Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
File: TSPi7bMh4ailzp7j4tlapA8N6KA.mft (raw, json)
Hash identifier: E8dUGUqFuB2xrOVOMIcA7xVZBM0OiglDuryZlrtkQ9s=
Subject key identifier: 69:9E:8C:0D:3B:72:7F:2D:D3:B6:12:09:65:D8:1E:F5:61:1D:BB:A0
Authority key identifier: 4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0
Certificate issuer: /CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
Certificate serial: 0198D4A7E1E3CD51E0FE038AF1BEA26BF713
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
Manifest number: 0AFF
Signing time: Sat 23 Aug 2025 02:00:28 +0000
Manifest this update: Sat 23 Aug 2025 02:00:28 +0000
Manifest next update: Sun 24 Aug 2025 02:00:28 +0000
Files and hashes: 1: E8fqlMMExB61QIsEKMENcZNpWcs.roa (hash: BmnUAt4AevLzEKuzLNe+ibP+z5vcZguaEireBbRJdHM=)
2: TSPi7bMh4ailzp7j4tlapA8N6KA.crl (hash: vwrXqZktl7HUn/kxyv+FR+dAksak+2owyUz2GKYQhyw=)
3: gXlhbbxVLQVqCMGvhejieNdtoBY.roa (hash: 8u7C6SqKmEB/oIEa7cYGrPkrur0B3bFj0WV0Kh36+qQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:a7:e1:e3:cd:51:e0:fe:03:8a:f1:be:a2:6b:f7:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
Validity
Not Before: Aug 23 02:00:28 2025 GMT
Not After : Aug 24 02:00:28 2025 GMT
Subject: CN=699e8c0d3b727f2dd3b6120965d81ef5611dbba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:e9:e9:17:c8:d8:17:fa:96:90:01:ad:7c:
72:87:ed:a6:26:39:67:cf:8f:82:1e:67:a4:ea:84:
7c:3b:18:d4:23:7b:b9:9d:00:05:cc:62:f0:05:80:
15:18:5a:00:91:b7:a9:29:f9:84:60:26:da:e1:3f:
20:9b:91:e9:ed:96:8c:b8:1b:68:ec:cd:e0:72:c9:
66:19:f2:0e:e5:f2:58:72:dc:b3:36:0a:bd:b0:fa:
86:bc:89:00:9f:db:8a:c8:23:9a:93:e1:ba:ec:f5:
15:88:fa:08:32:aa:80:0f:6c:39:fc:6d:30:d0:cd:
b5:16:97:44:2e:1b:3e:b7:cb:9f:e7:66:8d:8e:fd:
b2:3c:00:e7:71:e9:4a:cc:d3:24:9c:70:3b:d9:b4:
fe:a1:58:da:21:5c:86:2c:44:a3:0a:ac:04:c3:f8:
12:94:a8:2e:b1:b9:2a:d3:dd:ec:01:f1:23:23:7f:
94:25:a2:fd:58:0f:9f:44:c7:4d:33:bc:5e:53:49:
0c:cc:60:1f:f0:07:70:6e:cd:d2:5e:a9:f9:7f:9c:
67:0f:a6:4a:22:55:d4:01:a3:82:60:b6:5a:6f:e0:
7c:af:e3:e8:f6:f8:31:39:00:c2:a6:42:fb:f2:8b:
73:59:51:66:31:99:86:40:38:34:a1:36:32:19:78:
5e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9E:8C:0D:3B:72:7F:2D:D3:B6:12:09:65:D8:1E:F5:61:1D:BB:A0
X509v3 Authority Key Identifier:
keyid:4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:4a:cb:41:1f:2a:1d:8f:b3:1c:d0:1d:07:c0:23:28:f1:bc:
ac:a1:76:b7:85:68:58:c3:7f:13:46:df:1f:0f:9f:1c:dd:12:
52:55:ba:98:fb:3f:b7:b8:8b:25:20:60:52:a2:73:e4:f7:93:
77:fb:2c:bb:05:f2:6c:ad:da:ff:4f:83:07:6f:b5:78:fd:e4:
ce:4d:a3:12:11:81:ff:ec:09:06:28:c1:71:6d:cb:75:4c:ee:
12:5d:8e:3b:17:dc:29:cb:3a:a4:35:ba:41:25:d4:7c:62:89:
03:6e:90:bf:3c:9e:c0:db:ee:4d:10:23:a9:59:7b:67:73:7b:
db:50:31:d0:62:81:0d:51:78:a3:8f:4a:21:5d:8b:f3:10:b8:
9f:cf:2c:68:bd:ff:07:62:dc:fc:d3:da:d7:ce:4b:bb:cf:26:
83:b1:68:be:fb:19:9d:b0:7a:68:3f:78:da:8a:09:5c:7a:cc:
15:64:b7:06:a2:32:1d:25:29:f6:e7:c5:49:b3:7d:19:18:19:
71:59:e7:6f:ca:fd:47:22:56:6b:c0:4e:b1:f0:e4:4e:a4:ed:
b3:9a:e9:20:70:fd:90:db:9b:4c:81:d6:be:6c:4c:09:fe:31:
64:59:d5:d2:d0:75:c5:0a:f6:b7:c1:ee:71:0b:0d:ea:82:ce:
3e:3d:67:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp+HjzVHg/gOK8b6ia/cTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjNlMmVkYjMyMWUxYThhNWNlOWVlM2UyZDk1YWE0MGYw
ZGU4YTAwHhcNMjUwODIzMDIwMDI4WhcNMjUwODI0MDIwMDI4WjAzMTEwLwYDVQQD
Eyg2OTllOGMwZDNiNzI3ZjJkZDNiNjEyMDk2NWQ4MWVmNTYxMWRiYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhHp6RfI2Bf6lpABrXxyh+2mJjln
z4+CHmek6oR8OxjUI3u5nQAFzGLwBYAVGFoAkbepKfmEYCba4T8gm5Hp7ZaMuBto
7M3gcslmGfIO5fJYctyzNgq9sPqGvIkAn9uKyCOak+G67PUViPoIMqqAD2w5/G0w
0M21FpdELhs+t8uf52aNjv2yPADncelKzNMknHA72bT+oVjaIVyGLESjCqwEw/gS
lKgusbkq093sAfEjI3+UJaL9WA+fRMdNM7xeU0kMzGAf8Adwbs3SXqn5f5xnD6ZK
IlXUAaOCYLZab+B8r+Po9vgxOQDCpkL78otzWVFmMZmGQDg0oTYyGXhe0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmejA07cn8t07YSCWXYHvVhHbugMB8GA1UdIwQY
MBaAFE0j4u2zIeGopc6e4+LZWqQPDeigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEt
NTM4NTA5ZjNhNzg5LzEvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEtNTM4NTA5ZjNhNzg5
LzEvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUrLQR8q
HY+zHNAdB8AjKPG8rKF2t4VoWMN/E0bfHw+fHN0SUlW6mPs/t7iLJSBgUqJz5PeT
d/ssuwXybK3a/0+DB2+1eP3kzk2jEhGB/+wJBijBcW3LdUzuEl2OOxfcKcs6pDW6
QSXUfGKJA26QvzyewNvuTRAjqVl7Z3N721Ax0GKBDVF4o49KIV2L8xC4n88saL3/
B2Lc/NPa185Lu88mg7FovvsZnbB6aD942ooJXHrMFWS3BqIyHSUp9ufFSbN9GRgZ
cVnnb8r9RyJWa8BOsfDkTqTts5rpIHD9kNubTIHWvmxMCf4xZFnV0tB1xQr2t8Hu
cQsN6oLOPj1n1A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:50:57 2025 by rpki-client