
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier: 3NdV27mpssRux2dW2iDf1qr4D+xLgKS75BTy8/oK4+k=
Subject key identifier: 10:73:E9:72:A8:8E:B5:5E:3D:05:15:C4:D7:62:4C:DB:A0:32:B6:27
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial: 0199FAD81687B23C531CE2BACD21741016BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number: 0412
Signing time: Sun 19 Oct 2025 05:01:29 +0000
Manifest this update: Sun 19 Oct 2025 05:01:29 +0000
Manifest next update: Mon 20 Oct 2025 05:01:29 +0000
Files and hashes: 1: kdQZ4QS0sUqXnywKZ8M79hUmfTA.roa (hash: xGG3G4XfdVhcDuFzw8EOPzLUi5vn/b3D8pkyEY9PSkc=)
2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: qJsMfsxMNUwxhLfe4GLskw5KuDXam0XkO6G1yOxaiXE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:d8:16:87:b2:3c:53:1c:e2:ba:cd:21:74:10:16:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Validity
Not Before: Oct 19 05:01:29 2025 GMT
Not After : Oct 20 05:01:29 2025 GMT
Subject: CN=1073e972a88eb55e3d0515c4d7624cdba032b627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:87:6d:16:07:72:2a:ec:30:02:ab:87:c9:16:
b5:35:af:be:3a:50:06:4c:50:3a:e6:02:94:5f:da:
e5:c0:29:1c:53:8c:99:cb:2e:ef:b0:b6:70:0c:1d:
0e:d2:bf:d1:4a:43:fe:2f:f8:a6:09:58:af:0a:45:
a3:ce:1b:3f:31:e1:51:e6:4b:de:b5:45:13:c5:af:
ab:ef:43:f4:10:e6:86:b3:eb:e5:3b:e9:b2:15:70:
6f:39:64:23:d2:eb:a4:6b:ee:19:f4:46:ea:c8:7e:
02:8d:b9:c5:4f:e2:5b:59:54:00:38:db:61:f9:42:
90:36:95:2b:6c:67:4d:46:32:b2:10:0f:66:2e:2b:
c7:bc:69:3b:f0:cb:f6:58:22:66:29:b6:7e:37:e4:
03:9e:b9:e6:e0:77:18:52:c7:d0:7b:8d:1c:94:31:
6c:1c:e8:76:21:77:44:29:6d:42:c7:74:86:b7:22:
05:9e:3e:58:29:1a:8a:91:b1:41:4d:f8:14:8d:4f:
18:ce:f5:55:84:e6:fb:8b:dc:c2:df:00:57:f8:97:
70:9a:92:2f:7b:71:78:a7:8a:e7:5b:86:e7:85:65:
72:a7:e9:da:e1:82:60:e7:e3:d5:5d:60:45:77:83:
6b:49:eb:c5:98:99:32:2d:7e:90:70:30:e2:85:30:
68:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:73:E9:72:A8:8E:B5:5E:3D:05:15:C4:D7:62:4C:DB:A0:32:B6:27
X509v3 Authority Key Identifier:
keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:66:61:42:fe:79:74:af:1e:ad:92:7a:85:86:5f:bd:63:33:
95:28:0a:51:d9:8a:da:7b:49:b5:7d:05:ef:ed:31:b8:8e:16:
fa:9e:5e:05:f5:e1:32:c2:78:2f:5b:93:f3:b8:e5:01:47:96:
68:80:83:56:7e:22:91:e2:35:38:d4:7b:dc:de:e3:18:ea:72:
fd:ee:2c:4f:55:87:70:57:33:85:0c:79:a4:75:a8:08:11:c8:
21:14:f7:3b:e4:01:a2:d7:4d:6f:4a:8a:11:cf:31:ce:c6:2e:
d8:e3:f9:51:f9:b3:53:1a:fe:3e:14:72:47:20:6f:71:fe:09:
bf:b8:99:72:44:d2:f5:86:81:67:e3:8d:54:1f:5b:b9:9d:92:
17:00:87:3e:36:db:a1:aa:1c:b0:7c:0b:3a:b7:68:6a:5b:37:
d1:99:9c:27:bd:a5:44:52:96:ab:63:92:ee:78:3f:c7:f4:1c:
9b:62:30:59:cd:2d:97:d8:58:e9:e2:de:88:cc:b5:1b:27:66:
fa:2a:25:a8:f9:94:a5:81:d2:f3:ad:68:2e:f6:ea:e6:ae:b8:
2b:45:3d:c0:13:6f:70:50:09:b8:b5:d2:ff:f8:51:25:bf:df:
12:4a:aa:d4:61:d3:3d:92:3b:de:32:40:6f:84:3b:cc:7f:16:
9b:ce:a9:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62BaHsjxTHOK6zSF0EBa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjUxMDE5MDUwMTI5WhcNMjUxMDIwMDUwMTI5WjAzMTEwLwYDVQQD
EygxMDczZTk3MmE4OGViNTVlM2QwNTE1YzRkNzYyNGNkYmEwMzJiNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4dtFgdyKuwwAquHyRa1Na++OlAG
TFA65gKUX9rlwCkcU4yZyy7vsLZwDB0O0r/RSkP+L/imCVivCkWjzhs/MeFR5kve
tUUTxa+r70P0EOaGs+vlO+myFXBvOWQj0uuka+4Z9EbqyH4CjbnFT+JbWVQAONth
+UKQNpUrbGdNRjKyEA9mLivHvGk78Mv2WCJmKbZ+N+QDnrnm4HcYUsfQe40clDFs
HOh2IXdEKW1Cx3SGtyIFnj5YKRqKkbFBTfgUjU8YzvVVhOb7i9zC3wBX+JdwmpIv
e3F4p4rnW4bnhWVyp+na4YJg5+PVXWBFd4NrSevFmJkyLX6QcDDihTBo0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBz6XKojrVePQUVxNdiTNugMrYnMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL2ZhQv55
dK8erZJ6hYZfvWMzlSgKUdmK2ntJtX0F7+0xuI4W+p5eBfXhMsJ4L1uT87jlAUeW
aICDVn4ikeI1ONR73N7jGOpy/e4sT1WHcFczhQx5pHWoCBHIIRT3O+QBotdNb0qK
Ec8xzsYu2OP5UfmzUxr+PhRyRyBvcf4Jv7iZckTS9YaBZ+ONVB9buZ2SFwCHPjbb
oaocsHwLOrdoals30ZmcJ72lRFKWq2OS7ng/x/Qcm2IwWc0tl9hY6eLeiMy1Gydm
+iolqPmUpYHS861oLvbq5q64K0U9wBNvcFAJuLXS//hRJb/fEkqq1GHTPZI73jJA
b4Q7zH8Wm86p7g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:15:12 2025 by rpki-client