
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json)
Hash identifier: 21e0aKRnA/2gBvJ/wbHQh2e0WgCsf59ocDOZ00nTUj8=
Subject key identifier: ED:16:A9:CC:0D:7A:BF:FD:89:81:62:50:45:A4:2E:95:B7:E6:86:F2
Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Certificate serial: 0198D54DE1FB9A1CB4CE4105D1CA4B8BB55A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
Manifest number: 0134
Signing time: Sat 23 Aug 2025 05:01:47 +0000
Manifest this update: Sat 23 Aug 2025 05:01:47 +0000
Manifest next update: Sun 24 Aug 2025 05:01:47 +0000
Files and hashes: 1: GPp0CA4dJEmXPt3FvKOuB6Y1Ajo.roa (hash: /WVZb52tGGnvS1Lpmu++5VCxojp2nMgaocCDFVDfPQY=)
2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: zKE+emq10beC4bs9a+dtchAKtUk1CFiSTdj57lw/xUA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4d:e1:fb:9a:1c:b4:ce:41:05:d1:ca:4b:8b:b5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35
Validity
Not Before: Aug 23 05:01:47 2025 GMT
Not After : Aug 24 05:01:47 2025 GMT
Subject: CN=ed16a9cc0d7abffd8981625045a42e95b7e686f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:46:94:c3:93:58:84:27:e0:5a:be:e3:ff:
4e:ad:aa:42:fc:25:b3:e6:53:fe:cc:fa:6d:1a:b5:
87:28:29:dd:11:31:22:6c:2d:f9:68:14:21:9e:c4:
e9:8a:3f:7d:f3:8c:43:c4:e5:8e:10:a4:4e:d3:08:
c2:7a:db:29:81:37:11:4b:51:1e:f8:e3:cf:dc:55:
77:db:b3:36:c0:48:e4:5a:f1:2d:1f:f6:e6:b9:ea:
d4:9e:9d:dc:fe:0e:eb:9a:66:c4:70:21:2b:a6:49:
4b:8a:57:37:de:b3:a9:d2:66:a7:77:63:ec:10:62:
28:3a:55:e7:e6:94:0c:0d:e1:eb:cf:3d:21:6c:b6:
74:6f:a8:2e:be:25:ab:35:e9:9c:aa:7e:70:5f:fc:
eb:ad:20:5f:60:b2:96:f7:a7:6b:f1:2c:07:de:fd:
fa:4f:39:16:17:1c:6f:f5:7b:e8:3a:5d:ad:d4:82:
90:35:27:cd:06:49:39:f4:54:3b:22:51:05:69:73:
6e:cb:e2:a6:83:8e:ea:b6:ab:fb:2e:4e:d4:e9:38:
0c:24:db:c5:99:00:e1:5b:23:3d:e0:8c:29:c1:3c:
9c:1d:7b:c7:45:59:25:c3:59:8e:07:25:11:62:c6:
ed:c4:26:c1:fc:91:7f:a1:2d:e1:be:a6:d3:e5:8d:
8d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:16:A9:CC:0D:7A:BF:FD:89:81:62:50:45:A4:2E:95:B7:E6:86:F2
X509v3 Authority Key Identifier:
keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:46:f0:16:48:80:e9:2a:0a:d6:04:69:99:0b:02:46:62:3c:
03:32:8c:1f:b5:71:c8:27:76:6b:2c:07:3c:46:48:2b:c2:e8:
aa:ad:cf:f3:b2:a3:50:69:bb:0e:d3:b0:3f:10:6d:0e:44:5f:
5e:cd:74:f1:99:ad:47:ed:f0:ae:fa:48:49:91:5f:46:f9:f3:
95:33:75:58:08:1a:a3:7b:bc:17:c0:c0:5c:cf:4d:8c:09:c5:
7a:22:e2:15:33:bd:c2:c1:cd:fd:1c:ca:44:19:6d:93:bb:db:
a0:9a:fc:b2:35:f6:30:ca:8c:b8:c4:b1:d0:12:72:4c:c5:7c:
39:27:09:f5:cd:96:38:30:4c:f8:e5:2b:1f:f3:c1:1a:26:12:
bb:e7:8d:5b:56:6b:d3:f5:5e:36:e6:15:be:23:d4:19:59:92:
11:59:94:0a:c8:ed:63:7b:2b:ae:40:ca:33:e6:5c:56:42:97:
71:52:fc:c0:4d:ca:70:26:4b:c3:e1:b1:2c:19:7a:b4:07:ce:
7f:90:96:50:11:5b:f5:44:e1:91:a4:eb:06:24:c9:32:07:4d:
b3:f1:e2:fa:07:d2:7b:28:11:cd:3c:d3:61:85:90:c1:fa:d4:
7a:27:72:5d:46:1b:a6:5c:dd:ca:3d:63:1a:eb:37:7b:1e:71:
f8:19:b6:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTeH7mhy0zkEF0cpLi7VaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh
ZDJkMzUwHhcNMjUwODIzMDUwMTQ3WhcNMjUwODI0MDUwMTQ3WjAzMTEwLwYDVQQD
EyhlZDE2YTljYzBkN2FiZmZkODk4MTYyNTA0NWE0MmU5NWI3ZTY4NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlttGlMOTWIQn4Fq+4/9OrapC/CWz
5lP+zPptGrWHKCndETEibC35aBQhnsTpij9984xDxOWOEKRO0wjCetspgTcRS1Ee
+OPP3FV327M2wEjkWvEtH/bmuerUnp3c/g7rmmbEcCErpklLilc33rOp0mand2Ps
EGIoOlXn5pQMDeHrzz0hbLZ0b6guviWrNemcqn5wX/zrrSBfYLKW96dr8SwH3v36
TzkWFxxv9XvoOl2t1IKQNSfNBkk59FQ7IlEFaXNuy+Kmg47qtqv7Lk7U6TgMJNvF
mQDhWyM94IwpwTycHXvHRVklw1mOByURYsbtxCbB/JF/oS3hvqbT5Y2NVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0WqcwNer/9iYFiUEWkLpW35obyMB8GA1UdIwQY
MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt
NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3
LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEUbwFkiA
6SoK1gRpmQsCRmI8AzKMH7VxyCd2aywHPEZIK8Loqq3P87KjUGm7DtOwPxBtDkRf
Xs108ZmtR+3wrvpISZFfRvnzlTN1WAgao3u8F8DAXM9NjAnFeiLiFTO9wsHN/RzK
RBltk7vboJr8sjX2MMqMuMSx0BJyTMV8OScJ9c2WODBM+OUrH/PBGiYSu+eNW1Zr
0/VeNuYVviPUGVmSEVmUCsjtY3srrkDKM+ZcVkKXcVL8wE3KcCZLw+GxLBl6tAfO
f5CWUBFb9UThkaTrBiTJMgdNs/Hi+gfSeygRzTzTYYWQwfrUeidyXUYbplzdyj1j
Gus3ex5x+Bm2Fg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:00 2025 by rpki-client