Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
File: TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft (raw, json)
Hash identifier: Z+OrcuhoSOsBV6Pf6wmhZXmCfYizPjX1nsyMjWk/4XI=
Subject key identifier: 0D:93:B2:B8:99:26:F1:28:C8:F5:61:3F:82:62:36:97:BB:F3:22:F5
Authority key identifier: 4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
Certificate issuer: /CN=4ce90379bd8d04374b3adef060d51ae215710935
Certificate serial: 0199FFC7F099A5196133861799CBEFAEE22E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
Manifest number: CC
Signing time: Mon 20 Oct 2025 04:01:57 +0000
Manifest this update: Mon 20 Oct 2025 04:01:57 +0000
Manifest next update: Tue 21 Oct 2025 04:01:57 +0000
Files and hashes: 1: 1-78e97Jrk9Uh_jE37kqFne1h0ac.roa (hash: z20HWJG9MeJX/qHD5qtfUrm0n+lWcEMp1qD7mshzZJo=)
2: 1zKIP7xP-3mviAaLxu-Q9kO8TDw.roa (hash: i+hbxTxfZVrUKiiV4ml6H+EfTXIaAVLa/rzpycnZQE0=)
3: TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl (hash: 23hAfmDOSA/nqRYFZ3+NM9/f0nl84+HLTgOwj3cyglk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:f0:99:a5:19:61:33:86:17:99:cb:ef:ae:e2:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce90379bd8d04374b3adef060d51ae215710935
Validity
Not Before: Oct 20 04:01:57 2025 GMT
Not After : Oct 21 04:01:57 2025 GMT
Subject: CN=0d93b2b89926f128c8f5613f82623697bbf322f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:4b:a7:40:75:d9:4f:7e:2b:bf:b7:f0:a1:
f2:55:ce:34:cd:fd:d4:a6:6c:d3:8b:76:a9:d3:ee:
04:9b:a1:12:c0:33:1a:03:69:5b:15:4c:84:09:f7:
89:15:00:0e:c2:5c:74:ae:ba:8d:5a:09:63:f4:da:
dc:e8:75:e2:eb:66:b6:54:fd:0f:0e:17:85:5f:71:
d7:96:ca:14:0f:04:c5:7a:c2:36:b1:77:9f:99:b0:
cb:53:33:77:38:15:78:b2:d3:d9:5b:9c:b4:58:7b:
5a:40:ac:59:15:c8:f0:98:44:25:5e:29:77:6b:72:
c5:90:04:02:43:94:dd:c5:a4:99:fc:e4:ff:43:d7:
d0:91:3a:9b:66:f7:53:be:ff:2f:1f:a3:c5:b0:e7:
f1:65:69:2b:d6:8b:5f:f0:8b:f4:8c:c7:50:96:fa:
b1:81:7d:6e:ad:74:40:1e:f0:05:0e:e4:83:7e:24:
fb:87:f2:23:0b:0f:80:34:0d:47:9c:78:85:1b:c9:
52:d0:6f:cb:56:0d:4e:5f:be:a2:f5:2c:93:c7:77:
b6:21:6d:ed:66:84:39:d8:c3:e8:ee:dc:dd:c8:ed:
a4:2f:b2:c3:ec:91:30:4e:01:91:df:1f:59:ab:3c:
80:4b:72:5a:f0:a6:d1:28:cd:ef:b6:03:ef:ee:d8:
d1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:93:B2:B8:99:26:F1:28:C8:F5:61:3F:82:62:36:97:BB:F3:22:F5
X509v3 Authority Key Identifier:
keyid:4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:48:c8:b0:0d:79:f1:c4:a9:3e:11:08:6b:3c:84:66:79:9e:
bd:9b:00:e3:60:11:48:24:16:d1:43:a5:50:b6:3d:56:2a:78:
e7:a9:ef:62:d0:a0:1b:ca:9c:21:05:0d:44:64:95:98:ec:8e:
20:2f:49:02:47:f6:92:57:33:7a:cb:06:42:f1:a4:21:a7:43:
f0:49:11:de:08:f2:34:6f:65:48:c7:4c:00:b2:45:e6:58:7d:
67:45:be:61:4e:8b:15:57:ff:92:00:ed:02:1f:a9:03:bb:71:
eb:61:46:e9:bd:09:1f:7e:98:c5:47:95:3c:5c:a0:85:d4:36:
c6:eb:98:07:ed:8d:16:0a:bd:12:fb:fd:66:d6:62:c0:86:62:
6c:43:06:30:26:3d:34:3e:30:c0:b7:cc:95:7f:91:89:e2:d6:
ad:49:d8:ec:09:f6:9b:c8:c1:7c:e8:89:36:7d:53:50:5a:44:
cd:e0:b0:f7:e3:e4:fe:71:de:c7:0d:88:77:c2:4a:48:c6:c3:
41:6d:b5:70:36:ea:23:1c:6e:17:ea:06:90:9e:10:4a:17:44:
7b:f1:60:81:b4:e9:e5:fa:98:e9:97:17:5e:f9:c1:70:ec:24:
02:a1:21:f4:50:4a:7c:31:9c:09:71:96:a8:2d:b6:c7:e7:a1:
cd:f3:41:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x/CZpRlhM4YXmcvvruIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTkwMzc5YmQ4ZDA0Mzc0YjNhZGVmMDYwZDUxYWUyMTU3
MTA5MzUwHhcNMjUxMDIwMDQwMTU3WhcNMjUxMDIxMDQwMTU3WjAzMTEwLwYDVQQD
EygwZDkzYjJiODk5MjZmMTI4YzhmNTYxM2Y4MjYyMzY5N2JiZjMyMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtdLp0B12U9+K7+38KHyVc40zf3U
pmzTi3ap0+4Em6ESwDMaA2lbFUyECfeJFQAOwlx0rrqNWglj9Nrc6HXi62a2VP0P
DheFX3HXlsoUDwTFesI2sXefmbDLUzN3OBV4stPZW5y0WHtaQKxZFcjwmEQlXil3
a3LFkAQCQ5TdxaSZ/OT/Q9fQkTqbZvdTvv8vH6PFsOfxZWkr1otf8Iv0jMdQlvqx
gX1urXRAHvAFDuSDfiT7h/IjCw+ANA1HnHiFG8lS0G/LVg1OX76i9SyTx3e2IW3t
ZoQ52MPo7tzdyO2kL7LD7JEwTgGR3x9ZqzyAS3Ja8KbRKM3vtgPv7tjRcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2TsriZJvEoyPVhP4JiNpe78yL1MB8GA1UdIwQY
MBaAFEzpA3m9jQQ3Szre8GDVGuIVcQk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYt
ODIwMGI4NjYwM2IxLzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYtODIwMGI4NjYwM2Ix
LzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdkjIsA15
8cSpPhEIazyEZnmevZsA42ARSCQW0UOlULY9Vip456nvYtCgG8qcIQUNRGSVmOyO
IC9JAkf2klczessGQvGkIadD8EkR3gjyNG9lSMdMALJF5lh9Z0W+YU6LFVf/kgDt
Ah+pA7tx62FG6b0JH36YxUeVPFyghdQ2xuuYB+2NFgq9Evv9ZtZiwIZibEMGMCY9
ND4wwLfMlX+RieLWrUnY7An2m8jBfOiJNn1TUFpEzeCw9+Pk/nHexw2Id8JKSMbD
QW21cDbqIxxuF+oGkJ4QShdEe/FggbTp5fqY6ZcXXvnBcOwkAqEh9FBKfDGcCXGW
qC22x+ehzfNBFw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:43:22 2025 by rpki-client