Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
File: tDpxymDXTkXSuXSKsQZlKf0BM34.mft (raw, json)
Hash identifier: FVRbkSAvFjoPD0I0HcgwVlW4imPNmDrnYKGw9TiWM2k=
Subject key identifier: B6:1A:40:82:F9:62:DB:83:66:06:FF:25:E2:16:26:69:79:F7:F9:37
Authority key identifier: B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
Certificate issuer: /CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Certificate serial: 0199FBEB0420AB5A67C918C381F4615F538D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
Manifest number: 16E2
Signing time: Sun 19 Oct 2025 10:01:47 +0000
Manifest this update: Sun 19 Oct 2025 10:01:47 +0000
Manifest next update: Mon 20 Oct 2025 10:01:47 +0000
Files and hashes: 1: M5_-d1GdbRA2RUGO5npOtRSNEB8.roa (hash: DYZ2j8UdvivRy1b6Q4G0ZdvY6U48+tpNnHP/gql8rCo=)
2: tDpxymDXTkXSuXSKsQZlKf0BM34.crl (hash: XzBsX8zW2AiiKi4E7alnvUNHuf5FObc8fBqzyUIAVXc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:04:20:ab:5a:67:c9:18:c3:81:f4:61:5f:53:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Validity
Not Before: Oct 19 10:01:47 2025 GMT
Not After : Oct 20 10:01:47 2025 GMT
Subject: CN=b61a4082f962db836606ff25e216266979f7f937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2a:5a:08:43:23:c2:43:80:c5:00:a7:19:6e:
cc:db:4f:a2:d4:9a:e4:d0:5d:98:5c:e3:f3:f1:47:
2d:5b:1e:45:6e:1c:24:f0:32:4e:bc:dd:ee:f8:90:
2f:44:04:d7:14:0b:e5:a8:6a:da:63:89:3c:26:a0:
f8:c9:fc:25:f8:60:e5:03:90:1e:06:f2:4a:d4:5b:
60:61:c8:b5:8a:d9:68:11:6b:c9:fa:b5:5c:24:3b:
93:26:7e:55:3b:2e:fd:07:76:8f:7c:af:8d:ea:6c:
d8:f5:5a:8c:52:19:1a:13:a7:31:a2:ed:32:0b:63:
7e:0d:9e:aa:7a:71:4d:b1:56:6d:57:1a:27:5f:29:
c1:ae:3b:99:2f:0b:23:00:36:b9:bf:13:a9:6e:6c:
ae:88:97:60:d2:90:04:81:2f:b0:d5:0c:6c:08:9f:
b2:bd:ef:96:ab:14:0c:56:25:16:09:fc:31:7a:68:
9e:00:64:53:66:60:3c:33:51:cd:ee:42:13:7f:2a:
c8:2d:46:b5:bc:19:1e:78:43:94:df:e9:dd:04:96:
f7:4b:7b:2c:39:e7:3d:7c:d4:97:15:60:42:ed:c4:
27:b9:64:98:70:96:76:25:ad:e0:a6:ff:87:d2:fd:
be:7b:d4:e9:ce:26:2c:df:1c:25:3a:1a:87:8f:86:
fd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:1A:40:82:F9:62:DB:83:66:06:FF:25:E2:16:26:69:79:F7:F9:37
X509v3 Authority Key Identifier:
keyid:B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:84:ec:5e:52:9c:e9:a8:5f:8f:2a:73:44:4f:de:b2:9d:0c:
1b:2e:ba:69:ef:be:9b:9b:1d:45:9b:7c:2f:c0:9f:5e:c6:4a:
b8:89:04:21:aa:e4:5e:28:45:14:3b:6c:d8:d4:11:61:e2:c1:
f6:5c:8d:a1:74:af:97:bd:f0:be:93:72:98:00:7b:ab:07:0e:
4b:90:b7:e1:9b:da:cc:79:55:b1:2d:6a:bf:d5:2b:7d:a7:0f:
3f:a1:2a:2b:97:44:56:7e:b5:53:cb:14:77:bd:d4:26:1f:38:
0f:8d:31:b3:77:4a:06:63:da:3b:09:cf:fd:c8:a8:f7:b0:c0:
af:c3:2c:42:c5:63:39:e3:85:26:76:ad:93:a4:03:1b:30:5e:
93:42:28:db:a5:e6:1e:58:ab:1b:46:56:a4:46:41:0e:d8:85:
a7:1a:a0:67:f9:33:2d:8b:6f:87:b6:c2:7b:46:dd:88:b5:d7:
56:15:1f:68:a7:0a:0f:23:b3:30:4f:fd:f3:a5:21:cb:48:2e:
55:18:b5:48:3e:21:b9:f7:69:17:a5:a8:4c:c3:67:a7:a0:2f:
29:8c:69:57:81:b3:a8:43:96:26:a1:c9:c3:a4:cc:fa:1c:5a:
8f:43:d8:f6:c9:c2:b0:f7:9b:f8:5b:e7:e6:24:45:3c:41:b8:
6d:42:68:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wQgq1pnyRjDgfRhX1ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2E3MWNhNjBkNzRlNDVkMmI5NzQ4YWIxMDY2NTI5ZmQw
MTMzN2UwHhcNMjUxMDE5MTAwMTQ3WhcNMjUxMDIwMTAwMTQ3WjAzMTEwLwYDVQQD
EyhiNjFhNDA4MmY5NjJkYjgzNjYwNmZmMjVlMjE2MjY2OTc5ZjdmOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSpaCEMjwkOAxQCnGW7M20+i1Jrk
0F2YXOPz8UctWx5Fbhwk8DJOvN3u+JAvRATXFAvlqGraY4k8JqD4yfwl+GDlA5Ae
BvJK1FtgYci1itloEWvJ+rVcJDuTJn5VOy79B3aPfK+N6mzY9VqMUhkaE6cxou0y
C2N+DZ6qenFNsVZtVxonXynBrjuZLwsjADa5vxOpbmyuiJdg0pAEgS+w1QxsCJ+y
ve+WqxQMViUWCfwxemieAGRTZmA8M1HN7kITfyrILUa1vBkeeEOU3+ndBJb3S3ss
Oec9fNSXFWBC7cQnuWSYcJZ2Ja3gpv+H0v2+e9TpziYs3xwlOhqHj4b9RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYaQIL5YtuDZgb/JeIWJml59/k3MB8GA1UdIwQY
MBaAFLQ6ccpg105F0rl0irEGZSn9ATN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEt
Nzk4YWM0OTI4ZWQ2LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEtNzk4YWM0OTI4ZWQ2
LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhYTsXlKc
6ahfjypzRE/esp0MGy66ae++m5sdRZt8L8CfXsZKuIkEIarkXihFFDts2NQRYeLB
9lyNoXSvl73wvpNymAB7qwcOS5C34ZvazHlVsS1qv9UrfacPP6EqK5dEVn61U8sU
d73UJh84D40xs3dKBmPaOwnP/cio97DAr8MsQsVjOeOFJnatk6QDGzBek0Io26Xm
HlirG0ZWpEZBDtiFpxqgZ/kzLYtvh7bCe0bdiLXXVhUfaKcKDyOzME/986Uhy0gu
VRi1SD4hufdpF6WoTMNnp6AvKYxpV4GzqEOWJqHJw6TM+hxaj0PY9snCsPeb+Fvn
5iRFPEG4bUJovA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:10:56 2025 by rpki-client