Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
File: TyKDTEeXR7CovQphKfn-ZfgwJtA.mft (raw, json)
Hash identifier: FKu6P6wWUIs7iMUau+camr80YEVWVTBCWP8yZwNkAMQ=
Subject key identifier: 62:83:87:03:49:84:84:11:48:9E:05:26:7F:3B:29:64:C8:91:E2:64
Authority key identifier: 4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0
Certificate issuer: /CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0
Certificate serial: 0198D84FBA103CA9724422EF7AAEE9920059
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
Manifest number: 0436
Signing time: Sat 23 Aug 2025 19:02:40 +0000
Manifest this update: Sat 23 Aug 2025 19:02:40 +0000
Manifest next update: Sun 24 Aug 2025 19:02:40 +0000
Files and hashes: 1: 5_qRdcU_zBI67bUjjCeGmUT4bso.roa (hash: S33Bj4i6cQIjVG+I+Gmo76E+1aI2U06ldTXtc0u4sXQ=)
2: TyKDTEeXR7CovQphKfn-ZfgwJtA.crl (hash: ulvDbx6mJPyunnlMbEyARXv9STaxYajTYfJSUkrQJDc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d8:4f:ba:10:3c:a9:72:44:22:ef:7a:ae:e9:92:00:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0
Validity
Not Before: Aug 23 19:02:40 2025 GMT
Not After : Aug 24 19:02:40 2025 GMT
Subject: CN=6283870349848411489e05267f3b2964c891e264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:16:1f:d4:33:4e:be:76:19:4a:bf:c1:34:9a:
0e:ff:a4:74:5d:de:b7:52:2a:ba:e4:71:23:9e:34:
d0:07:ad:14:77:fc:3c:f8:e9:8b:17:24:74:c2:22:
38:5d:f4:5f:4a:77:7a:ae:2c:ed:f0:3f:2e:bf:ef:
8d:af:33:5a:2d:91:9b:2e:30:f6:56:94:aa:8c:fb:
8f:5d:26:15:da:43:d7:2d:7c:89:29:9a:2c:a4:65:
cb:8c:bd:8c:d5:c0:e0:f5:89:1e:1c:2c:2b:f0:fc:
b8:a8:28:a7:6f:8e:af:a9:ce:04:68:88:d5:c1:13:
4e:5b:a9:54:50:e8:78:9f:6c:45:c2:b9:28:df:bb:
9e:95:12:d2:8f:64:a4:bd:cf:ca:cb:bf:48:ca:73:
4d:d0:19:ac:31:37:f7:c8:24:89:16:e4:09:23:0b:
e2:f2:04:b8:50:7a:fe:4e:85:8c:89:fd:3d:81:25:
78:11:12:de:19:11:9a:a1:49:e0:0f:78:ee:53:00:
8a:4f:68:1e:f7:3a:f6:32:3e:79:d3:94:f0:69:ec:
09:08:65:de:ec:f4:cb:32:e7:01:17:46:b7:e8:af:
3e:7a:46:7b:1d:f2:e3:b2:24:15:93:96:22:c0:2c:
60:57:15:46:c3:bf:8c:a6:2c:aa:a5:4e:5e:04:a0:
27:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:83:87:03:49:84:84:11:48:9E:05:26:7F:3B:29:64:C8:91:E2:64
X509v3 Authority Key Identifier:
keyid:4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:c0:24:6f:1f:ec:ab:84:09:d7:4d:69:08:19:16:5d:64:a0:
d0:92:50:3e:65:62:b3:08:72:3c:39:d9:a3:ce:71:8b:68:69:
03:eb:7a:c1:02:2d:df:c1:6d:75:8f:0d:fb:5a:d5:57:b5:16:
f1:d4:e3:22:53:bb:23:2d:f1:87:6d:a9:78:74:09:4c:35:74:
4f:a8:0e:a9:d8:a6:07:39:23:4d:b4:7a:b0:49:b2:c9:17:69:
77:79:6b:b9:4d:ed:8f:a0:eb:0e:d5:57:a3:78:e1:42:49:2a:
8b:41:51:a3:73:6a:4e:a4:0a:08:1d:50:b9:d2:c4:1d:1e:bd:
39:52:ec:e8:52:28:14:85:7f:8d:74:7c:62:82:2f:b3:fd:29:
57:0e:f3:8d:9a:0f:94:fe:ec:4c:24:9b:7e:70:70:78:0b:83:
43:d3:0d:03:af:22:90:ff:31:df:9e:5b:4a:1b:ec:3c:e2:68:
49:82:92:b2:c3:f3:01:da:a8:eb:cd:21:81:62:e2:00:44:8d:
e6:5a:61:42:e5:f9:8d:e4:9e:10:54:0b:7f:cb:04:ce:0d:59:
06:55:5d:05:a0:20:aa:a6:20:bb:86:f8:f4:be:fb:cb:25:e3:
ed:49:ba:b3:75:1e:e9:11:d2:34:76:24:38:bf:3b:8d:20:0b:
b0:63:3d:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYT7oQPKlyRCLveq7pkgBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjI4MzRjNDc5NzQ3YjBhOGJkMGE2MTI5ZjlmZTY1Zjgz
MDI2ZDAwHhcNMjUwODIzMTkwMjQwWhcNMjUwODI0MTkwMjQwWjAzMTEwLwYDVQQD
Eyg2MjgzODcwMzQ5ODQ4NDExNDg5ZTA1MjY3ZjNiMjk2NGM4OTFlMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBYf1DNOvnYZSr/BNJoO/6R0Xd63
Uiq65HEjnjTQB60Ud/w8+OmLFyR0wiI4XfRfSnd6rizt8D8uv++NrzNaLZGbLjD2
VpSqjPuPXSYV2kPXLXyJKZospGXLjL2M1cDg9YkeHCwr8Py4qCinb46vqc4EaIjV
wRNOW6lUUOh4n2xFwrko37uelRLSj2Skvc/Ky79IynNN0BmsMTf3yCSJFuQJIwvi
8gS4UHr+ToWMif09gSV4ERLeGRGaoUngD3juUwCKT2ge9zr2Mj5505TwaewJCGXe
7PTLMucBF0a36K8+ekZ7HfLjsiQVk5YiwCxgVxVGw7+MpiyqpU5eBKAnVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGKDhwNJhIQRSJ4FJn87KWTIkeJkMB8GA1UdIwQY
MBaAFE8ig0xHl0ewqL0KYSn5/mX4MCbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMt
N2JmNzI0MDU2MTUzLzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMtN2JmNzI0MDU2MTUz
LzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXMAkbx/s
q4QJ101pCBkWXWSg0JJQPmViswhyPDnZo85xi2hpA+t6wQIt38FtdY8N+1rVV7UW
8dTjIlO7Iy3xh22peHQJTDV0T6gOqdimBzkjTbR6sEmyyRdpd3lruU3tj6DrDtVX
o3jhQkkqi0FRo3NqTqQKCB1QudLEHR69OVLs6FIoFIV/jXR8YoIvs/0pVw7zjZoP
lP7sTCSbfnBweAuDQ9MNA68ikP8x355bShvsPOJoSYKSssPzAdqo680hgWLiAESN
5lphQuX5jeSeEFQLf8sEzg1ZBlVdBaAgqqYgu4b49L77yyXj7Um6s3Ue6RHSNHYk
OL87jSALsGM9UA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:16:57 2025 by rpki-client