Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json)
Hash identifier: 9lNr76YNrumnxscNJyFqUReuwXm50pQulYCaZrrXZus=
Subject key identifier: 38:D8:50:BB:71:5B:51:7A:CD:E3:1D:BD:84:B5:1D:D7:98:70:25:43
Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Certificate serial: 0199FAD7B27C3F9580DDF381FE4BF31D6482
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
Manifest number: 01CC
Signing time: Sun 19 Oct 2025 05:01:03 +0000
Manifest this update: Sun 19 Oct 2025 05:01:03 +0000
Manifest next update: Mon 20 Oct 2025 05:01:03 +0000
Files and hashes: 1: GPp0CA4dJEmXPt3FvKOuB6Y1Ajo.roa (hash: /WVZb52tGGnvS1Lpmu++5VCxojp2nMgaocCDFVDfPQY=)
2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: u9tD0Zfrm42/fORIL9ICSz+f9u/elW69A1TIs5DYuLI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:d7:b2:7c:3f:95:80:dd:f3:81:fe:4b:f3:1d:64:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Validity
Not Before: Oct 19 05:01:03 2025 GMT
Not After : Oct 20 05:01:03 2025 GMT
Subject: CN=38d850bb715b517acde31dbd84b51dd798702543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:75:c1:59:bd:e8:a1:7c:1e:9a:26:99:d7:3a:
d8:0e:7f:17:da:1b:8d:1d:99:ff:18:6c:19:13:a5:
72:33:d0:31:45:64:16:a3:27:a0:1e:2f:b9:ce:8c:
8e:db:b9:e4:8f:69:c0:04:53:ac:8a:e8:d3:2b:61:
8d:6f:28:05:71:d1:f9:8b:34:2c:ba:64:96:33:39:
7a:e1:14:62:e5:40:7c:84:6a:6f:6d:33:b4:d8:8d:
0d:e1:71:cb:1e:45:68:53:f0:db:93:a1:f6:92:54:
a1:a4:72:11:36:a6:86:07:6e:b3:e1:d8:e5:ce:f3:
ad:90:2b:e7:6c:74:e5:8d:dc:07:ca:22:f6:8b:dc:
4a:bc:03:15:6a:de:de:34:26:c0:04:39:e7:96:a3:
89:f5:39:16:a6:d5:b1:ac:8e:86:96:11:f6:71:de:
53:b5:4f:9b:fb:9a:a8:f9:1a:a7:5c:be:94:6b:33:
d7:dd:54:b9:aa:9f:93:57:7c:44:06:00:fd:8f:54:
6f:90:5a:95:f0:e1:72:71:3f:16:f5:60:b7:8c:fc:
a4:fa:63:f2:f9:5f:9b:ff:c9:f8:f6:7d:9d:e9:6c:
b2:66:b5:bc:e4:8e:6b:03:54:e4:b3:35:00:48:ea:
36:eb:12:52:4b:f3:3d:91:10:9c:7f:3a:53:46:c9:
13:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D8:50:BB:71:5B:51:7A:CD:E3:1D:BD:84:B5:1D:D7:98:70:25:43
X509v3 Authority Key Identifier:
keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:71:6a:18:54:36:e8:6e:8f:09:47:58:fd:ad:66:f6:8c:f3:
42:30:50:73:dd:a6:b0:5b:f1:3f:56:66:9e:8f:a8:c7:b9:88:
de:7f:fe:84:d1:8d:81:0a:7a:1d:6d:ec:d8:71:34:37:c0:93:
cd:bc:f1:37:07:8b:d9:c9:28:56:08:2a:4e:ad:b6:25:f1:39:
6f:64:52:5b:2e:54:43:48:df:e8:a3:5c:31:06:fa:19:01:cb:
6b:bb:de:c9:33:e4:8a:ea:43:53:8d:c6:de:80:71:94:f8:07:
43:73:10:26:60:62:6b:54:e6:5e:f9:0c:3f:5e:fc:87:0a:29:
a8:70:0b:ea:75:23:a1:be:48:ee:60:88:48:82:4a:80:c5:d6:
53:4c:82:26:57:9d:df:4b:86:a2:f8:be:24:b9:5e:e2:27:33:
9a:d6:f2:4e:ae:2f:6c:63:c4:e7:40:bd:26:0f:82:cf:2c:16:
38:e3:d4:2c:f3:78:0d:1e:f2:64:1f:ee:40:6c:a6:c3:e6:fe:
b5:9b:6f:95:fa:b3:b9:65:2a:7e:ac:dd:a7:7c:08:a8:c5:43:
8b:f9:70:1a:eb:96:3f:a2:ad:31:cd:4f:af:25:d2:be:b0:5b:
a3:34:c5:ba:46:00:14:71:5a:5b:63:a1:1a:a6:25:8b:ca:f4:
11:82:d8:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn617J8P5WA3fOB/kvzHWSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh
ZDJkMzUwHhcNMjUxMDE5MDUwMTAzWhcNMjUxMDIwMDUwMTAzWjAzMTEwLwYDVQQD
EygzOGQ4NTBiYjcxNWI1MTdhY2RlMzFkYmQ4NGI1MWRkNzk4NzAyNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXXBWb3ooXwemiaZ1zrYDn8X2huN
HZn/GGwZE6VyM9AxRWQWoyegHi+5zoyO27nkj2nABFOsiujTK2GNbygFcdH5izQs
umSWMzl64RRi5UB8hGpvbTO02I0N4XHLHkVoU/Dbk6H2klShpHIRNqaGB26z4djl
zvOtkCvnbHTljdwHyiL2i9xKvAMVat7eNCbABDnnlqOJ9TkWptWxrI6GlhH2cd5T
tU+b+5qo+RqnXL6UazPX3VS5qp+TV3xEBgD9j1RvkFqV8OFycT8W9WC3jPyk+mPy
+V+b/8n49n2d6WyyZrW85I5rA1TkszUASOo26xJSS/M9kRCcfzpTRskTbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjYULtxW1F6zeMdvYS1HdeYcCVDMB8GA1UdIwQY
MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt
NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3
LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS3FqGFQ2
6G6PCUdY/a1m9ozzQjBQc92msFvxP1Zmno+ox7mI3n/+hNGNgQp6HW3s2HE0N8CT
zbzxNweL2ckoVggqTq22JfE5b2RSWy5UQ0jf6KNcMQb6GQHLa7veyTPkiupDU43G
3oBxlPgHQ3MQJmBia1TmXvkMP178hwopqHAL6nUjob5I7mCISIJKgMXWU0yCJled
30uGovi+JLle4iczmtbyTq4vbGPE50C9Jg+CzywWOOPULPN4DR7yZB/uQGymw+b+
tZtvlfqzuWUqfqzdp3wIqMVDi/lwGuuWP6KtMc1PryXSvrBbozTFukYAFHFaW2Oh
GqYli8r0EYLYbg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:05:44 2025 by rpki-client