Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
File: tK4oip3bDvUKKUs8rpY-FHycfck.mft (raw, json)
Hash identifier: 68QgxD77wH1JwK+WYXFfN4+KTCmSaeAWFqYM/IDOQUs=
Subject key identifier: D2:BF:21:32:C8:A5:F9:8D:41:1C:AF:D3:7C:50:B7:C5:19:A0:CA:E3
Authority key identifier: B4:AE:28:8A:9D:DB:0E:F5:0A:29:4B:3C:AE:96:3E:14:7C:9C:7D:C9
Certificate issuer: /CN=b4ae288a9ddb0ef50a294b3cae963e147c9c7dc9
Certificate serial: 019A00DA7F6539CC08E5AAAA01DCC671DC5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
Manifest number: 16E3
Signing time: Mon 20 Oct 2025 09:01:50 +0000
Manifest this update: Mon 20 Oct 2025 09:01:50 +0000
Manifest next update: Tue 21 Oct 2025 09:01:50 +0000
Files and hashes: 1: tK4oip3bDvUKKUs8rpY-FHycfck.crl (hash: aKLZLTy+fP16OqmwSmFrP5fvO/Gr7WAvXclSVgBs/tY=)
2: u16TB_X_VEL7--qGdSVXn8Zs3wY.roa (hash: m8sRTErDjjsLnDtgYn9w7y6plArnvxsTKmxxZwh54Fs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:da:7f:65:39:cc:08:e5:aa:aa:01:dc:c6:71:dc:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ae288a9ddb0ef50a294b3cae963e147c9c7dc9
Validity
Not Before: Oct 20 09:01:50 2025 GMT
Not After : Oct 21 09:01:50 2025 GMT
Subject: CN=d2bf2132c8a5f98d411cafd37c50b7c519a0cae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:50:d6:fc:39:63:e7:c1:dd:7a:9e:38:6d:68:
c7:d0:82:e9:39:62:77:8a:fb:38:e9:c4:16:97:cd:
12:21:e5:33:e1:7f:ae:bd:09:78:95:a9:37:6e:4c:
98:8b:2c:2f:2f:84:73:d1:d6:b7:6a:b1:b1:84:3c:
20:f1:71:9e:95:0e:a6:99:b5:f4:a5:c2:e5:2c:32:
bf:71:d9:b1:50:1b:c1:2b:81:d0:a6:ab:0f:ce:5e:
5d:2b:4b:b3:b3:1b:65:bd:c4:38:1c:a3:04:ba:db:
d4:93:e9:f0:99:59:3a:e8:3a:b4:48:9f:81:e5:f5:
da:49:75:8d:42:9d:53:c9:94:5a:04:35:eb:3c:74:
1e:a5:39:60:c2:1f:c7:46:f3:8c:5f:a8:9f:73:91:
5a:19:a3:d8:ac:dd:da:a5:94:32:9a:24:fa:ad:3c:
e5:e2:e1:60:0f:85:36:0f:6e:7a:d6:a5:94:b4:2c:
55:1f:92:05:76:f0:0f:46:7b:65:3f:01:79:01:e5:
12:6d:e5:34:25:cb:99:b8:71:65:63:cc:4b:78:91:
4a:50:68:e5:8d:f9:3a:10:1f:37:e3:c0:42:26:44:
c0:db:2e:b1:5e:d4:92:06:59:6d:db:d4:29:0e:ba:
8f:f4:12:dd:34:58:1f:d2:c6:e8:3a:1e:ec:6f:a1:
c2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BF:21:32:C8:A5:F9:8D:41:1C:AF:D3:7C:50:B7:C5:19:A0:CA:E3
X509v3 Authority Key Identifier:
keyid:B4:AE:28:8A:9D:DB:0E:F5:0A:29:4B:3C:AE:96:3E:14:7C:9C:7D:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d4:7a:af:f4:ae:e7:43:39:10:23:93:f8:a5:41:45:3d:0c:e3:
b2:32:37:e6:e8:d0:e7:78:7d:0c:e0:97:9b:04:2d:41:55:8c:
af:32:c9:fd:b9:f4:8e:33:e5:d3:3d:36:3a:aa:06:bc:a5:64:
e5:27:e8:05:76:e2:6f:b3:1b:a5:f2:94:5f:63:1a:fd:fa:aa:
55:50:7e:c2:27:d7:11:8e:22:7f:f5:49:a9:89:31:cc:b9:ca:
75:fb:c7:e1:7b:54:4c:c1:06:ab:35:dc:d2:20:9a:b3:cc:6c:
4e:c7:11:a0:4d:d0:d0:64:94:6f:ee:6e:c2:e7:02:9b:bf:d1:
ef:e1:0b:29:0b:5c:5c:44:76:a9:8c:f6:40:e7:92:7a:b3:1a:
07:0c:f1:b4:01:09:b6:09:17:5b:ee:50:73:aa:89:a3:d0:56:
c1:22:18:41:dc:51:43:f0:a0:29:88:88:a8:5e:33:ab:a6:51:
91:ed:61:32:21:c4:f1:05:92:d4:e2:76:ee:b6:65:db:3e:f2:
0f:d8:92:90:4f:99:ae:43:8b:ad:21:48:69:b3:28:b3:7f:2f:
38:60:16:1d:50:27:d7:f7:04:31:ac:f5:6d:86:4c:bd:74:e4:
40:74:ed:22:50:36:c9:26:0a:fb:f4:bb:5d:26:5d:59:1a:68:
7b:a2:f4:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2n9lOcwI5aqqAdzGcdxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YWUyODhhOWRkYjBlZjUwYTI5NGIzY2FlOTYzZTE0N2M5
YzdkYzkwHhcNMjUxMDIwMDkwMTUwWhcNMjUxMDIxMDkwMTUwWjAzMTEwLwYDVQQD
EyhkMmJmMjEzMmM4YTVmOThkNDExY2FmZDM3YzUwYjdjNTE5YTBjYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVDW/Dlj58Hdep44bWjH0ILpOWJ3
ivs46cQWl80SIeUz4X+uvQl4lak3bkyYiywvL4Rz0da3arGxhDwg8XGelQ6mmbX0
pcLlLDK/cdmxUBvBK4HQpqsPzl5dK0uzsxtlvcQ4HKMEutvUk+nwmVk66Dq0SJ+B
5fXaSXWNQp1TyZRaBDXrPHQepTlgwh/HRvOMX6ifc5FaGaPYrN3apZQymiT6rTzl
4uFgD4U2D2561qWUtCxVH5IFdvAPRntlPwF5AeUSbeU0JcuZuHFlY8xLeJFKUGjl
jfk6EB8348BCJkTA2y6xXtSSBllt29QpDrqP9BLdNFgf0sboOh7sb6HCaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNK/ITLIpfmNQRyv03xQt8UZoMrjMB8GA1UdIwQY
MBaAFLSuKIqd2w71CilLPK6WPhR8nH3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80NTdmMmQtMDEzNy00ZDYxLTg1MDAt
MzAwNDI2Y2UzMmUyLzEvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80NTdmMmQtMDEzNy00ZDYxLTg1MDAtMzAwNDI2Y2UzMmUy
LzEvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1Hqv9K7n
QzkQI5P4pUFFPQzjsjI35ujQ53h9DOCXmwQtQVWMrzLJ/bn0jjPl0z02OqoGvKVk
5SfoBXbib7MbpfKUX2Ma/fqqVVB+wifXEY4if/VJqYkxzLnKdfvH4XtUTMEGqzXc
0iCas8xsTscRoE3Q0GSUb+5uwucCm7/R7+ELKQtcXER2qYz2QOeSerMaBwzxtAEJ
tgkXW+5Qc6qJo9BWwSIYQdxRQ/CgKYiIqF4zq6ZRke1hMiHE8QWS1OJ27rZl2z7y
D9iSkE+ZrkOLrSFIabMos38vOGAWHVAn1/cEMaz1bYZMvXTkQHTtIlA2ySYK+/S7
XSZdWRpoe6L0Hw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:42:42 2025 by rpki-client