Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a1a2a5-38e0-458f-8600-377493ce5877/1/LQcZ69mnslPhSyXN7EzdFUoRHjA.mft
File: LQcZ69mnslPhSyXN7EzdFUoRHjA.mft (raw, json)
Hash identifier: 5dlMnslDmDkdqXnjk/h0jdJrnXLhwBWk9oL7bt710wk=
Subject key identifier: D0:4A:9A:23:4F:F2:47:9A:91:CF:36:3A:A5:49:85:F6:72:22:90:7D
Authority key identifier: 2D:07:19:EB:D9:A7:B2:53:E1:4B:25:CD:EC:4C:DD:15:4A:11:1E:30
Certificate issuer: /CN=2d0719ebd9a7b253e14b25cdec4cdd154a111e30
Certificate serial: 019A7149DB202E22EF06B68E399B336BC236
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LQcZ69mnslPhSyXN7EzdFUoRHjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a1a2a5-38e0-458f-8600-377493ce5877/1/LQcZ69mnslPhSyXN7EzdFUoRHjA.mft
Manifest number: 03A2
Signing time: Tue 11 Nov 2025 05:00:56 +0000
Manifest this update: Tue 11 Nov 2025 05:00:56 +0000
Manifest next update: Wed 12 Nov 2025 05:00:56 +0000
Files and hashes: 1: 3RDyrZvZCaLxq028Ow5HCrsQefI.roa (hash: NXFuVuevT7dKqj3U3xabeRYu8pGJV55BCTjMmY4c/fY=)
2: LQcZ69mnslPhSyXN7EzdFUoRHjA.crl (hash: ovBrFA87Nu4aweA9MIXq+vms9poBaWtmn38vX+gs2zA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a1a2a5-38e0-458f-8600-377493ce5877/1/LQcZ69mnslPhSyXN7EzdFUoRHjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/a1a2a5-38e0-458f-8600-377493ce5877/1/LQcZ69mnslPhSyXN7EzdFUoRHjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/LQcZ69mnslPhSyXN7EzdFUoRHjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:db:20:2e:22:ef:06:b6:8e:39:9b:33:6b:c2:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d0719ebd9a7b253e14b25cdec4cdd154a111e30
Validity
Not Before: Nov 11 05:00:56 2025 GMT
Not After : Nov 12 05:00:56 2025 GMT
Subject: CN=d04a9a234ff2479a91cf363aa54985f67222907d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:72:d0:76:e3:4e:35:43:d0:f4:80:f1:0b:
fb:97:6b:09:69:26:4c:26:75:3a:f7:67:4f:1c:36:
8a:ec:68:40:1e:ff:5c:56:17:f9:f9:5b:7d:dc:c7:
4f:65:77:48:bf:11:08:75:53:02:79:05:ef:b2:73:
ab:81:39:67:4f:77:6a:ed:95:be:a0:5e:f6:f3:6d:
0f:5d:b4:b5:c8:12:89:52:d8:44:58:66:b6:8f:40:
36:46:3f:36:5d:20:91:a8:39:8b:b9:82:f6:74:bb:
c6:20:c7:b5:4b:6d:98:54:7a:00:bb:d9:f3:7d:08:
f3:d4:9a:18:1d:74:88:69:53:7f:86:07:41:57:85:
df:88:6f:d1:5d:de:b0:c4:55:dd:ac:7b:5e:57:04:
cc:a6:17:eb:08:1a:34:28:db:7f:b2:c1:ff:3e:e3:
59:de:db:fb:d9:8c:f3:8c:0f:91:8b:57:d7:8c:f3:
b1:86:b9:a0:fd:cf:f1:ad:a8:2b:db:3f:a5:96:66:
5f:35:6f:cf:ff:56:a8:58:7d:82:c3:b2:94:ab:96:
93:bb:0b:35:67:a9:e5:88:d1:b2:4e:78:ee:5d:ed:
c9:74:60:ee:6e:38:9e:11:87:e9:11:4e:b6:15:3f:
60:94:9e:fe:f3:0c:bf:b8:9b:c4:2e:d9:4d:46:6a:
59:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4A:9A:23:4F:F2:47:9A:91:CF:36:3A:A5:49:85:F6:72:22:90:7D
X509v3 Authority Key Identifier:
keyid:2D:07:19:EB:D9:A7:B2:53:E1:4B:25:CD:EC:4C:DD:15:4A:11:1E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LQcZ69mnslPhSyXN7EzdFUoRHjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a1a2a5-38e0-458f-8600-377493ce5877/1/LQcZ69mnslPhSyXN7EzdFUoRHjA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a1a2a5-38e0-458f-8600-377493ce5877/1/LQcZ69mnslPhSyXN7EzdFUoRHjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:07:97:6c:6b:82:9a:e1:c5:7b:c0:3b:e2:c9:8c:27:29:ea:
d4:f1:88:61:75:09:75:b9:ef:b5:48:5f:39:89:0d:c4:a5:eb:
3b:33:84:b7:2a:f3:84:5f:68:45:e1:a6:cb:26:67:e8:ea:bf:
52:c3:bc:9a:83:69:07:0f:ff:6a:1a:f3:c7:e0:8e:c4:cc:4c:
fa:c7:86:de:ba:ff:7f:19:84:0d:6d:ed:e5:61:77:3a:06:d1:
0a:93:10:b3:a6:0d:3f:fa:7d:7c:19:2b:ad:a5:d7:4a:81:14:
d9:8e:ea:59:69:4f:4a:25:ff:a2:10:69:38:88:67:48:3f:12:
6e:da:d5:c0:e3:62:ad:f1:57:a8:d6:91:c5:ac:28:03:0b:47:
c2:fa:46:1f:86:8c:96:0f:02:5d:ee:2d:aa:fe:3e:b5:23:53:
2c:86:c9:d2:d4:82:5c:13:e1:2c:43:b6:52:63:29:09:2b:34:
ed:e0:47:72:1b:87:a8:ed:3d:61:c3:f7:9a:a8:76:e6:5a:d1:
23:fc:f5:0c:5d:44:ae:5f:b2:cc:cd:e0:e6:17:bc:9c:39:3a:
5d:c5:18:ca:53:f1:9c:d1:02:a5:a9:dc:25:17:c1:7c:60:1d:
38:0a:48:01:d3:e5:a8:31:69:db:00:8a:75:4e:44:1d:34:4e:
44:d0:0c:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdsgLiLvBraOOZsza8I2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMDcxOWViZDlhN2IyNTNlMTRiMjVjZGVjNGNkZDE1NGEx
MTFlMzAwHhcNMjUxMTExMDUwMDU2WhcNMjUxMTEyMDUwMDU2WjAzMTEwLwYDVQQD
EyhkMDRhOWEyMzRmZjI0NzlhOTFjZjM2M2FhNTQ5ODVmNjcyMjI5MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFxy0HbjTjVD0PSA8Qv7l2sJaSZM
JnU692dPHDaK7GhAHv9cVhf5+Vt93MdPZXdIvxEIdVMCeQXvsnOrgTlnT3dq7ZW+
oF72820PXbS1yBKJUthEWGa2j0A2Rj82XSCRqDmLuYL2dLvGIMe1S22YVHoAu9nz
fQjz1JoYHXSIaVN/hgdBV4XfiG/RXd6wxFXdrHteVwTMphfrCBo0KNt/ssH/PuNZ
3tv72YzzjA+Ri1fXjPOxhrmg/c/xragr2z+llmZfNW/P/1aoWH2Cw7KUq5aTuws1
Z6nliNGyTnjuXe3JdGDubjieEYfpEU62FT9glJ7+8wy/uJvELtlNRmpZvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBKmiNP8keakc82OqVJhfZyIpB9MB8GA1UdIwQY
MBaAFC0HGevZp7JT4UslzexM3RVKER4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFFjWjY5bW5zbFBoU3lYTjdFemRGVW9SSGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMWEyYTUtMzhlMC00NThmLTg2MDAt
Mzc3NDkzY2U1ODc3LzEvTFFjWjY5bW5zbFBoU3lYTjdFemRGVW9SSGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMWEyYTUtMzhlMC00NThmLTg2MDAtMzc3NDkzY2U1ODc3
LzEvTFFjWjY5bW5zbFBoU3lYTjdFemRGVW9SSGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmweXbGuC
muHFe8A74smMJynq1PGIYXUJdbnvtUhfOYkNxKXrOzOEtyrzhF9oReGmyyZn6Oq/
UsO8moNpBw//ahrzx+COxMxM+seG3rr/fxmEDW3t5WF3OgbRCpMQs6YNP/p9fBkr
raXXSoEU2Y7qWWlPSiX/ohBpOIhnSD8SbtrVwONirfFXqNaRxawoAwtHwvpGH4aM
lg8CXe4tqv4+tSNTLIbJ0tSCXBPhLEO2UmMpCSs07eBHchuHqO09YcP3mqh25lrR
I/z1DF1Erl+yzM3g5he8nDk6XcUYylPxnNECpancJRfBfGAdOApIAdPlqDFp2wCK
dU5EHTRORNAMuQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:16 2025 by rpki-client