:05:7d:3b:5f:ac:97:14:21:93:22:37:34:d2:
d2:f1:c9:85:b6:b8:f6:df:14:50:3f:96:d6:a0:98:ed:64:51:
88:a8:a1:4f:d1:2a:e8:6d:69:29:8c:fd:fd:ec:b4:63:5f:6f:
8f:83:31:8c:4a:4d:8b:8f:e6:56:51:27:e2:8b:a7:63:12:f4:
9a:f6:3f:00:e4:d0:51:62:fd:4a:9e:aa:87:35:ce:dd:ee:d7:
a9:e9:ec:39:10:b2:21:7a:1a:dd:6d:29:af:90:c1:15:b7:a4:
d8:23:f0:69:af:08:da:48:c1:32:69:75:14:ca:91:61:bb:32:
79:d4:fc:46:97:eb:99:06:2b:7b:ef:ea:d6:28:35:22:83:e7:
65:01:8c:32:86:ff:23:05:d0:8b:3f:f6:1c:f9:39:9a:f9:63:
10:7b:41:e2:b9:51:83:45:b7:1e:83:a3:4c:3c:ee:b7:a4:62:
df:d7:59:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fKHre3uSyi8N+a4Y/5mPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh
ZDJkMzUwHhcNMjUwNjI4MTcwMTI3WhcNMjUwNjI5MTcwMTI3WjAzMTEwLwYDVQQD
EygzOTUzYWMxM2I4NmJiMDYxN2MzZmRhZGU4YzhiMWY1MzFlMjE0OGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6/d5VzQiFHTRcHEdse3wgnnhbh4
pA6oX5nN0zyx99xKPEDZcu1JF5dE48hPipGIGU8ciLSyVJNC72fNyhtKMzGx9UvW
9KDy+e6ohQo2mv3rFTb2I09RvNL5LC5e33Weg3IR7uOztyWbfaTkONEwyGmmrQu7
+bHgAQgM6I5ncdfjpJsyl22UFWyTA/sSycBWcefAcXo02/tGsNZdWts0KgIbwxiW
yryV91VuwIz5OMsgfzjTCgSvgjF626e2qkRck2J62uxKXtp/xeZJv3Nx7W6Zz2hb
xsBTF7Q2tZYncC3uZkWFKLt7/37NfvWedDhT1gkRlV0qhVVA30ZS7RpPswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlTrBO4a7BhfD/a3oyLH1MeIUjgMB8GA1UdIwQY
MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt
NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3
LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9guMXE/
vJmeFs8S/E0suDJjTiti+qpkg03+RzDQcjfPAWAYWtM2SYXAV/nzeec/2bDByjyw
tEunt4SXhAI5VXm1FfKtckzQ7s/KBUgFfTtfrJcUIZMiNzTS0vHJhba49t8UUD+W
1qCY7WRRiKihT9Eq6G1pKYz9/ey0Y19vj4MxjEpNi4/mVlEn4ounYxL0mvY/AOTQ
UWL9Sp6qhzXO3e7XqensORCyIXoa3W0pr5DBFbek2CPwaa8I2kjBMml1FMqRYbsy
edT8RpfrmQYre+/q1ig1IoPnZQGMMob/IwXQiz/2HPk5mvljEHtB4rlRg0W3HoOj
TDzut6Ri39dZ6A==
-----END CERTIFICATE-----
Generated at Sat Jun 28 20:22:30 2025 by rpki-client